r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3457
Expires: Fri, 09 Dec 2022 05:21:30 GMT
Date: Fri, 09 Dec 2022 04:23:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6971
Expires: Fri, 09 Dec 2022 06:20:04 GMT
Date: Fri, 09 Dec 2022 04:23:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 04:08:17 GMT
content-type: application/json
age: 936
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3108
Expires: Fri, 09 Dec 2022 05:15:41 GMT
Date: Fri, 09 Dec 2022 04:23:53 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: bo+ZCOLnYTqR+nXA99EvwsujI9k2NJ3TWPc+VTV6pUMsh46WNYnU3tEJ+XIFqrFV9ZuLvQ1XjAA=
x-amz-request-id: F9PA67H3V4XKGRFS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 03:50:06 GMT
age: 2027
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:53 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
special-battery.co.za/
41.185.8.111301 Moved Permanently 238 B IP 41.185.8.111:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 09dff18b836101351e54ce98bc09864e
eab7dedf77edd82de24ccd79e2659dca21a3e720
17a87da9fe855715bd885dbd24d1e3d095a93fbe4e5b61ba33867131f11c8b29
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Dec 2022 04:23:53 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 238
Location: https://special-battery.co.za/
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 04:07:59 GMT
age: 955
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5493
Cache-Control: max-age=108871
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:23:54 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:38:25 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.comodoca.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 59127edd7f75436099dcedafe7f98ea7
fbc4e5653cd07d2df1f1a8edadd7d4ba7b152313
560c04f61e2663c79dad3d3327f556484233c34cb98ce53e193bf22dc2f42567
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:23:54 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 20:46:47 GMT
Expires: Wed, 14 Dec 2022 20:46:46 GMT
Etag: "fbc4e5653cd07d2df1f1a8edadd7d4ba7b152313"
Cache-Control: max-age=585869,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776af7d4fa84b511-OSL
push.services.mozilla.com/
44.228.207.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.228.207.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Kt35AtWw1cSBmTBWSKZAsQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jJT5SYdcR5NTccD4mPaHwUmsQNY=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:23:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:23:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
special-battery.co.za/
41.185.8.111200 OK 40 kB IP 41.185.8.111:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65488)
Hash d94b2162b1b680b6727e1a4a4f8869cc
cbe4acefc4d729d50735d2cd7fb1944a51366f93
6fe937caf2754f3cb3c9b87e876fd16e676d1f54806b1b10158210abfcaed971
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40361
x-powered-by: PHP/7.4.33
vary: Accept-Encoding,Cookie,User-Agent
cache-control: max-age=3, must-revalidate, max-age=259200
expires: Mon, 12 Dec 2022 04:23:54 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:23:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:23:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-238805182-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-238805182-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash c99cdfc1c3a6a0ac2c165a49b4d34a06
648d539427f2e68af44815b9ff365bdc1ae9a4af
6648fe9319c62498a998880611da3d1d3ce58461598e3d12eff29b828f7cdec6
GET /gtag/js?id=UA-238805182-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 04:23:55 GMT
expires: Fri, 09 Dec 2022 04:23:55 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43634
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js?ver=23139749
41.185.8.111200 OK 3.1 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js?ver=23139749
IP 41.185.8.111:0
File type ASCII text, with very long lines (13218), with no line terminators
Hash ec24a24fec2dcd0cf449463838899deb
acfc3646c865e3818d6c276dd8991f0d1b8eec53
abed6ef94afe46756ad949953a6bdefeb035dac5b43867d7b45a0762029402f7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js?ver=23139749 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
content-length: 3093
last-modified: Tue, 15 Nov 2022 21:33:38 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-8YTWK56R51
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-8YTWK56R51
IP 142.250.74.168:0
File type ASCII text, with very long lines (22462)
Hash f7b033fbaa803ca6e8753b0fe571a76d
88d88099eb3bee7e2687a3c348735959584d9bdf
778c186388486277f8d8ede7c331ba1c63e787e01eb4df2f81c28c4ae7773580
GET /gtag/js?id=G-8YTWK56R51 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 04:23:55 GMT
expires: Fri, 09 Dec 2022 04:23:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76905
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/smartslider-backgroundanimation.min.js?ver=23139749
41.185.8.111200 OK 5.9 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/smartslider-backgroundanimation.min.js?ver=23139749
IP 41.185.8.111:0
File type ASCII text, with very long lines (27842), with no line terminators
Hash b04bec255cea1cd6b869b14b6a6cb013
67af5a5dce4a7f133a6c297ced315e1af959c64f
16efcefa7d74f6f423c33f6319b6bc36603b7eb6ee883bb4ea0d2853d97ae30e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/smartslider-backgroundanimation.min.js?ver=23139749 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
content-length: 5906
last-modified: Tue, 15 Nov 2022 21:33:38 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=23139749
41.185.8.111200 OK 12 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=23139749
IP 41.185.8.111:0
File type ASCII text, with very long lines (41234), with no line terminators
Hash 83d87f65d3e77a6788d87a140324223c
780e8b8f8c95c5ac06aab19531412ceeedce6e98
ed855166c9e9e5b84b9ae7f5cf7ca86e993fbbc2506d241b8044d940c0b71120
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=23139749 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
content-length: 12336
last-modified: Tue, 15 Nov 2022 21:33:39 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css?ver=23139749
41.185.8.111200 OK 4.1 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css?ver=23139749
IP 41.185.8.111:0
File type ASCII text, with very long lines (22153), with no line terminators
Hash 727efb1a6c72a795fc6a99077e0fdd2e
105b89e36792444c33d1e2ef7bacf2d9c17fa565
ecee938859d89811518e799838dc95b9aadb2a700b82e94aef82b4df61e470b9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css?ver=23139749 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
content-length: 4067
last-modified: Tue, 15 Nov 2022 21:33:39 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:23:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
special-battery.co.za/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=23139749
41.185.8.111200 OK 26 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=23139749
IP 41.185.8.111:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ccee8eedfd8fa89e50881eac44c7c919
1f92b06a9dc4bc16b904997a809e58371fd340a0
da7ee54edb5880714d48d262c9db96e38a348f897e37303505f2f87c91aa393c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=23139749 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
content-length: 26302
last-modified: Tue, 15 Nov 2022 21:33:39 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/uploads/elementor/thumbs/SBS-Logo-_-Preferred-1024x238-1-pqn42veyl14rd5rpjhx55f0whw3prnx4k7wmgbfg5y.png
41.185.8.111200 OK 4.6 kB URL HTTP/2 special-battery.co.za/wp-content/uploads/elementor/thumbs/SBS-Logo-_-Preferred-1024x238-1-pqn42veyl14rd5rpjhx55f0whw3prnx4k7wmgbfg5y.png
IP 41.185.8.111:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7bcf81b78d54fa0e0fc7a7e399ac9119
7c45be72ad621793e06aba246a7059d7fa7ff540
