mcit.gov.ws Open in urlscan Pro
192.185.39.31 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
Submission: On December 03 via manual (December 3rd 2021, 10:06:10 am UTC) from NL — Scanned from NL

Summary HTTP 127 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 10 domains to perform 127 HTTP transactions. The main IP is 192.185.39.31, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is mcit.gov.ws.
TLS certificate: Issued by R3 on November 29th 2021. Valid for: 3 months.

This is the only time mcit.gov.ws was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
77	192.185.39.31 192.185.39.31	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
20	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
3	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	143.204.98.68 143.204.98.68	16509 (AMAZON-02) (AMAZON-02)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
127	14

77 192.185.39.31 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: autolease-uae.com

mcit.gov.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.printfriendly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

key-cdn.printfriendly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-68.fra50.r.cloudfront.net

assets.sitespeaker.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
77	mcit.gov.ws mcit.gov.ws	2 MB
24	wp.com c0.wp.com stats.wp.com pixel.wp.com i2.wp.com	154 KB
4	gstatic.com fonts.gstatic.com	103 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	printfriendly.com cdn.printfriendly.com key-cdn.printfriendly.com	16 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
1	sitespeaker.link assets.sitespeaker.link	810 B
1	facebook.com graph.facebook.com	642 B
1	googleapis.com fonts.googleapis.com	2 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
127	10

	Domain	Requested by
77	mcit.gov.ws	mcit.gov.ws c0.wp.com
20	c0.wp.com	mcit.gov.ws
4	fonts.gstatic.com	fonts.googleapis.com
2	pixel.wp.com	mcit.gov.ws
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	maxcdn.bootstrapcdn.com	mcit.gov.ws maxcdn.bootstrapcdn.com
1	i2.wp.com	mcit.gov.ws
1	assets.sitespeaker.link	c0.wp.com
1	graph.facebook.com	c0.wp.com
1	key-cdn.printfriendly.com	cdn.printfriendly.com
1	stats.wp.com	mcit.gov.ws
1	cdn.printfriendly.com	mcit.gov.ws
1	fonts.googleapis.com	mcit.gov.ws
1	www.googletagmanager.com	mcit.gov.ws
127	14

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
zeno.fm
www.getsafeonline.ws
cve.mitre.org
pacson.org
twitter.com
www.linkedin.com
pinterest.com
www.maf.gov.ws
www.mcil.gov.ws
www.mesc.gov.ws
www.mof.gov.ws
www.mfat.gov.ws
www.health.gov.ws
www.mjca.gov.ws
www.mnre.gov.ws
www.mpmc.gov.ws
www.mpe.gov.ws
www.revenue.gov.ws
www.mwcsd.gov.ws
www.mwti.gov.ws
www.psc.gov.ws

Subject Issuer	Validity	Valid
www.mcit.gov.ws R3	`2021-11-29` - `2022-02-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
1937640834.rsc.cdn77.org R3	`2021-11-11` - `2022-02-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
1639039923.rsc.cdn77.org R3	`2021-11-20` - `2022-02-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-11` - `2021-12-10`	3 months	crt.sh
sitespeaker.link Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
Frame ID: 440E280CD8BBAC87CBA2C00970F911A7
Requests: 129 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CS-Advisory – Blackbyte Ransomware | MCIT

Page Statistics

127
Requests

91 %
HTTPS

62 %
IPv6

10
Domains

14
Subdomains

14
IPs

2
Countries

2077 kB
Transfer

5109 kB
Size

3
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/mcitsamoaofficial/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCT4LRRIUinwmF9_n_NFzvHg

Search URL Search Domain Scan URL

URL: https://zeno.fm/2ap-samoa
Title: Radio 2AP Online

Search URL Search Domain Scan URL

URL: https://www.getsafeonline.ws/sm/
Title: GetSafeOnline – Samoan

Search URL Search Domain Scan URL

URL: https://www.getsafeonline.ws/
Title: GetSafeOnline – English

Search URL Search Domain Scan URL

URL: https://www.facebook.com/FBandSCiamdigital.samoa
Title: Samoa “I Am Digital ” – Facebook Project

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cve/search_cve_list.html
Title: CS-CSV Search

Search URL Search Domain Scan URL

URL: https://pacson.org/
Title: PacSON Group

Search URL Search Domain Scan URL

URL: https://twitter.com/home?status=https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=&title=&summary=&source=https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=&media=&description=https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Search URL Search Domain Scan URL

URL: https://www.maf.gov.ws/
Title: Ministry of Agriculture & Fisheries

Search URL Search Domain Scan URL

URL: https://www.mcil.gov.ws/
Title: Ministry of Commerce, Industry and Labour

Search URL Search Domain Scan URL

URL: https://www.mesc.gov.ws/
Title: Ministry of Education, Sports & Culture

Search URL Search Domain Scan URL

URL: https://www.mof.gov.ws/
Title: Ministry of Finance

Search URL Search Domain Scan URL

URL: https://www.mfat.gov.ws/
Title: Ministry of Foreign Affairs & Trade

Search URL Search Domain Scan URL

URL: https://www.health.gov.ws/
Title: Ministry of Health

Search URL Search Domain Scan URL

URL: https://www.mjca.gov.ws/
Title: Ministry of Justice & Courts Administration

Search URL Search Domain Scan URL

URL: https://www.mnre.gov.ws/
Title: Ministry of Natural Resources & Environment

Search URL Search Domain Scan URL

URL: https://www.mpmc.gov.ws/
Title: Ministry of the Prime Minister & Cabinet

Search URL Search Domain Scan URL

URL: https://www.mpe.gov.ws/
Title: Ministry of Public Enterprises

Search URL Search Domain Scan URL

URL: https://www.revenue.gov.ws/
Title: Ministry for Revenue

Search URL Search Domain Scan URL

URL: http://www.mwcsd.gov.ws/
Title: Ministry of Women, Community & Social Development

Search URL Search Domain Scan URL

URL: http://www.mwti.gov.ws/
Title: Ministry of Works, Transport & Infrastructure

Search URL Search Domain Scan URL

URL: https://www.psc.gov.ws/
Title: Samoa Public Service Commission

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

127 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/ 96 KB
26 KB 5490ms
3343ms Document
text/html 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