aaa72ebb18dcfdb0c29fb3ebcd83f7492379ed9cbc4b03cd9c555f39ce819fc1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/SBS-Logo-_-Preferred-1024x238-1-pqn42veyl14rd5rpjhx55f0whw3prnx4k7wmgbfg5y.png HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: image/webp
content-length: 4572
vary: Accept,User-Agent
last-modified: Fri, 26 Aug 2022 04:37:49 GMT
accept-ranges: bytes
cache-control: max-age=259200
expires: Mon, 12 Dec 2022 04:23:55 GMT
x-webp-express: Redirected directly to existing webp
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.1.1/assets/js/js-cookie/js.cookie.min.js
192.0.77.37200 OK 1.4 kB URL HTTP/2 c0.wp.com/p/woocommerce/7.1.1/assets/js/js-cookie/js.cookie.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (1668)
Hash 52f3c1ed91fec96bfe702f707e3d5d95
c4c2da3b75c73e38d618461dab6febfe89fe69fc
80a52f51566ec6af8aafad2ad452fca71d0c45f50e9d12502b2cdb325f062e5c
GET /p/woocommerce/7.1.1/assets/js/js-cookie/js.cookie.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Jan 2021 23:55:30 GMT
content-encoding: br
expires: Sat, 09 Dec 2023 04:23:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
142.250.74.35200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 25672, version 1.0\012- data
Hash fe3e5be2baa0126122ba9367ebab73c8
40bec99106dfab5f3721ed725483eb618a9016cd
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
GET /s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://special-battery.co.za
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25672
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 21:56:33 GMT
expires: Fri, 08 Dec 2023 21:56:33 GMT
cache-control: public, max-age=31536000
age: 23242
last-modified: Mon, 18 Jul 2022 19:12:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/underscore.min.js
192.0.77.37200 OK 7.7 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/underscore.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (18798)
Hash 92850cd9a9461b120f65ff8413347946
575134f84cff2637be6173b3d2258ad1d3ae2c96
aac54c5352d54218f3e3ae096ec3ec8a060325967f5c143155924ce2a02cb03b
GET /c/6.1.1/wp-includes/js/underscore.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 27 Sep 2022 15:18:25 GMT
content-encoding: br
expires: Sat, 09 Dec 2023 04:23:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7063
Expires: Fri, 09 Dec 2022 06:21:38 GMT
Date: Fri, 09 Dec 2022 04:23:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7063
Expires: Fri, 09 Dec 2022 06:21:38 GMT
Date: Fri, 09 Dec 2022 04:23:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7063
Expires: Fri, 09 Dec 2022 06:21:38 GMT
Date: Fri, 09 Dec 2022 04:23:55 GMT
Connection: keep-alive
special-battery.co.za/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.3
41.185.8.111200 OK 8.0 kB URL HTTP/2 special-battery.co.za/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.3
IP 41.185.8.111:0
File type ASCII text, with very long lines (38375)
Hash d89e3ba867ab89c62c514e1d58141464
c724d8feac32d089d553dd53172d42336360a4a9
580c184394148868aa24830fabd6b5137cb83e022a467dddb8bae2cb2e0225b6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.3 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
content-length: 7989
last-modified: Fri, 04 Nov 2022 14:53:40 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?display=swap&family=Quicksand%3A300%2C400
142.250.74.106200 OK 2.1 kB URL HTTP/2 fonts.googleapis.com/css?display=swap&family=Quicksand%3A300%2C400
IP 142.250.74.106:0
Hash dcba9fab32f3eb0ace7b781779f89466
2f6ef50bc6422f378ae1aa4a00d53bf1fae8189b
a1fbc64a15d611d934dc2e65475011cd9492ec917db3fadad0575195a09ddf37
GET /css?display=swap&family=Quicksand%3A300%2C400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 04:23:55 GMT
date: Fri, 09 Dec 2022 04:23:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45e0c1638ad919bde19731f7987ab064
1e492807c665e6e6b24ec6ce19035fdfc6f23b92
f0d3738ec8406958470c8fd152a02a123d7654c30f974c1df5c4977a380c2d62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10205
x-amzn-requestid: c5704c7a-60c4-402b-8018-5885a8dae971
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F9BIAMF3ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-3e9573d900714e3250f43e17;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mLTL7L808-OguYGrl3FUvwmFmPQjBPRj7PVfgEheFHWg4g4skoBvOg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 18:05:28 GMT
age: 37107
etag: "1e492807c665e6e6b24ec6ce19035fdfc6f23b92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06514ce96ae21cb01f526a5febdcbeb4
ebb97e5b97f394e8c67098f55581d5329ce819a2
4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: swNGUcNy2i0w9UGe-EJhwslE01TzTC3rrDhLhVVxHyhWMGSC1uq0mA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 07:01:14 GMT
age: 76961
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb00a2a503a690cee3e4dd729b5bc9bd
cfb1e5bcab2148a777889680e6e36b9d7e8917ec
7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEd8HC0oAMFUag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yL-FrFYh-3PuCZCpCHYg--ebTS7wMmMQ7IE2mgimDVsKWFEtKC2gVQ==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 05:44:09 GMT
age: 81586
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
192.0.77.37200 OK 8.0 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (11126)
Hash 23f019d8e56092d1d954babc31294879
aff50cd308fd561fbb7ceafa0f301a0a79fd3216
d5ec7a5185e2b52975bed1496f9082c670f8089477644c285fe356cbb6d5a2b8
GET /c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Sat, 09 Dec 2023 04:23:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
41.185.8.111200 OK 2.9 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 41.185.8.111:0
File type ASCII text, with very long lines (9937), with no line terminators
Hash 8189a6a3f3f0efc64f857fe869d3729b
bc84b1c1e96a26fd6595da0cb024aad989c1f331
e2683386c2d5a8b3280fa9920d22fedb31a33a8bdca8ec494d3fe4df9fc6b337
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
content-length: 2937
last-modified: Fri, 04 Nov 2022 10:00:28 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9cb76c68a8cd472600106cc118067868
6cee6b1828c709f68b995197ca943a5c393f86fb
009d9ba19043b03b5aceeb80b69bf249f19a0a225bdbfef7ab8691669cb64130
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8204
x-amzn-requestid: cf54b5f8-ede8-49d5-aa56-5d9de98e3ab8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjtKfEiToAMFSXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af576-6ddfe35c0b31074d6a07076f;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UfqFAlLedF6ZkfbGXhyYDcvu0porNJb6LPaeQ8p4dqWqsFD6iRgWLw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 15:50:07 GMT
age: 45228
etag: "6cee6b1828c709f68b995197ca943a5c393f86fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.13
41.185.8.111200 OK 2.7 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.13
IP 41.185.8.111:0
File type ASCII text, with very long lines (18378), with no line terminators
Hash 4564d662aa93e937792de7bbc251ad8e
8265b025033cfbc0ac409cb527d6fa5c16f9734f
1ce5fa07995b4f68a1e5287125acced66301b6b0c2b662464578126440a2b574
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.13 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
content-length: 2693
last-modified: Wed, 28 Sep 2022 20:36:26 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/stickThis.js?ver=2.1.1
41.185.8.111200 OK 340 B URL HTTP/2 special-battery.co.za/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/stickThis.js?ver=2.1.1
IP 41.185.8.111:0
File type ASCII text, with CRLF line terminators
Hash d1d8e51abf940f01de4122bc24ebf002
5f2ebaa6660269d3806b4a6c1c6ed1810f3a3b6b
d760bf16c0d6f4a34d5ee75103f9df4022615e774f0618fe407853f84566f1b4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/stickThis.js?ver=2.1.1 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
content-length: 340
last-modified: Sun, 20 Nov 2022 21:37:14 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.3