6fca02b19d20d3d253570d5214277219bf1a30dd97fa4029645e76d50d241912

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9

Response headers

x-pingback: https://mcit.gov.ws/xmlrpc.php
link: <https://mcit.gov.ws/wp-json/>; rel="https://api.w.org/", <https://mcit.gov.ws/wp-json/wp/v2/posts/133316>; rel="alternate"; type="application/json", <https://wp.me/paQDSi-yGg>; rel=shortlink
strict-transport-security: max-age=604800
cache-control: max-age=7200
expires: Fri, 03 Dec 2021 12:05:59 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: text/html; charset=UTF-8
date: Fri, 03 Dec 2021 10:05:59 GMT
server: Apache

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 96ms
44ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-159365476-1

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd83e7253bd3004c2bb22ee4a3fb50b41ce80b37fcfe65b6b06c53039dd1ef57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 10:06:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36168
x-xss-protection: 0
last-modified: Fri, 03 Dec 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Dec 2021 10:06:02 GMT

GET
H2 200 frontend.min.css
mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/css/ 126 KB
23 KB 225ms
221ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/css/frontend.min.css?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

51771be546bca005afbddc380ae8db13d8c35f1e4a14df04dd628ce9e724629d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:37:15 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 jquery.comiseo.daterangepicker.css
mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/js/jquery-ui-daterangepicker/ 2 KB
700 B 151ms
145ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/js/jquery-ui-daterangepicker/jquery.comiseo.daterangepicker.css?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

58c636594fb2533e4cdfe29e09c63f7703eeb89d9305dafdb122042ded868840

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:37:15 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 663
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 styles.css
mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/js/jquery-ui-daterangepicker/ 687 B
370 B 150ms
145ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/js/jquery-ui-daterangepicker/styles.css?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

7c57c60903652122ed4d8242367a814fb5d6ce0e8fd4152d38ec7f9bcad039d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:37:15 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 333
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 jquery-ui.css
mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/js/jquery-ui/ 22 KB
5 KB 149ms
144ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/js/jquery-ui/jquery-ui.css?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

34c9c7b0c3bf56eb5f75a833ca9fcdd615c5f12985ef35010c2bb03e3815b80e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:37:15 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4698
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 wpem-grid.min.css
mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/css/ 55 KB
9 KB 218ms
213ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/css/wpem-grid.min.css?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

0ab1646d67611bc61ce6215a21448a31531d2ed735f4dcde4c0142d767b71bdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:37:15 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9059
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 style.css
mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/fonts/ 30 KB
4 KB 218ms
212ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/fonts/style.css?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

7544406f2f573e217474cb3bbf072754eff3055feca68bfef07434fd90d15f46

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:37:15 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4251
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 pmb-common.css
mcit.gov.ws/wp-content/plugins/print-my-blog/assets/styles/ 2 KB
947 B 151ms
145ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/print-my-blog/assets/styles/pmb-common.css?ver=1632364619

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

db958c4699de9db91234cb9c1c564971e5ea43230a7c411546f03e7acd21342b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:36:59 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 887
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.7.4/wp-includes/css/dist/block-library/ 57 KB
8 KB 74ms
21ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.4/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 03 Dec 2021 10:06:02 GMT
content-encoding: br
last-modified: Tue, 06 Apr 2021 23:50:28 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:06:02 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/5.7.4/wp-includes/js/mediaelement/ 11 KB
2 KB 75ms
22ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.4/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 03 Dec 2021 10:06:02 GMT
content-encoding: br
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:06:02 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/5.7.4/wp-includes/js/mediaelement/ 4 KB
1 KB 75ms
22ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.4/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 03 Dec 2021 10:06:02 GMT
content-encoding: br
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:06:02 GMT

GET
H2 200 select2.css
mcit.gov.ws/wp-content/plugins/print-my-blog/assets/styles/libs/ 17 KB
4 KB 217ms
211ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/print-my-blog/assets/styles/libs/select2.css?ver=4.0.6

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

731632153abc0257d98d744c780cbc28f1e998d552a543619f143035f513d0ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:36:59 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3821
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 jquery-ui.min.css
mcit.gov.ws/wp-content/plugins/print-my-blog/assets/styles/libs/jquery-ui/ 29 KB
9 KB 271ms
265ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/print-my-blog/assets/styles/libs/jquery-ui/jquery-ui.min.css?ver=1.11.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

8964f1fe20bd22829aa12283e7e59515e7fc658348810e00c55a4c6c1c368628

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:36:59 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8614
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 setup-page.css
mcit.gov.ws/wp-content/plugins/print-my-blog/assets/styles/ 215 B
193 B 151ms
145ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/print-my-blog/assets/styles/setup-page.css?ver=1632364619

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

911953fa018ac7d286f1174094b32c039ad1521151bdc794336ded48e1bcbd9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:36:59 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 156
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 styles.css
mcit.gov.ws/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 1259ms
1253ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 25 Aug 2021 19:10:11 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 966
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 settings.css
mcit.gov.ws/wp-content/plugins/revslider/public/assets/css/ 39 KB
12 KB 348ms
343ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

23a57aed407545bd964231bcb511674996bdd28a4f2a57ca66bca72de0bf3d2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:05:18 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12201
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 jquery.timepicker.min.css
mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/js/jquery-timepicker/ 1 KB
450 B 335ms
330ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/js/jquery-timepicker/jquery.timepicker.min.css?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

449e2d8b37ae8b7cd0e922b7a32b6c8850527b2bb1e64d1a750551c5ba87c7dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:37:15 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 413
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 htbbootstrap.css
mcit.gov.ws/wp-content/plugins/ht-mega-for-elementor/assets/css/ 53 KB
10 KB 335ms
330ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/ht-mega-for-elementor/assets/css/htbbootstrap.css?ver=1.6.5

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

5af21edd8b55ded8b11bd539e8b3fb342788231f282f3682d4320fe99b1c6073

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:36:29 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10541
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 htmega-widgets.css
mcit.gov.ws/wp-content/plugins/ht-mega-for-elementor/assets/css/ 338 KB
82 KB 349ms
344ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/ht-mega-for-elementor/assets/css/htmega-widgets.css?ver=1.6.5

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

e2b09090ca4c15d60ca4b912153412bd8b3edc7f281e855ce934f46f75e41094

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:36:29 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 font-awesome.min.css
mcit.gov.ws/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/ 30 KB
7 KB 313ms
308ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.5.2

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

8cdc53975174314cc55ef7ca7ee80afbf80e724452e4b0fc7e4bea1e43ad4f59

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:04:21 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7022
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 animation.css
mcit.gov.ws/wp-content/plugins/ht-mega-for-elementor/assets/css/ 73 KB
7 KB 347ms
343ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/ht-mega-for-elementor/assets/css/animation.css?ver=1.6.5