41.185.8.111200 OK 4.1 kB URL HTTP/2 special-battery.co.za/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.3
IP 41.185.8.111:0
File type ASCII text, with very long lines (16935), with no line terminators
Hash 757a17fde44c92828cafe307b596ceb9
02059cf326b80b0e75e8854362978b11b0967afa
0ed1f9942a2eed5143794f12eb7c4fffcbbda3019bf486949bd487099ece14c0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.3 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
content-length: 4075
last-modified: Fri, 04 Nov 2022 14:53:42 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8
41.185.8.111200 OK 374 B URL HTTP/2 special-battery.co.za/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8
IP 41.185.8.111:0
File type ASCII text, with very long lines (754), with no line terminators
Hash ef785f463505633971eae5c08ad626d4
624e22257f386801822229db3a4bbd2e24b25e2f
b2a0dc77f0f79d81698a7e3893e16ecba7b0d980b80a5233656d9b11f1d8160d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
content-length: 374
last-modified: Thu, 10 Nov 2022 21:44:08 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/jq-sticky-anything.min.js?ver=2.1.1
41.185.8.111200 OK 2.0 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/jq-sticky-anything.min.js?ver=2.1.1
IP 41.185.8.111:0
File type ASCII text, with very long lines (7353), with CRLF line terminators
Hash 1d2dad9c9a62356af182e534eb8af39e
c36d8e54917fcd7e910a09545710819ebbd0beec
a8abb50cc066df68b7e6ffdc665e8b3c51083db90426f123eb2d1ae17c3afaa6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/jq-sticky-anything.min.js?ver=2.1.1 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
content-length: 1951
last-modified: Sun, 20 Nov 2022 21:37:14 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.9.0
41.185.8.111200 OK 12 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.9.0
IP 41.185.8.111:0
File type ASCII text, with very long lines (40657)
Hash f12aa0712b09eea4e54cdad6b4f933df
34a55fb1908bdeada9a8771ad61578d9b0d04bf1
9629a1022fff323d05acfb437d50a9b8751aa80acf3998ff8e42dbcdb3f32c0c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.9.0 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
content-length: 12086
last-modified: Tue, 06 Dec 2022 21:38:36 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.1
41.185.8.111200 OK 3.2 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.1
IP 41.185.8.111:0
File type ASCII text, with very long lines (1577)
Hash c34cd9056898ce3e7925aadfcccde46a
9ce2c46a7477b6da5dd635e5692d260ee02b7415
0bfed6a25c6d1ef5549ef4fc25cee8a871fdd6b85235bf61e2eb2830dbbc1294
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.1 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
content-length: 3246
last-modified: Wed, 09 Nov 2022 21:40:32 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/wpfront-scroll-top/images/icons/1.png
41.185.8.111200 OK 773 B URL HTTP/2 special-battery.co.za/wp-content/plugins/wpfront-scroll-top/images/icons/1.png
IP 41.185.8.111:0
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash 93f66586b9c8b7ec4a5316f23d89e1eb
e9397f9512f3592393923b71dfe25674a83503d5
5a0dca92ff50b14535e86aa2ff9063acfe78830f1086726e6ff2670d32ba3d08
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wpfront-scroll-top/images/icons/1.png HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: image/png
content-length: 773
last-modified: Tue, 21 Jun 2022 12:32:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 09 Dec 2023 04:23:55 GMT
vary: User-Agent
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.0.7.08086
41.185.8.111200 OK 727 B URL HTTP/2 special-battery.co.za/wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.0.7.08086
IP 41.185.8.111:0
File type ASCII text, with very long lines (543)
Hash 993e0ff878efc555fb4b8e4fa5206f83
d5a35df647aa2f61035a192ee6d0a97d08aa4a3e
bd58481a494cf648c910b94a609532724678b800784c0a09f7dc67f390747135
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.0.7.08086 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
content-length: 727
last-modified: Tue, 21 Jun 2022 12:32:56 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.9.0
41.185.8.111200 OK 2.2 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.9.0
IP 41.185.8.111:0
File type ASCII text, with very long lines (4918)
Hash dead0e8db8bccbb2daf5ee61cc7107d9
89185b8cc3d62b35215cb80f3790d04524d77ba7
3545544743b98bf51920781c1d84e930480b02441e8059e3d84326e23629ec7c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.9.0 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
content-length: 2195
last-modified: Tue, 06 Dec 2022 21:38:32 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
41.185.8.111200 OK 3.0 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 41.185.8.111:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash cfea3c51880820f2962a7773fbc864f9
45aa7ddc9b0c4201097d0df36791ab346470b734
12296ac9ef200103f8eea198a2bcd92692119dacece39538499758a0349035fb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
content-length: 2993
last-modified: Tue, 06 Dec 2022 21:38:28 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14
41.185.8.111200 OK 3.1 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14
IP 41.185.8.111:0
File type ASCII text, with very long lines (8983), with no line terminators
Hash 479c19e149adf73371f8eb5bb65b415a
c30ba6d93c94903a9a3eda06e9e75735bfba9421
d529b5e4e113c23799858d4425ccccd741d4ddc588d2d46181482f4b8b4803c8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
content-length: 3057
last-modified: Tue, 06 Dec 2022 21:40:09 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=8767d0da914b289bd862
41.185.8.111200 OK 1.0 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=8767d0da914b289bd862
IP 41.185.8.111:0
File type ASCII text, with very long lines (2366), with no line terminators
Hash 20d1095cb9420d7db47b37c16e11f5d9
c860245c56c44e40a49ef3a2d892ca2915adfb05
5052fd18c42323f2fbf80902ae792749173ee66e144a522a10d64a3deb1ce211
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=8767d0da914b289bd862 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
content-length: 1022
last-modified: Tue, 06 Dec 2022 21:40:09 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/uploads/2022/05/solar_inverters_sun_1120x747px.jpg
41.185.8.111200 OK 43 kB URL HTTP/2 special-battery.co.za/wp-content/uploads/2022/05/solar_inverters_sun_1120x747px.jpg
IP 41.185.8.111:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1120x747, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9a270af5ff75d808eb908f1316a8fb85
3c5c6c8c60f78c69837bffc97b94fdd21ed937a3
56bea026380091e5fc6569718bde2dc6e3a8d1e18917c471644dbdb4d855b07d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/05/solar_inverters_sun_1120x747px.jpg HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: image/webp
content-length: 42842
vary: Accept,User-Agent
last-modified: Thu, 30 Jun 2022 04:20:07 GMT
accept-ranges: bytes
cache-control: max-age=259200
expires: Mon, 12 Dec 2022 04:23:55 GMT
x-webp-express: Redirected directly to existing webp
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3cb7655c8fe89a83f0096c51684aa21c
4946fcab2a99d926c45abaecf8f97b6214dee0cd
60a3066f2dcc2f696413ecec56ef1d0c1a9392f6845fac5c4319b8b9e02074fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6637
x-amzn-requestid: dfcef102-5fc6-4a59-bb21-ff0532c9fdda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlg4GtVIAMFdTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb605-0c2f58da0ae148fb4d698ecc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jQs6m8oGHeWNYbOnPM34f-YW75VuH0yNWU-TzoDMOkYcwGa9BfqBhA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:22 GMT
age: 23553
etag: "4946fcab2a99d926c45abaecf8f97b6214dee0cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
192.0.77.37200 OK 46 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash e0d85295a8b9f0a50149a90fbdacf5ef
3016a5cb9d1dc5f03164704aa4ecc41b0f99b6f4