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

617e9877ad49e85ede06b9752e55b8ee228c90fcdc2576f8c5180ededc6d709f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:36:29 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7466
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 htmega-keyframes.css
mcit.gov.ws/wp-content/plugins/ht-mega-for-elementor/assets/css/ 5 KB
645 B 334ms
330ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/ht-mega-for-elementor/assets/css/htmega-keyframes.css?ver=1.6.5

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

dc22ae03545c512c391d5dc7d683000cbfaf4d78a8d60b22d806d574804350ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:36:29 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 585
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 24 KB
2 KB 85ms
30ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i%7CMontserrat%3A300%2C400%2C500%2C600%2C700%26subset%3Dlatin%7CDroid+Serif&subset=latin%2Clatin-ext

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c29735146da635af46cac2beba08895d88559a8939db28ad4511b5d69f4a3bf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 03 Dec 2021 09:49:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 03 Dec 2021 10:06:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Dec 2021 10:06:02 GMT

GET
H2 200 bootstrap.min.css
mcit.gov.ws/wp-content/themes/construct/assets/css/ 118 KB
27 KB 348ms
343ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/themes/construct/assets/css/bootstrap.min.css?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

a5cc06b61721c8998f374c5d0e1ce195240b8094133e1091bd2a5c0d25f800a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:02:34 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 animsition.css
mcit.gov.ws/wp-content/themes/construct/assets/css/ 40 KB
3 KB 335ms
331ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/themes/construct/assets/css/animsition.css?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

e37f367876ef831bb563ae3953371e2b237a8c05ec13c98ecf6661339298c7dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:02:34 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3451
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 animate.css
mcit.gov.ws/wp-content/themes/construct/assets/css/ 71 KB
7 KB 347ms
343ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/themes/construct/assets/css/animate.css?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

513658eb0f453ec6a80ffd2b3a51592a42959c53d4b5366330f76bddeff011a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:02:34 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6983
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 fontello.css
mcit.gov.ws/wp-content/themes/construct/assets/css/ 16 KB
3 KB 312ms
308ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/themes/construct/assets/css/fontello.css?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

28474ddcbfd7f4ed03058e51750b32468ef55d4279cb02f66af65b5d4c615849

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:02:34 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3507
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 owl.carousel.css
mcit.gov.ws/wp-content/themes/construct/assets/css/ 9 KB
2 KB 270ms
266ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/themes/construct/assets/css/owl.carousel.css?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

fa148572d2672e71ea497fc3df43eac4aa513b293ece427699b863e6c155703d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:02:34 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1854
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 cubeportfolio.min.css
mcit.gov.ws/wp-content/themes/construct/assets/css/ 77 KB
18 KB 334ms
330ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/themes/construct/assets/css/cubeportfolio.min.css?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

82f306ed641a399e93425dbcfbb6f14fd2b09109916dcc71d067efbdb776b7fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:02:34 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18003
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 magnific-popup.css
mcit.gov.ws/wp-content/plugins/ht-mega-for-elementor/assets/css/ 7 KB
2 KB 335ms
331ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/ht-mega-for-elementor/assets/css/magnific-popup.css?ver=1.6.5

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:36:29 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2190
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 flexslider.min.css
mcit.gov.ws/wp-content/plugins/js_composer/assets/lib/bower/flexslider/ 3 KB
1 KB 335ms
331ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/js_composer/assets/lib/bower/flexslider/flexslider.min.css?ver=5.5.2

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

bd6402497fd4949e3d2591fbcebb4e7bf60463d24427603cce162b073f62d97a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:04:21 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1260
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 vegas.css
mcit.gov.ws/wp-content/themes/construct/assets/css/ 16 KB
2 KB 270ms
266ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/themes/construct/assets/css/vegas.css?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

b148915c3848bf48d65b3ae67c81be13e9b2e6365364d9f5e7397cca9ac78cdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:02:34 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1852
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 shortcodes.css
mcit.gov.ws/wp-content/themes/construct/assets/css/ 68 KB
14 KB 334ms
331ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/themes/construct/assets/css/shortcodes.css?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

fbef83905a74252a45a5d238f24994d3b17e3739bdb4e11d262d6b7d63fe0bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:02:34 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13784
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 woocommerce.css
mcit.gov.ws/wp-content/themes/construct/assets/css/ 27 KB
7 KB 345ms
342ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/themes/construct/assets/css/woocommerce.css?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

b24151251f091b90d9f1a5c0b7b6103bafc269d86c80c7d528cb55a2a442e25a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:02:34 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6585
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 style.css
mcit.gov.ws/wp-content/themes/construction-child/ 427 B
307 B 333ms
330ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/themes/construction-child/style.css?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

ab81a86600ff8e5478c816ef6929371420f1a801ab30a710cb631f98500678c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:02:10 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 247
expires: Sun, 02 Jan 2022 10:06:02 GMT

GET
H2 200 social-logos.min.css
c0.wp.com/p/jetpack/10.1/_inc/social-logos/ 12 KB
8 KB 72ms
22ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.1/_inc/social-logos/social-logos.min.css

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 03 Dec 2021 10:06:02 GMT
content-encoding: br
last-modified: Tue, 30 Jun 2020 14:24:10 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:06:02 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/10.1/css/ 85 KB
16 KB 72ms
22ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.1/css/jetpack.css

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4c71cab3e2b7defd9022059c922d2c91359df1ba71dd47e8543b108c70537f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 03 Dec 2021 10:06:02 GMT
content-encoding: br
last-modified: Tue, 07 Sep 2021 15:38:53 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:06:02 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.7.4/wp-includes/js/jquery/ 87 KB
30 KB 83ms
34ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.4/wp-includes/js/jquery/jquery.min.js

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 03 Dec 2021 10:06:02 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:06:02 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.7.4/wp-includes/js/jquery/ 11 KB
4 KB 83ms
34ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.4/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 03 Dec 2021 10:06:02 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:06:02 GMT

GET
H2 200 main.js Show response
mcit.gov.ws/wp-content/plugins/sitespeaker-widget/ 4 KB
2 KB 334ms
331ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/sitespeaker-widget/main.js?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

cd65539b75f37f4c62aba49b6716e72fc24968f1eb1e132017910058f7f6b2ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Tue, 15 Jun 2021 02:11:34 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 1491
expires: Fri, 03 Dec 2021 16:06:02 GMT

GET
H2 200 related-posts.min.js Show response
c0.wp.com/p/jetpack/10.1/_inc/build/related-posts/ 6 KB
2 KB 83ms
34ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.1/_inc/build/related-posts/related-posts.min.js

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9c6975c674a7c3077bd95750428313e78b92d370b90ca5a303b627c71d2afcf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 03 Dec 2021 10:06:02 GMT
content-encoding: br
last-modified: Tue, 25 May 2021 17:58:16 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:06:02 GMT

GET
H2 200 frontend-gtag.min.js Show response
mcit.gov.ws/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 12 KB
4 KB 332ms
329ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.2.0

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

e69d17966c87ced93f60016674f0e6b10786838cfc6973e34e195649166b225e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 03 Nov 2021 22:02:13 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 3785
expires: Fri, 03 Dec 2021 16:06:02 GMT

GET
H2 200 e2pdf.frontend.js Show response
mcit.gov.ws/wp-content/plugins/e2pdf/js/ 5 KB
1 KB 345ms
343ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/e2pdf/js/e2pdf.frontend.js?ver=1.16.28

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

13fb71a9a9faad4058a02db638640a5b48f9500032195d508209ec542d712bdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:36:23 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 1323
expires: Fri, 03 Dec 2021 16:06:02 GMT

GET
H2 200 jquery.themepunch.tools.min.js Show response
mcit.gov.ws/wp-content/plugins/revslider/public/assets/js/ 108 KB
47 KB 345ms
343ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:05:19 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
expires: Fri, 03 Dec 2021 16:06:02 GMT

GET
H2 200 jquery.themepunch.revolution.min.js Show response
mcit.gov.ws/wp-content/plugins/revslider/public/assets/js/ 63 KB
24 KB 345ms
343ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

27ead7f47a3fb4d1e7cbef0c68e28bde7ea18923cf41d8ca82ba13584eebc710

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:05:19 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
expires: Fri, 03 Dec 2021 16:06:02 GMT

GET
H2 200 owlCarousel.js Show response
mcit.gov.ws/wp-content/themes/construct/assets/js/ 23 KB
8 KB 344ms
342ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/themes/construct/assets/js/owlCarousel.js?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:02:34 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 8124
expires: Fri, 03 Dec 2021 16:06:02 GMT

GET
H2 200 cube.portfolio.js Show response
mcit.gov.ws/wp-content/themes/construct/assets/js/ 69 KB
25 KB 345ms
343ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/themes/construct/assets/js/cube.portfolio.js?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

b1cb01db3d168b3ddbd6bf379672e458b05418170ae4735bb2eed879c520dcce

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:02:34 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:02 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
expires: Fri, 03 Dec 2021 16:06:02 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 147ms
74ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mcit.gov.ws/
Origin: https://mcit.gov.ws
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 10:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
access-control-allow-origin: *
cdn-cachedat: 11/15/2021 21:49:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 9d76bb7fb487e4208f32d822c6ba8745
cf-ray: 6b7bfae3d8ee374d-MXP
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Header-MCIT-Logo-C.png
mcit.gov.ws/wp-content/uploads/2019/03/ 42 KB
43 KB 238ms
235ms Image
image/png 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mcit.gov.ws/wp-content/uploads/2019/03/Header-MCIT-Logo-C.png

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

6d54ea418add198200d44ecb57ff76838088014bbad5646276edb1b41fa014d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
x-nginx-cache: WordPress
last-modified: Tue, 19 Mar 2019 22:24:42 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
x-endurance-cache-level: 0
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 43274
expires: Sat, 03 Dec 2022 10:06:04 GMT

GET
H2 200 wp-emoji-release.min.js Show response
mcit.gov.ws/wp-includes/js/ 14 KB
5 KB 421ms
418ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-includes/js/wp-emoji-release.min.js?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 03 Feb 2021 22:00:56 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 4942
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 CROP-ICT-e1636513050563-pfu86qwo4wnzc99fpx6m96nvys8emn8xr5rj1s5j5o.jpg
mcit.gov.ws/wp-content/uploads/bfi_thumb/ 3 KB
3 KB 290ms
287ms Image
image/jpeg 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mcit.gov.ws/wp-content/uploads/bfi_thumb/CROP-ICT-e1636513050563-pfu86qwo4wnzc99fpx6m96nvys8emn8xr5rj1s5j5o.jpg

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

8e987e5bc6849f261f2fe0911d7ee47ec354bee4a3edef4b73c36da1b58f68ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
x-nginx-cache: WordPress
last-modified: Wed, 10 Nov 2021 03:03:48 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
x-endurance-cache-level: 0
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2656
expires: Sat, 03 Dec 2022 10:06:04 GMT

GET
H2 200 PACIFIC-FUSION-pfu7trqvs8wh2240ht91byjsqa6zd2qcaxj7j9e724.jpg
mcit.gov.ws/wp-content/uploads/bfi_thumb/ 2 KB
2 KB 400ms
397ms Image
image/jpeg 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mcit.gov.ws/wp-content/uploads/bfi_thumb/PACIFIC-FUSION-pfu7trqvs8wh2240ht91byjsqa6zd2qcaxj7j9e724.jpg

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

89976b22448d5e41dec0002cfef255acf6e43506087ff5dbf668b318ed234d59

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
x-nginx-cache: WordPress
last-modified: Wed, 10 Nov 2021 02:51:50 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
x-endurance-cache-level: 0
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2127
expires: Sat, 03 Dec 2022 10:06:04 GMT

GET
H2 200 ITU-press-release-pfttqkzy3glmgotv42t1fg2xkk210k8dkl4cbbemgs.jpg
mcit.gov.ws/wp-content/uploads/bfi_thumb/ 2 KB
2 KB 308ms
305ms Image
image/jpeg 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mcit.gov.ws/wp-content/uploads/bfi_thumb/ITU-press-release-pfttqkzy3glmgotv42t1fg2xkk210k8dkl4cbbemgs.jpg

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

20f157665a9c225683813a4e8e1924ad757112d92289a128d55e640d98202482

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
x-nginx-cache: WordPress
last-modified: Tue, 09 Nov 2021 21:36:03 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
x-endurance-cache-level: 0
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2391
expires: Sat, 03 Dec 2022 10:06:04 GMT