2fd083d66d59b23f222d5949e46de54f109d8332fcc9ecb4a0c01d72462ae553
GET /c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Sat, 09 Dec 2023 04:23:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
41.185.8.111200 OK 4.0 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 41.185.8.111:0
File type HTML document, ASCII text, with very long lines (12310), with no line terminators
Hash 832eeb1fd498e5839b89bfb5f05a2f0d
cf2d8668aecc5033346ac2906bb8bf7e143cfa4a
35b2b27ba0ba63c065e4c67d15b7cb1878b5868d7f475cc7f6f1724d3988793a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
content-length: 3957
last-modified: Fri, 04 Nov 2022 10:00:28 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.9.0
41.185.8.111200 OK 10 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.9.0
IP 41.185.8.111:0
File type Unicode text, UTF-8 text, with very long lines (31482)
Hash 081352f6d2bafd56475ca4ae913346b3
693f75003bf79d0279b74acbfdb8d57db06edc1e
47272f39dc6e2cb0baab9901d1886c7e180a97e045204a59d00aad8348b3707d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.9.0 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
content-length: 10220
last-modified: Tue, 06 Dec 2022 21:38:34 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/uploads/2022/06/american-public-power-association-XGAZzyLzn18-unsplash-scaled-e1662006657130.jpg
41.185.8.111200 OK 93 kB URL HTTP/2 special-battery.co.za/wp-content/uploads/2022/06/american-public-power-association-XGAZzyLzn18-unsplash-scaled-e1662006657130.jpg
IP 41.185.8.111:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x398, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3f076675a942142018ace6a3fcb26ddd
d191eb8c39d4586fe689f07aff96b4bf9f6dcf60
a7578e26c7bfe80310f9e00c392bc589b650597db2b69b935b6290a66b733673
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/american-public-power-association-XGAZzyLzn18-unsplash-scaled-e1662006657130.jpg HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: image/webp
content-length: 92844
vary: Accept,User-Agent
last-modified: Thu, 01 Sep 2022 04:49:01 GMT
accept-ranges: bytes
cache-control: max-age=259200
expires: Mon, 12 Dec 2022 04:23:55 GMT
x-webp-express: Redirected directly to existing webp
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/uploads/2022/05/16df847a0f664fd0b2d4bbf9ce684794.jpg
41.185.8.111200 OK 96 kB URL HTTP/2 special-battery.co.za/wp-content/uploads/2022/05/16df847a0f664fd0b2d4bbf9ce684794.jpg
IP 41.185.8.111:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x640, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 291cc8f290128e83f3fca65f5910c5a9
f4b9bbb966b5c6d95cca56911459490dab2c6c4b
cd9ab10e7275867077e19af547b2b363d34fe01a26f0e7166d585e87c0b21dde
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/05/16df847a0f664fd0b2d4bbf9ce684794.jpg HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: image/webp
content-length: 95916
vary: Accept,User-Agent
last-modified: Thu, 30 Jun 2022 04:20:03 GMT
accept-ranges: bytes
cache-control: max-age=259200
expires: Mon, 12 Dec 2022 04:23:55 GMT
x-webp-express: Redirected directly to existing webp
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/uploads/2022/06/ceil.png
41.185.8.111200 OK 79 kB URL HTTP/2 special-battery.co.za/wp-content/uploads/2022/06/ceil.png
IP 41.185.8.111:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f67b34d923aaf1804d715f70f70d1e9c
a738c705aa7039f272dd826772b592c85f04b6db
a40d51c7855586631db04962e9ed89092965f975f2c59a171faa2742e46353eb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/ceil.png HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: image/webp
content-length: 79438
vary: Accept,User-Agent
last-modified: Thu, 30 Jun 2022 04:21:16 GMT
accept-ranges: bytes
cache-control: max-age=259200
expires: Mon, 12 Dec 2022 04:23:55 GMT
x-webp-express: Redirected directly to existing webp
X-Firefox-Spdy: h2
special-battery.co.za/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
41.185.8.111200 OK 5.0 kB URL HTTP/2 special-battery.co.za/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 41.185.8.111:0
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
content-length: 5009
last-modified: Tue, 21 Jun 2022 12:32:56 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/uploads/2022/06/Huawei-String-Tls.png
41.185.8.111200 OK 83 kB URL HTTP/2 special-battery.co.za/wp-content/uploads/2022/06/Huawei-String-Tls.png
IP 41.185.8.111:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x673, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f5828b12731db789991e3b1bfbb411f3
c1246fc41d9e374a2bb462a2dbfd9e2347274e52
0e9859a5576d8881ad6ccffd76597e40a036060c27493eb6073856429248d175
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/Huawei-String-Tls.png HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: image/webp
content-length: 83182
vary: Accept,User-Agent
last-modified: Thu, 30 Jun 2022 04:20:00 GMT
accept-ranges: bytes
cache-control: max-age=259200
expires: Mon, 12 Dec 2022 04:23:55 GMT
x-webp-express: Redirected directly to existing webp
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/uploads/2022/06/royal.png
41.185.8.111200 OK 75 kB URL HTTP/2 special-battery.co.za/wp-content/uploads/2022/06/royal.png
IP 41.185.8.111:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 27c8595e7fbbd6b79eacac83c4e4bc99
29874eb52714942f771dddab0932f6a8c8a8b5ff
d138527f319f070f08071ab6ce2bb06e722ff880f094e6c09ffbb82093693798
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/royal.png HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: image/webp
content-length: 75374
vary: Accept,User-Agent
last-modified: Thu, 30 Jun 2022 04:21:30 GMT
accept-ranges: bytes
cache-control: max-age=259200
expires: Mon, 12 Dec 2022 04:23:55 GMT
x-webp-express: Redirected directly to existing webp
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/uploads/2022/06/TPL-Main.png
41.185.8.111200 OK 107 kB URL HTTP/2 special-battery.co.za/wp-content/uploads/2022/06/TPL-Main.png
IP 41.185.8.111:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 107 kB (107104 bytes)
Hash f5edc7d2380e696a03127676137e1766
bf3990000b00e47dad049b2f76325f1964caf818
803c9285bb416dacc046a700232a55f582ea2bfe3d046d490bd1deea40c682c9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/TPL-Main.png HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: image/webp
content-length: 107104
vary: Accept,User-Agent
last-modified: Thu, 30 Jun 2022 04:20:00 GMT
accept-ranges: bytes
cache-control: max-age=259200
expires: Mon, 12 Dec 2022 04:23:55 GMT
x-webp-express: Redirected directly to existing webp
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/uploads/2022/06/hr.png
41.185.8.111200 OK 154 kB URL HTTP/2 special-battery.co.za/wp-content/uploads/2022/06/hr.png
IP 41.185.8.111:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 154 kB (154302 bytes)
Hash 286135d9ae6a492edf35bcfb6f6945e7
e06ed251acbf9951e02f84c1f8abc45d7cd407c3
512d4e7fe0293ac8f1993f2e500707b757947a0a17fc55ffa55590b20ebc603e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/hr.png HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: image/webp
content-length: 154302
vary: Accept,User-Agent
last-modified: Thu, 30 Jun 2022 04:21:48 GMT
accept-ranges: bytes
cache-control: max-age=259200
expires: Mon, 12 Dec 2022 04:23:55 GMT
x-webp-express: Redirected directly to existing webp
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.13
41.185.8.111200 OK 7.8 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.13
IP 41.185.8.111:0
File type Unicode text, UTF-8 text, with very long lines (1646)
Hash 572aea78f382e525fda96f769d9800c5
35398693aaa753f89dc5935130e927c61fbfd6e6
e16dff142803bf871380a64dcd6a2bb729500b1e13b04e042a78dbb2ef7f11e4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.13 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
content-length: 7753
last-modified: Tue, 23 Aug 2022 21:46:04 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.1.1
41.185.8.111200 OK 124 B URL HTTP/2 special-battery.co.za/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.1.1
IP 41.185.8.111:0
File type ASCII text, with CRLF, CR line terminators
Hash 893dd4d34591cb544851b5a41747cdfd
e8585a3187cfaa2288f0cb48e5696929306b7615
1de5e3983dd9d63c6d92bc1543a4ae8978b38fbaa8d79fbbc2035c62a68cd7cf
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.1.1 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
content-length: 124
last-modified: Sun, 06 Nov 2022 14:59:38 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/uploads/elementor/css/post-82.css?ver=1668376679
41.185.8.111200 OK 1.4 kB URL HTTP/2 special-battery.co.za/wp-content/uploads/elementor/css/post-82.css?ver=1668376679
IP 41.185.8.111:0
File type ASCII text, with very long lines (4386)
Hash 2681cf295ae9b131f13456ab49ea0dfb
f60a226e7a646c55b96c44f627f80ca5839e9d3c
31332ed33246fc1cd0814dc60a635baa7fdd8c93dccb70848404f18d0a97429e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-82.css?ver=1668376679 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
content-length: 1404
last-modified: Sun, 13 Nov 2022 21:57:59 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
41.185.8.111200 OK 308 B URL HTTP/2 special-battery.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
IP 41.185.8.111:0
File type ASCII text, with very long lines (491)
Hash 851fd514d412b7e854365f20a4227c8a
08bf47072f70af1816450cc85a5efb3b8f9114d2
a9449e3cc7c003e5ed6b93bae7b0bba3e4f1713c52214f41d3591692a759b9d7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
content-length: 308
last-modified: Tue, 06 Dec 2022 21:38:26 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.9.0
41.185.8.111200 OK 12 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.9.0
IP 41.185.8.111:0
File type ASCII text, with very long lines (65497)
Hash b9537c0cdd1d3fd50594ef36f0faf6d6
f8bced5394685811369427c69d807853fef6fdd9
e86ebd017764cce772e9e62c8623da16a6267ae43bfdf8c32db70e480520cd9f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.9.0 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
content-length: 12398
last-modified: Tue, 06 Dec 2022 21:38:20 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
41.185.8.111200 OK 309 B URL HTTP/2 special-battery.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 41.185.8.111:0
File type ASCII text, with very long lines (483)
Hash 0ea43e394ddaae5fdb710dbbc8869e58
3b0c93adc80720236096201db5cc2751e703996d
85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
content-length: 309
last-modified: Tue, 06 Dec 2022 21:38:26 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/uploads/elementor/css/global.css?ver=1668376678
41.185.8.111200 OK 4.8 kB URL HTTP/2 special-battery.co.za/wp-content/uploads/elementor/css/global.css?ver=1668376678
IP 41.185.8.111:0
File type ASCII text, with very long lines (18145), with CRLF, LF line terminators
Hash 08ff2059928a4a5dfa7af5e6f888819f
e5eb100d832c8afea76da9a4df47343f5cf2f0f5
006fbded8120b8960734eb8ed21fa61c820a86c1baf75cefd3ad13308ebe9c5b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/global.css?ver=1668376678 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
content-length: 4755
last-modified: Sun, 13 Nov 2022 21:57:58 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/post-grid-elementor-addon/assets/css/main.css?ver=6.1.1
41.185.8.111200 OK 386 B URL HTTP/2 special-battery.co.za/wp-content/plugins/post-grid-elementor-addon/assets/css/main.css?ver=6.1.1
IP 41.185.8.111:0
Hash 5c2948f59da43ebcce015d8be4464fb6
8e9b10f9048658afadebdf40b6797b65e45bfc03
812e6f84959d3547aafff5b2e521fac5c86c9c698c6738b1a2303ffece38f3b0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/post-grid-elementor-addon/assets/css/main.css?ver=6.1.1 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
content-length: 386
last-modified: Mon, 10 Oct 2022 09:51:27 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
41.185.8.111200 OK 972 B URL HTTP/2 special-battery.co.za/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 41.185.8.111:0
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
content-length: 972
last-modified: Fri, 04 Nov 2022 10:00:28 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
41.185.8.111200 OK 13 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 41.185.8.111:0
File type ASCII text, with very long lines (57726)
Hash 991d00cd7cb62d50a29295522d554f1f
e128a5238f141e9c4da1979716108d858340fe03
b8fcb61816168fc6a7ee01bb09fa4378398838dc6e4f49dc411872876355d113
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
content-length: 12582
last-modified: Tue, 06 Dec 2022 21:38:24 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen-grid.min.css?ver=3.9.3
41.185.8.111200 OK 868 B URL HTTP/2 special-battery.co.za/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen-grid.min.css?ver=3.9.3
IP 41.185.8.111:0
File type ASCII text, with very long lines (5735), with no line terminators
Hash f4f28b2c50c5e61426b7f0307bf92071
9ce20ab914f965c4227284f1f2493f87aab39394
23cbd5c3458774b40a2ce8ea2619150f6774af57167caf31c4a5a45f996d4726
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen-grid.min.css?ver=3.9.3 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
content-length: 868
last-modified: Fri, 04 Nov 2022 14:53:40 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.9.3
41.185.8.111200 OK 424 B URL HTTP/2 special-battery.co.za/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.9.3
IP 41.185.8.111:0
File type ASCII text, with very long lines (882), with no line terminators
Hash ee80e5093d4e46344ea1eadd7306ae9f
63a9ad2501f4a6dc61ba9a31230ccb96e2fc99d9
ad7a17c7be30b44ef409671f71e0e2c6f99d839e1927a4825e6b3f930be4a7c7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.9.3 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
content-length: 424
last-modified: Fri, 04 Nov 2022 14:53:40 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/wpfront-scroll-top/css/wpfront-scroll-top.min.css?ver=2.0.7.08086
41.185.8.111200 OK 215 B URL HTTP/2 special-battery.co.za/wp-content/plugins/wpfront-scroll-top/css/wpfront-scroll-top.min.css?ver=2.0.7.08086
IP 41.185.8.111:0
File type ASCII text, with very long lines (426)
Hash 9d32642fe94e8f0ec70965b2352a4605
56763124e9a6ef28f1964eda3c8929b07db9f5b8
cf4d839276d4f6fe895ca1db07fb3854e9b87699c7881ccf893ce6b38042259d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wpfront-scroll-top/css/wpfront-scroll-top.min.css?ver=2.0.7.08086 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
content-length: 215
last-modified: Tue, 21 Jun 2022 12:32:56 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/uploads/elementor/css/post-5.css?ver=1668376673
41.185.8.111200 OK 366 B URL HTTP/2 special-battery.co.za/wp-content/uploads/elementor/css/post-5.css?ver=1668376673
IP 41.185.8.111:0
File type ASCII text, with very long lines (1105), with no line terminators
Hash a18f3a14e9e598f1bd434c305b07dca5
ca6e935de250fe66a5865c3f2a9b9d4b7c30f6df
d6070c953d37d72c4fcaf059a3db856aba4b13b1a9db93541a3b29e1c27f23fc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-5.css?ver=1668376673 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
content-length: 366
last-modified: Sun, 13 Nov 2022 21:57:53 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/uploads/elementor/css/post-6.css?ver=1668380337
41.185.8.111200 OK 652 B URL HTTP/2 special-battery.co.za/wp-content/uploads/elementor/css/post-6.css?ver=1668380337
IP 41.185.8.111:0
File type ASCII text, with very long lines (3279), with no line terminators
Hash f5103aa4c9751a6167154b2d8f959d78
2f542c28128a103c07db98051a4da29acf002a9a
963ad3206a3b9e5a1f1592f56f6334f47d226038bb19f5d9366625d548eee500
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-6.css?ver=1668380337 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