GET
H2 200 apt-newsletter-pfs3wmh7gnfi8g5q5e7w6nqy6divombvv42holuvjw.jpg
mcit.gov.ws/wp-content/uploads/bfi_thumb/ 2 KB
2 KB 265ms
263ms Image
image/jpeg 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mcit.gov.ws/wp-content/uploads/bfi_thumb/apt-newsletter-pfs3wmh7gnfi8g5q5e7w6nqy6divombvv42holuvjw.jpg

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

bfb7193aea3f75ab16eb85440d16d84d60358022214d3ffc5975745e12846658

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
x-nginx-cache: WordPress
last-modified: Mon, 08 Nov 2021 21:50:55 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
x-endurance-cache-level: 0
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1888
expires: Sat, 03 Dec 2022 10:06:04 GMT

GET
H2 200 coverDDD-pf4ofbxdozmt9bfw4tvny8hd646sx87z0v6yows3ek.png
mcit.gov.ws/wp-content/uploads/bfi_thumb/ 4 KB
4 KB 412ms
410ms Image
image/png 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mcit.gov.ws/wp-content/uploads/bfi_thumb/coverDDD-pf4ofbxdozmt9bfw4tvny8hd646sx87z0v6yows3ek.png

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

a19b0427e4034655836cc1c392ee9006d78774562e7dc63813f9308710b0e8e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
x-nginx-cache: WordPress
last-modified: Tue, 26 Oct 2021 10:43:22 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
x-endurance-cache-level: 0
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4030
expires: Sat, 03 Dec 2022 10:06:04 GMT

GET
H2 200 rfp-unesco-pe1s25h0khsi4xeaoyetpbq99ubzfme6usnnzqwjek.jpg
mcit.gov.ws/wp-content/uploads/bfi_thumb/ 2 KB
2 KB 412ms
409ms Image
image/jpeg 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mcit.gov.ws/wp-content/uploads/bfi_thumb/rfp-unesco-pe1s25h0khsi4xeaoyetpbq99ubzfme6usnnzqwjek.jpg

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

cf336c45a2703f7789e216a34213f660ec9d6a8a802b83fbefc1c1cec537d5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
x-nginx-cache: WordPress
last-modified: Mon, 04 Oct 2021 02:23:39 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
x-endurance-cache-level: 0
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1965
expires: Sat, 03 Dec 2022 10:06:04 GMT

GET
H2 200 printfriendly.js Show response
cdn.printfriendly.com/ 56 KB
15 KB 110ms
21ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.printfriendly.com/printfriendly.js
Requested by: Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 541b6b40d28280077ea0c9a4dd7aba9dfaa87b55a7039b1241a307d6dfa39e95

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 03 Dec 2021 10:06:04 GMT
content-encoding: br
age: 1
x-guploader-uploadid: ADPycduiKx_ODoyG4RUTluLm6hVT8U0YlazYmzeJBANAEf4-pgMWNTw6m3KVV7d1uKdusbbtZsktegts8Zy83oMssQ
x-77-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-cache: HIT
x-age: 13
x-77-nzt: Abk73BDoi23/DQAAAA==
x-accel-expires: @1638526251
last-modified: Mon, 29 Nov 2021 13:28:43 GMT
server: CDN77-Turbo
x-77-nzt-ray: xNnYYznn2mA=
vary: Accept-Encoding
x-goog-hash: crc32c=YgU3BA==, md5=5GnmAwrdI1yUJObtE+3ZWA==
x-goog-generation: 1638192523489082
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 15689
content-type: application/javascript
expires: Tue, 30 Nov 2021 16:09:41 GMT

GET
H2 200 pdfemb-embed-pdf-4.6.2.css
mcit.gov.ws/wp-content/plugins/pdf-embedder/css/ 9 KB
3 KB 358ms
358ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/pdf-embedder/css/pdfemb-embed-pdf-4.6.2.css?ver=4.6.2

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

60d0996accfe6cefdffca5aad2d0e6ca6789b8f2e85b11b3b6e4ae2831ccc8c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Apr 2021 02:03:09 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:03 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2837
expires: Sun, 02 Jan 2022 10:06:03 GMT

GET
H2 200 common.min.js Show response
mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/js/ 4 KB
1 KB 246ms
246ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/js/common.min.js?ver=3.1.22

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

3b2c127c954d9fcd366aa49b8bd2d4f378711b012a0635cd004ba31563df6b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:37:15 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:03 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 1348
expires: Fri, 03 Dec 2021 16:06:03 GMT

GET
H2 200 core.min.js Show response
c0.wp.com/c/5.7.4/wp-includes/js/jquery/ui/ 20 KB
7 KB 21ms
21ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.4/wp-includes/js/jquery/ui/core.min.js

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 03 Dec 2021 10:06:04 GMT
content-encoding: br
last-modified: Thu, 25 Mar 2021 20:02:19 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:06:04 GMT

GET
H2 200 controlgroup.min.js Show response
c0.wp.com/c/5.7.4/wp-includes/js/jquery/ui/ 4 KB
1 KB 22ms
22ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.4/wp-includes/js/jquery/ui/controlgroup.min.js

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a90b3a79a5605961b73075ac6be9f9624b3c74095d16fd216d4983453f0a480a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 03 Dec 2021 10:06:04 GMT
content-encoding: br
last-modified: Wed, 20 Jan 2021 13:35:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:06:04 GMT

GET
H2 200 checkboxradio.min.js Show response
c0.wp.com/c/5.7.4/wp-includes/js/jquery/ui/ 4 KB
1 KB 26ms
20ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.4/wp-includes/js/jquery/ui/checkboxradio.min.js

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

84f86d633f3e8caebf1946b617e3b7c410528b9b149c9d1d7093bd1b5923c3cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 03 Dec 2021 10:06:04 GMT
content-encoding: br
last-modified: Wed, 20 Jan 2021 13:35:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:06:04 GMT

GET
H2 200 button.min.js Show response
c0.wp.com/c/5.7.4/wp-includes/js/jquery/ui/ 5 KB
2 KB 27ms
20ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.4/wp-includes/js/jquery/ui/button.min.js

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

92c9af7db31c2227c92c12fd8c2b7b51cb19c70bf99f90ce067533adf7b3bb75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 03 Dec 2021 10:06:04 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:06:04 GMT

GET
H2 200 datepicker.min.js Show response
c0.wp.com/c/5.7.4/wp-includes/js/jquery/ui/ 35 KB
10 KB 27ms
20ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.4/wp-includes/js/jquery/ui/datepicker.min.js

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

60e04dcb9483e44801771aab65df07bfa3fabbaf9a4386fd05f568d0e4d8710d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 03 Dec 2021 10:06:04 GMT
content-encoding: br
last-modified: Thu, 25 Mar 2021 20:02:19 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:06:04 GMT

GET
H2 200 menu.min.js Show response
c0.wp.com/c/5.7.4/wp-includes/js/jquery/ui/ 9 KB
3 KB 27ms
21ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.4/wp-includes/js/jquery/ui/menu.min.js

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e94b12cb948d3d2eff43addf04700f8611ba383c00892652dc294a76bec2a105

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 03 Dec 2021 10:06:04 GMT
content-encoding: br
last-modified: Thu, 25 Mar 2021 20:02:19 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:06:04 GMT

GET
H2 200 moment.min.js Show response
c0.wp.com/c/5.7.4/wp-includes/js/dist/vendor/ 57 KB
18 KB 27ms
21ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.4/wp-includes/js/dist/vendor/moment.min.js

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d41cecbb63c831ff24e93201701e144cb9e276a8c4d337d5a53d96c2f2a372d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 03 Dec 2021 10:06:04 GMT
content-encoding: br
last-modified: Thu, 25 Mar 2021 20:02:19 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:06:04 GMT

GET
H2 200 jquery.comiseo.daterangepicker.js Show response
mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/js/jquery-ui-daterangepicker/ 21 KB
7 KB 403ms
397ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/js/jquery-ui-daterangepicker/jquery.comiseo.daterangepicker.js?ver=3.1.22

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

310d2dc6d83d8ec02ccae7ec5947a37259e5838137c450e622dce40f2c236f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:37:15 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 6953
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 content-event-listing.min.js Show response
mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/js/ 5 KB
1020 B 414ms
408ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/js/content-event-listing.min.js?ver=3.1.22

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

b33ad98b7200ea07d4e9a6e41724936a5750bae711e3ca0a5d46b8dcaff69637

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:37:15 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 983
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 jquery.deserialize.js Show response
mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/js/jquery-deserialize/ 4 KB
2 KB 277ms
271ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/js/jquery-deserialize/jquery.deserialize.js?ver=1.2.1

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

2c10dbc11cbab6a92d713a95f2bcd29e26654747470901a17d94f7c32460c34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:37:15 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 1506
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 event-ajax-filters.min.js Show response
mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/js/ 8 KB
3 KB 259ms
254ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/js/event-ajax-filters.min.js?ver=3.1.22

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

7ce632879b4aecd23badcdd61b01c5416e6470a9474fa2300d48d400f170b6bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:37:15 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 2633
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/10.1/_inc/build/photon/ 758 B
425 B 29ms
23ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.1/_inc/build/photon/photon.min.js

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 03 Dec 2021 10:06:04 GMT
content-encoding: br
last-modified: Tue, 31 Mar 2020 17:26:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:06:04 GMT

GET
H2 200 wp-polyfill.min.js Show response
c0.wp.com/c/5.7.4/wp-includes/js/dist/vendor/ 97 KB
32 KB 29ms
24ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.4/wp-includes/js/dist/vendor/wp-polyfill.min.js

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 03 Dec 2021 10:06:04 GMT
content-encoding: br
last-modified: Mon, 29 Jun 2020 11:50:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:06:04 GMT

GET
H2 200 index.js Show response
mcit.gov.ws/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 215ms
210ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 25 Aug 2021 19:10:11 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 5097
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 jquery.timepicker.min.js Show response
mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/js/jquery-timepicker/ 15 KB
6 KB 379ms
374ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/wp-event-manager/assets/js/jquery-timepicker/jquery.timepicker.min.js?ver=3.1.22

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

053ebaffd4512d6dd320e37994c6308512ea70d8a206ede7fad84d610632d9d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:37:15 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 6318
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 popper.min.js Show response
mcit.gov.ws/wp-content/plugins/ht-mega-for-elementor/assets/js/ 19 KB
8 KB 241ms
236ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/ht-mega-for-elementor/assets/js/popper.min.js?ver=1.6.5

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:36:29 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 8053
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 htbbootstrap.js Show response
mcit.gov.ws/wp-content/plugins/ht-mega-for-elementor/assets/js/ 61 KB
17 KB 389ms
384ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/ht-mega-for-elementor/assets/js/htbbootstrap.js?ver=1.6.5

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

a08f70192e175e56a5b8b010f2573e5300087f3fe8f9aa9c161f7104b1cb78ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:36:29 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 17189
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 waypoints.min.js Show response
mcit.gov.ws/wp-content/plugins/js_composer/assets/lib/waypoints/ 8 KB
3 KB 232ms
227ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.5.2

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

8d73392f1f569c51f57b7f9a30278358484f1795584aa2cd540e5b8ea650593e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:04:21 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 3126
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 bootstrap.min.js Show response
mcit.gov.ws/wp-content/themes/construct/assets/js/ 36 KB
14 KB 414ms
409ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/themes/construct/assets/js/bootstrap.min.js?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:02:34 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 14401
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 animsition.js Show response
mcit.gov.ws/wp-content/themes/construct/assets/js/ 5 KB
2 KB 432ms
428ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/themes/construct/assets/js/animsition.js?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

e660e91fb1e4381d50141952b02a5bec468153e2c288f2b2274a10d31d6a769b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:02:34 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 2150
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 plugins.js Show response
mcit.gov.ws/wp-content/themes/construct/assets/js/ 44 KB
19 KB 310ms
305ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/themes/construct/assets/js/plugins.js?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

619512b6a0f5b62b25e45ae2ef6b5b97563bc34c76ec8cf2b15bad096a156675

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:02:34 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 countTo.js Show response
mcit.gov.ws/wp-content/themes/construct/assets/js/ 3 KB
992 B 422ms
417ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/themes/construct/assets/js/countTo.js?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

474754d75548fad740bb581e4b0596cb9a1c0b47cfc03f8a6e273cc6da9b9080

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:02:34 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 955
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 vegas.js Show response
mcit.gov.ws/wp-content/themes/construct/assets/js/ 10 KB
4 KB 412ms
408ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/themes/construct/assets/js/vegas.js?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

2aac92b7b250274fdb2d7a759e0706ea8df17dbc1eae29c5385af4f94fde5c0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:02:34 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 3775
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 typed.js Show response
mcit.gov.ws/wp-content/themes/construct/assets/js/ 12 KB
5 KB 413ms
409ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/themes/construct/assets/js/typed.js?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

d18b50f00c0f0df8d007c0b2786541e8aff5463b344621bff668dde051954eb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:02:34 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 4841
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 fitText.js Show response
mcit.gov.ws/wp-content/themes/construct/assets/js/ 1 KB
631 B 413ms
408ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/themes/construct/assets/js/fitText.js?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