content-length: 652
last-modified: Sun, 13 Nov 2022 22:58:57 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.1.1/assets/js/frontend/add-to-cart.min.js
192.0.77.37200 OK 2.1 kB URL HTTP/2 c0.wp.com/p/woocommerce/7.1.1/assets/js/frontend/add-to-cart.min.js
IP 192.0.77.37:0
File type HTML document, ASCII text, with very long lines (3029), with no line terminators
Hash 131647139ae1dfc8336077589674064c
050a9880e7b192386db99c7f2ec3cb3442a88997
994985a8992cc7132465f7a5c8b1536189e7a7154a00cfb328f3ce3f2f985cfc
GET /p/woocommerce/7.1.1/assets/js/frontend/add-to-cart.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 18 Oct 2022 20:34:37 GMT
content-encoding: br
expires: Sat, 09 Dec 2023 04:23:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout-grid.min.css?ver=3.9.3
41.185.8.111200 OK 1.9 kB URL HTTP/2 special-battery.co.za/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout-grid.min.css?ver=3.9.3
IP 41.185.8.111:0
File type ASCII text, with very long lines (16351), with no line terminators
Hash eb994949c6c3797f34bb2165e6057ac7
4131ce9f39a662122d53818549eb79cfce5ae749
9dd9ef807f0d514190753433bb37fcdbeaaa5aff4e528ebc4958c0fcda7704c9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout-grid.min.css?ver=3.9.3 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
content-length: 1948
last-modified: Fri, 04 Nov 2022 14:53:40 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
41.185.8.111200 OK 308 B URL HTTP/2 special-battery.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 41.185.8.111:0
File type ASCII text, with very long lines (489)
Hash 0a08469d24387f830bbaaa00b3c228ae
01f5dfeb8f93a32c9a8f66fe5940758109771fcd
3c7c29e5fc1193ff7ce24f72f77b2dc129e1a9434a97ef7b625f6f715531803c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
content-length: 308
last-modified: Tue, 06 Dec 2022 21:38:26 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13
41.185.8.111200 OK 217 B URL HTTP/2 special-battery.co.za/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13
IP 41.185.8.111:0
File type ASCII text, with very long lines (493), with no line terminators
Hash 756f154c305c0403ea780426083f0ad6
2b5ef6cdfaedde3025f5db688edab6525d5bd08b
4d2f40b711bd14e507ea3e8a3d01de27d26e9c2e1ab3b6e79171800a567681c5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
content-length: 217
last-modified: Wed, 28 Sep 2022 20:20:53 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
41.185.8.111200 OK 4.0 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 41.185.8.111:0
File type ASCII text, with very long lines (19233)
Hash 24dc15839234f4dbd06f677098762e1c
a285318fa3f4d9a1491f523f080cd32e1df12315
016fdb3d864bb8491d6450906f97c734548f76ca9ead4b13b92dc7112c5568c6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:56 GMT
content-type: text/css
content-length: 3961
last-modified: Tue, 06 Dec 2022 21:38:30 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-grid.min.css?ver=3.9.3
41.185.8.111200 OK 16 kB URL HTTP/2 special-battery.co.za/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-grid.min.css?ver=3.9.3
IP 41.185.8.111:0
File type Unicode text, UTF-8 text, with very long lines (65526), with no line terminators
Hash 573eeba9143daca0ff4edbf5f740da49
a83ad3a769c6ded8deb53699e1f62760d52373f2
c46653436376fd09085559e1b7b57412c8fcc3a632c570fff4738b4a2ebd2e13
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-grid.min.css?ver=3.9.3 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:56 GMT
content-type: text/css
content-length: 16151
last-modified: Fri, 04 Nov 2022 14:53:40 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-8YTWK56R51>m=2oebu0&_p=211167369&_gaz=1&cid=397102580.1670559835&ul=en-us&sr=1280x1024&_s=1&sid=1670559834&sct=1&seg=0&dl=https%3A%2F%2Fspecial-battery.co.za%2F&dt=Home%20-%20SPECIALISED%20BATTERY%20SYSTEMS&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-8YTWK56R51>m=2oebu0&_p=211167369&_gaz=1&cid=397102580.1670559835&ul=en-us&sr=1280x1024&_s=1&sid=1670559834&sct=1&seg=0&dl=https%3A%2F%2Fspecial-battery.co.za%2F&dt=Home%20-%20SPECIALISED%20BATTERY%20SYSTEMS&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-8YTWK56R51>m=2oebu0&_p=211167369&_gaz=1&cid=397102580.1670559835&ul=en-us&sr=1280x1024&_s=1&sid=1670559834&sct=1&seg=0&dl=https%3A%2F%2Fspecial-battery.co.za%2F&dt=Home%20-%20SPECIALISED%20BATTERY%20SYSTEMS&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://special-battery.co.za
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://special-battery.co.za
date: Fri, 09 Dec 2022 04:23:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:23:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-8YTWK56R51&cid=397102580.1670559835>m=2oebu0&aip=1
108.177.14.154204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-8YTWK56R51&cid=397102580.1670559835>m=2oebu0&aip=1
IP 108.177.14.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-8YTWK56R51&cid=397102580.1670559835>m=2oebu0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://special-battery.co.za
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://special-battery.co.za
date: Fri, 09 Dec 2022 04:23:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:23:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
special-battery.co.za/wp-content/uploads/elementor/thumbs/2654014556_0684b7d1d7_o-pqn3biv58cefkstmo4mg4y9d8ktk7jtnt3zg3sa58c.jpg
41.185.8.111200 OK 44 kB URL HTTP/2 special-battery.co.za/wp-content/uploads/elementor/thumbs/2654014556_0684b7d1d7_o-pqn3biv58cefkstmo4mg4y9d8ktk7jtnt3zg3sa58c.jpg
IP 41.185.8.111:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 562x422, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d028bfd1f1fa16b9256fe77dfa4cd6e0
f74f46f8388ccf997080e1def3809467817b72b9
57e48bff574ad244d4b3635c84808426558d0182599785e4af37708c95db71d0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/2654014556_0684b7d1d7_o-pqn3biv58cefkstmo4mg4y9d8ktk7jtnt3zg3sa58c.jpg HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:56 GMT
content-type: image/webp
content-length: 44426
vary: Accept,User-Agent
last-modified: Thu, 30 Jun 2022 08:41:33 GMT
accept-ranges: bytes
cache-control: max-age=259200
expires: Mon, 12 Dec 2022 04:23:56 GMT
x-webp-express: Redirected directly to existing webp
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/uploads/elementor/thumbs/HRL12540W-scaled-pqn3biqoffcrukqf7wd2n7913icddcnldzlcyv8hcw.jpg
41.185.8.111200 OK 5.7 kB URL HTTP/2 special-battery.co.za/wp-content/uploads/elementor/thumbs/HRL12540W-scaled-pqn3biqoffcrukqf7wd2n7913icddcnldzlcyv8hcw.jpg
IP 41.185.8.111:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 430x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6e7fe3a3f403bded080df6a98a493f95
58fee5ab564f82c6da95e43dacb19991bf32e386
a3d177319349a626e593eab6a223f11a777a36c0fcbcebe5f81bcb7b45437526
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/HRL12540W-scaled-pqn3biqoffcrukqf7wd2n7913icddcnldzlcyv8hcw.jpg HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:56 GMT
content-type: image/webp
content-length: 5678
vary: Accept,User-Agent
last-modified: Thu, 30 Jun 2022 08:51:46 GMT
accept-ranges: bytes
cache-control: max-age=259200
expires: Mon, 12 Dec 2022 04:23:56 GMT
x-webp-express: Redirected directly to existing webp
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
41.185.8.111200 OK 13 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP 41.185.8.111:0
File type Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Hash f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://special-battery.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:56 GMT
content-type: font/woff2
content-length: 13276
last-modified: Tue, 06 Dec 2022 21:38:28 GMT
accept-ranges: bytes
cache-control: max-age=259200
expires: Mon, 12 Dec 2022 04:23:56 GMT
vary: User-Agent
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.1.1/assets/js/jquery-blockui/jquery.blockUI.min.js