2dc4deb4bde9740c81eba4a5534221a57a20fe2240a50612109e0f3ffd917109

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:02:34 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 594
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 jquery.flexslider-min.js Show response
mcit.gov.ws/wp-content/plugins/js_composer/assets/lib/bower/flexslider/ 21 KB
8 KB 431ms
427ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/js_composer/assets/lib/bower/flexslider/jquery.flexslider-min.js?ver=5.5.2

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

0c853c2cc205bafe5d893017b6a03a2acf0f04a11b85f80605514cf0ae540fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:04:21 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 8368
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 main.js Show response
mcit.gov.ws/wp-content/themes/construct/assets/js/ 37 KB
9 KB 443ms
439ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/themes/construct/assets/js/main.js?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

193d36831feb2e2630e8cd67e74c72057091631fa565dc174b44246c5d3eb940

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:02:34 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 9501
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 intersection-observer.js Show response
mcit.gov.ws/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 9 KB
4 KB 421ms
417ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?ver=1.1.3

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

550bee253a00a7e6089b3aa136a1f21d904592e93ee0740f08d4d36e4b1dcbe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:36:35 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 3642
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 lazy-images.js Show response
mcit.gov.ws/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 2 KB
1 KB 428ms
424ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?ver=1.1.3

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 23 Sep 2021 02:36:35 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 1131
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.7.4/wp-includes/js/ 1 KB
696 B 28ms
24ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.4/wp-includes/js/wp-embed.min.js

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 03 Dec 2021 10:06:04 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:06:04 GMT

GET
H2 200 all-pdfemb-basic-4.6.2.min.js Show response
mcit.gov.ws/wp-content/plugins/pdf-embedder/js/ 19 KB
7 KB 431ms
427ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/pdf-embedder/js/all-pdfemb-basic-4.6.2.min.js?ver=5.7.4

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

e1533980f7aa3b907bb9d20fdb5778389cd13b3c15621019b5f9b6cc96eba2c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Apr 2021 02:03:09 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
content-length: 7266
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 pdf-4.6.2.min.js Show response
mcit.gov.ws/wp-content/plugins/pdf-embedder/js/pdfjs/ 327 KB
122 KB 496ms
493ms Script
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/pdf-embedder/js/pdfjs/pdf-4.6.2.min.js?ver=4.6.2

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

a9b7cd90e1981d947af48dd7d93e6a285d2908a837265f47d9f78aea9ada76ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Apr 2021 02:03:09 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 comment-reply.min.js Show response
c0.wp.com/c/5.7.4/wp-includes/js/ 3 KB
1 KB 27ms
24ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.4/wp-includes/js/comment-reply.min.js

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 03 Dec 2021 10:06:04 GMT
content-encoding: br
last-modified: Thu, 25 Mar 2021 20:02:19 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:06:04 GMT

GET
H2 200 sharing.min.js Show response
c0.wp.com/p/jetpack/10.1/_inc/build/sharedaddy/ 12 KB
4 KB 27ms
24ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.1/_inc/build/sharedaddy/sharing.min.js

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

80ee2d8ce5d2a3f78fc3b8eaa67bc266645c58b96d8a804556f1e6cb8737d0cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 03 Dec 2021 10:06:04 GMT
content-encoding: br
last-modified: Tue, 26 Jan 2021 16:25:48 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:06:04 GMT

GET
H2 200 e-202148.js Show response
stats.wp.com/ 9 KB
3 KB 75ms
22ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202148.js
Requested by: Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT ams
date: Fri, 03 Dec 2021 10:06:04 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 21 Nov 2022 03:48:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 74ms
21ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-159365476-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3897
date: Fri, 03 Dec 2021 09:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 03 Dec 2021 11:01:07 GMT

GET
H2 200 style.css
mcit.gov.ws/wp-content/themes/construct/ 77 KB
22 KB 170ms
169ms Stylesheet
text/css 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/themes/construct/style.css

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/wp-content/themes/construction-child/style.css?ver=5.7.4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

ed2e6f1873a979a8cd7b5e3988b3061eb421f3ec12cac002d49ba44798412c2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/wp-content/themes/construction-child/style.css?ver=5.7.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:02:35 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:03 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sun, 02 Jan 2022 10:06:03 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 map-small.png
mcit.gov.ws/wp-content/themes/construct/assets/img/ 2 KB
2 KB 403ms
403ms Image
image/png 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mcit.gov.ws/wp-content/themes/construct/assets/img/map-small.png

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/wp-content/themes/construct/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

8df1f817d8e5a7678d76a329bb4b231f4a646ee689d02d4ad97e79b4e8f22303

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/wp-content/themes/construct/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
x-nginx-cache: WordPress
last-modified: Sun, 02 Sep 2018 22:02:34 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
x-endurance-cache-level: 0
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1670
expires: Sat, 03 Dec 2022 10:06:04 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 58ms
57ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://mcit.gov.ws
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 10:06:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 718
access-control-allow-origin: *
cdn-cachedat: 2021-08-02 20:43:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a5260bdadad002efa5dd17301044ef41
accept-ranges: bytes
cf-ray: 6b7bfaeb7f19374d-MXP
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 101ms
48ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i%7CMontserrat%3A300%2C400%2C500%2C600%2C700%26subset%3Dlatin%7CDroid+Serif&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mcit.gov.ws
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 591242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:52:02 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 76ms
23ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mcit.gov.ws
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 21:15:27 GMT
x-content-type-options: nosniff
age: 305437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19868
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:31 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 29 Nov 2022 21:15:27 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 88ms
36ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mcit.gov.ws
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:18:02 GMT
x-content-type-options: nosniff
age: 593282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:18:02 GMT

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c

Request headers

Referer
Origin: https://mcit.gov.ws
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 94ms
42ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mcit.gov.ws
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 07:59:11 GMT
x-content-type-options: nosniff
age: 266813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 07:59:11 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 58ms
28ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1968603638&t=pageview&_s=1&dl=https%3A%2F%2Fmcit.gov.ws%2F2021%2F08%2F06%2Fcs-advisory-ca003-blackbyte-ransomware%2F&ul=en-us&de=UTF-8&dt=CS-Advisory%20%E2%80%93%20Blackbyte%20Ransomware%20%7C%20MCIT&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=324956472&gjid=1822951956&cid=2094773475.1638525964&tid=UA-159365476-1&_gid=1914246086.1638525964&_r=1&gtm=2ouc10&did=dZGIzZG&gdid=dZGIzZG&z=517206947