192.0.77.37200 OK 8.5 kB URL HTTP/2 c0.wp.com/p/woocommerce/7.1.1/assets/js/jquery-blockui/jquery.blockUI.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (9111)
Hash f82e051b1a0a75a9c3a33bdc9ee48f5d
1669be0d945d575bd1d6466b1d56e681c811df2a
2d956a6437ef7bed6305d7ae8915a5c8d028eed32ce52b6cf378d4a97763637b
GET /p/woocommerce/7.1.1/assets/js/jquery-blockui/jquery.blockUI.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 18 Oct 2022 20:34:37 GMT
content-encoding: br
expires: Sat, 09 Dec 2023 04:23:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:23:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
special-battery.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
41.185.8.111200 OK 78 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 41.185.8.111:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://special-battery.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:56 GMT
content-type: font/woff2
content-length: 78196
last-modified: Tue, 06 Dec 2022 21:38:26 GMT
accept-ranges: bytes
cache-control: max-age=259200
expires: Mon, 12 Dec 2022 04:23:56 GMT
vary: User-Agent
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
41.185.8.111200 OK 77 kB URL HTTP/2 special-battery.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 41.185.8.111:0
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://special-battery.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:56 GMT
content-type: font/woff2
content-length: 76764
last-modified: Tue, 06 Dec 2022 21:38:26 GMT
accept-ranges: bytes
cache-control: max-age=259200
expires: Mon, 12 Dec 2022 04:23:56 GMT
vary: User-Agent
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
41.185.8.111200 OK 665 B URL HTTP/2 special-battery.co.za/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP 41.185.8.111:0
File type ASCII text, with very long lines (1320)
Hash 1aa59e4679e8c196df08dfefc6e6c09b
d012b2fcc1753e2206e96900ac77c9790b723627
c8cd0c304d00d79636eccf54af3e45d4c095fd3adc535f659c1dfc94e497e92b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:56 GMT
content-type: application/javascript
content-length: 665
last-modified: Tue, 06 Dec 2022 21:38:36 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:23:56 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 09 Dec 2022 02:46:55 GMT
expires: Fri, 09 Dec 2022 04:46:55 GMT
cache-control: public, max-age=7200
age: 5821
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e3b657ebd655fbfa5f10c01c775f2aa0
2478fd171e6791a10d83b2bad9de0165d268db7e
2d91737e61e5338bc24c7df4aa36b1c20d9f79fe8ea4bb4914fd2c15e99a7ee3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:23:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:23:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
142.250.74.35200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Hash 19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://special-battery.co.za
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19292
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 15:44:31 GMT
expires: Wed, 06 Dec 2023 15:44:31 GMT
cache-control: public, max-age=31536000
age: 218365
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8YTWK56R51&cid=397102580.1670559835>m=2oebu0&aip=1&z=1764708507
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8YTWK56R51&cid=397102580.1670559835>m=2oebu0&aip=1&z=1764708507
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8YTWK56R51&cid=397102580.1670559835>m=2oebu0&aip=1&z=1764708507 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 04:23:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.35200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.35:0
File type gzip compressed data, max compression\012- data
Hash 7c079a2ffe6aca49dbefc58723bf1079
c58afc7fbf921a5790281bd39babe10cd37ae55c
6f561834683026ec39bf803391756e91cb7722624000567a3b534b468e8d1872
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://special-battery.co.za
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 06:30:11 GMT
expires: Sat, 02 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 597225
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7153378245896916
142.250.74.34200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7153378245896916
IP 142.250.74.34:0
File type ASCII text, with very long lines (4885)
Hash 2df40c7392b5dbcee309879907c176b6
9c3945a9d34daa48ebc640db330a3553f312a342
f6676af222597c76c6487fc794612881a08ae5705db409faa7408d167d6a3ad5
GET /pagead/js/adsbygoogle.js?client=ca-pub-7153378245896916 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://special-battery.co.za
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 09 Dec 2022 04:23:56 GMT
expires: Fri, 09 Dec 2022 04:23:56 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 14752327867871898364
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49453
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e3b657ebd655fbfa5f10c01c775f2aa0
2478fd171e6791a10d83b2bad9de0165d268db7e
2d91737e61e5338bc24c7df4aa36b1c20d9f79fe8ea4bb4914fd2c15e99a7ee3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:23:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:23:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html
142.250.74.2200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221206/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Thu, 08 Dec 2022 19:54:14 GMT
expires: Thu, 22 Dec 2022 19:54:14 GMT
cache-control: public, max-age=1209600
age: 30582
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/uploads/2022/06/cropped-SBS-Logo-_-Preferred-1024x238-1-32x32.png
41.185.8.111200 OK 808 B URL HTTP/2 special-battery.co.za/wp-content/uploads/2022/06/cropped-SBS-Logo-_-Preferred-1024x238-1-32x32.png
IP 41.185.8.111:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 10c6ad8734b3c0fdd9bef7e36414b3b4
6d5a75bc9652652a500618e8e2e6eb4684920ad6
3d2a87e7ed88a6835956fe15c0b579a87ec45c21ec6a9bc769b7fdf34289fcef
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/cropped-SBS-Logo-_-Preferred-1024x238-1-32x32.png HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:56 GMT
content-type: image/webp
content-length: 808
vary: Accept,User-Agent
last-modified: Thu, 30 Jun 2022 04:37:33 GMT
accept-ranges: bytes
cache-control: max-age=259200
expires: Mon, 12 Dec 2022 04:23:56 GMT
x-webp-express: Redirected directly to existing webp
X-Firefox-Spdy: h2
special-battery.co.za/wp-content/uploads/2022/06/cropped-SBS-Logo-_-Preferred-1024x238-1-192x192.png
41.185.8.111200 OK 5.2 kB URL HTTP/2 special-battery.co.za/wp-content/uploads/2022/06/cropped-SBS-Logo-_-Preferred-1024x238-1-192x192.png
IP 41.185.8.111:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 83f729bf90e744e573deb250f717d03b
8ab791c77c11d018d254e5e51231bd5defa66588
53b906b1107be3c0b55bf4b7ca4861ecd6ae44a94a64e2a5f98e07ae74041623
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/cropped-SBS-Logo-_-Preferred-1024x238-1-192x192.png HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:56 GMT
content-type: image/webp
content-length: 5234
vary: Accept,User-Agent
last-modified: Thu, 30 Jun 2022 04:49:00 GMT
accept-ranges: bytes
cache-control: max-age=259200
expires: Mon, 12 Dec 2022 04:23:56 GMT
x-webp-express: Redirected directly to existing webp
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8129d4d0ebab3efc528f57883dfb30ba
be557eee6cd854421ec872673041867c73369fa2
ed95fb60948c81a74657e5964798a07145fe91fee47cb270006f62294a5670b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:23:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:23:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=special-battery.co.za
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=special-battery.co.za
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=special-battery.co.za HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 09 Dec 2022 04:23:57 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=special-battery.co.za
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=special-battery.co.za
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=special-battery.co.za HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 09 Dec 2022 04:23:57 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:23:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cbe432d06442a6cb4f20be34e4d58026
4bcfa4ef74b42eb562cd75321f8de6bd5b54d960
09fc64ce93c2b166e64ceb5f99bc9e20785097140581f9cb363577f68e3653be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:23:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=special-battery.co.za&callback=_gfp_s_&client=ca-pub-7153378245896916&gpid_exp=1
216.58.207.226200 OK 258 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=special-battery.co.za&callback=_gfp_s_&client=ca-pub-7153378245896916&gpid_exp=1
IP 216.58.207.226:0
File type ASCII text, with very long lines (409), with no line terminators
Hash 8d54fb737699c6efd5c5cec14b4df336
571fa25a2f113b7aef262ba99439b3979da58068
79ff1eea41cc495754588ab82d4a3c5179d1c46bdc6a872911b4e9222b5c4c14
GET /gampad/cookie.js?domain=special-battery.co.za&callback=_gfp_s_&client=ca-pub-7153378245896916&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 09 Dec 2022 04:23:57 GMT
server: cafe
cache-control: private
content-length: 258
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cbe432d06442a6cb4f20be34e4d58026
4bcfa4ef74b42eb562cd75321f8de6bd5b54d960
09fc64ce93c2b166e64ceb5f99bc9e20785097140581f9cb363577f68e3653be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:23:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221206&st=env
142.250.74.34200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221206&st=env
IP 142.250.74.34:0
File type JSON data\012- , ASCII text, with very long lines (14842), with no line terminators
Hash be758ed4318ff73b76d2f06ca07d16f7
66110059586f8796a848b0159b2eb0a21a22f015
056f124bfeda9d6f38d782e67c568ef1fe185d64b8be06e41fd06d85e8631803
GET /getconfig/sodar?sv=200&tid=gda&tv=r20221206&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://special-battery.co.za
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Fri, 09 Dec 2022 04:23:57 GMT
server: cafe
content-length: 11203
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cd459fc7e8633ad842eace59db652f5a
a2723a4cae2f7910e832490e588db1af285c8bd7
380d84de92bfa406214d8aa5d146fe7b944e99c913e0d8c9dd03283a07992a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:23:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.97200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.97:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Fri, 09 Dec 2022 04:23:57 GMT
expires: Fri, 09 Dec 2022 04:23:57 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.97200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 14:29:01 GMT
expires: Wed, 06 Dec 2023 14:29:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 222896
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5cba4e1962a1fe17c9021f3e418975a
01293d7e4084011451f7d17936ab2427504cdb1a
ecfe30d3abc32ca9f933303d75b2055642d3c7c8197af08fe2c314394699594b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:23:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.132200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 896846bba2448103b33f90abea752a9d
cbaf238a2fd4826f23c06a0b57bb65e17ca27b1f
03141eb27172ee3cff1d49eee90939e4bad5a6d8ec264d82c37b0b1d4f707b4e
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 09 Dec 2022 04:23:57 GMT
date: Fri, 09 Dec 2022 04:23:57 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-7Z5IK5Drl-gkTKaCyL1kZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e00cf5825452b2f69b0ac859dccb64ab
60aed079c48181cf46cef4d1aaa1c316a7ef7048
3aea2aa14407b6ac9d64d0f35111fec50f51632adfc39047c15bde4afd148a78
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7694
x-amzn-requestid: 0c67138c-1a6d-49ef-bd43-f9a7176679ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c2LZjFjrIAMFUSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63925909-764272151a0a4d284c6cb1bb;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 21:37:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aaEYG20Wueg557qEBq46sSUl3-_HxgZA73s-kPo3GmYgWgrGgFPl_Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:48:32 GMT
age: 23730
etag: "60aed079c48181cf46cef4d1aaa1c316a7ef7048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.1.1/assets/js/frontend/woocommerce.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/7.1.1/assets/js/frontend/woocommerce.min.js
IP 192.0.77.37:0
GET /p/woocommerce/7.1.1/assets/js/frontend/woocommerce.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 18 May 2021 17:00:20 GMT
content-encoding: br
expires: Sat, 09 Dec 2023 04:23:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.1.1/assets/js/frontend/cart-fragments.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/7.1.1/assets/js/frontend/cart-fragments.min.js
IP 192.0.77.37:0
GET /p/woocommerce/7.1.1/assets/js/frontend/cart-fragments.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 23 Nov 2021 22:30:13 GMT
content-encoding: br
expires: Sat, 09 Dec 2023 04:23:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/wp-util.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/wp-util.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/wp-util.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 20 Sep 2022 03:52:10 GMT
content-encoding: br
expires: Sat, 09 Dec 2023 04:23:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/core.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/core.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/jquery/ui/core.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
content-encoding: br
expires: Sat, 09 Dec 2023 04:23:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
content-encoding: br
expires: Sat, 09 Dec 2023 04:23:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
special-battery.co.za/?wc-ajax=get_refreshed_fragments
41.185.8.111200 OK 0 B URL HTTP/2 special-battery.co.za/?wc-ajax=get_refreshed_fragments
IP 41.185.8.111:0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: special-battery.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://special-battery.co.za
Connection: keep-alive
Referer: https://special-battery.co.za/
Cookie: _ga_8YTWK56R51=GS1.1.1670559834.1.0.1670559834.60.0.0; _ga=GA1.1.397102580.1670559835
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:58 GMT
content-type: application/json; charset=UTF-8
x-powered-by: PHP/7.4.33
vary: Accept-Encoding,Cookie,User-Agent
access-control-allow-origin: https://special-battery.co.za
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.1.1/packages/woocommerce-blocks/build/wc-blocks-style.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/7.1.1/packages/woocommerce-blocks/build/wc-blocks-style.css
IP 192.0.77.37:0
GET /p/woocommerce/7.1.1/packages/woocommerce-blocks/build/wc-blocks-style.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 03 Nov 2022 16:38:34 GMT
content-encoding: br
expires: Sat, 09 Dec 2023 04:23:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.1.1/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/7.1.1/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css
IP 192.0.77.37:0
GET /p/woocommerce/7.1.1/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 24 Aug 2022 20:12:33 GMT
content-encoding: br
expires: Sat, 09 Dec 2023 04:23:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Sat, 09 Dec 2023 04:23:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://special-battery.co.za/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:23:55 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
content-encoding: br
expires: Sat, 09 Dec 2023 04:23:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2