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mcit.gov.ws/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Dec 2021 10:06:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mcit.gov.ws
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a Show response
key-cdn.printfriendly.com/api/v3/domain_settings/ 167 B
553 B 251ms
166ms Script
text/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://key-cdn.printfriendly.com/api/v3/domain_settings/a?callback=pfMod.saveAdSettings&hostname=mcit.gov.ws&client_version=client
Requested by: Host: cdn.printfriendly.com
URL: https://cdn.printfriendly.com/printfriendly.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 09767fccb55396fc1869129606721e4db0b171d3b1c2f6bbb446d2802ac19745

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 03 Dec 2021 10:06:04 GMT
via: 1.1 google
x-77-nzt-ray: KLC5pFuGIso=
x-77-cache: HIT
x-cache: REVALIDATED
x-age: 123751
content-encoding: br
alt-svc: quic="195.181.174.5:443"; ma=2592000; v="44,43,39", clear
x-request-id: 96dc2e16-9fe1-4c60-b9b9-0e2c35b0fd1e
x-77-nzt: AcO1rgVtUkrOZ+MBAA==
x-runtime: 0.019107
server: CDN77-Turbo
etag: W/"09767fccb55396fc1869129606721e4d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public
x-accel-expires: @1638529564

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 28ms
21ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.1&blog=160309698&post=133316&tz=14&srv=mcit.gov.ws&host=mcit.gov.ws&ref=&fcp=0&rand=0.3038570862164065
Requested by: Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Dec 2021 10:06:04 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 / Show response
mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/ 1 KB
604 B 2139ms
2139ms XHR
application/json 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/?relatedposts=1

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/10.1/_inc/build/related-posts/related-posts.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

9d9fb0ab4cee5bf56efa04aea70d2d8bdaf545e3fff38ba69da75abcacf200de

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
x-requested-with: XMLHttpRequest
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-content-type-options: nosniff
x-nginx-cache: WordPress
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
x-pingback: https://mcit.gov.ws/xmlrpc.php
x-endurance-cache-level: 0
content-type: application/json; charset=utf-8
cache-control: max-age=21600
vary: Accept-Encoding
content-length: 522
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 / Show response
graph.facebook.com/ 244 B
642 B 92ms
40ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?callback=WPCOMSharing.update_facebook_count&ids=https%3A%2F%2Fmcit.gov.ws%2F2021%2F08%2F06%2Fcs-advisory-ca003-blackbyte-ransomware%2F

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/10.1/_inc/build/sharedaddy/sharing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3687924532c884e25b4e53f85e49af039308bb841defab89a1e6bf81f95fdb50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1004804739
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 181
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: C89kWW+Yd841VjYUigz3qyZQyy9u12a2QU7zFHHi4wQsxHoxcbjk7GbX9WQ8rx9Nztvly2yfJ20VDRgT2Domdw==
x-fb-trace-id: FOmzNwgzOUf
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AXmvOnbgW9mE-2utspeChkH
cache-control: no-store
facebook-api-version: v5.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
75 B 25ms
22ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=facebook&r=0.30022937041934883
Requested by: Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Dec 2021 10:06:04 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 bootstrap.min.js Show response
assets.sitespeaker.link/embed/js/ 372 B
810 B 710ms
647ms XHR
application/javascript 143.204.98.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.sitespeaker.link/embed/js/bootstrap.min.js
Requested by: Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.4/wp-includes/js/jquery/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-68.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f5ac17a4c97674041f6b16102ebe3f83a48d0c11f7a11010b732940a86e416fd

Request headers

Accept: */*
Referer: https://mcit.gov.ws/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 10:06:06 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 372
last-modified: Sat, 05 Jun 2021 16:41:28 GMT
server: AmazonS3
etag: "dbe9669c843c7eb3ad55d659bbdc6705"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800,public
accept-ranges: bytes
x-amz-cf-id: C6VIJmRH41qT_uDFSWASrLQGjaNn8hfBOpayjELTmtqoed4NNvmlAw==

GET
H2 200 printfriendly-pdf-button.png
i2.wp.com/cdn.printfriendly.com/buttons/ 1004 B
1 KB 75ms
23ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/cdn.printfriendly.com/buttons/printfriendly-pdf-button.png?w=640&ssl=1

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

6105b2533b5c9cd0609dce7d9f3ea4737e6140f2d2c2f61d1cd05989c651d600

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 10:06:04 GMT
x-content-type-options: nosniff
x-bytes-saved: 1461
content-length: 1004
x-nc: HIT ams 4
last-modified: Wed, 10 Jun 2020 20:51:12 GMT
server: nginx
etag: "6b49eae78efcad3c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://cdn.printfriendly.com/buttons/printfriendly-pdf-button.png>; rel="canonical"
expires: Sat, 11 Jun 2022 08:51:12 GMT

GET
H2 200 pdf-4.6.2.worker.min.js
mcit.gov.ws/wp-content/plugins/pdf-embedder/js/pdfjs/ 754 KB
289 KB 372ms
372ms Other
application/javascript 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/plugins/pdf-embedder/js/pdfjs/pdf-4.6.2.worker.min.js?ver=4.6.2

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

205187854f041ee1447896c8b120aed28ba61fcd43cb9f58a39b889790225b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Apr 2021 02:03:09 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:04 GMT
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
expires: Fri, 03 Dec 2021 16:06:04 GMT

GET
H2 200 SamCERT_CA003_Aug_06_2021.pdf Show response
mcit.gov.ws/wp-content/uploads/2021/08/ 507 KB
507 KB 367ms
367ms Fetch
application/pdf 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/uploads/2021/08/SamCERT_CA003_Aug_06_2021.pdf

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/wp-content/plugins/pdf-embedder/js/pdfjs/pdf-4.6.2.min.js?ver=4.6.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

947b99f6d4a677180b4a0f251119a70058a05d9fa6388adb07f64808e2f535fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
x-nginx-cache: WordPress
last-modified: Thu, 19 Aug 2021 02:30:16 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:05 GMT
x-endurance-cache-level: 0
content-type: application/pdf
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 518684
expires: Sun, 02 Jan 2022 10:06:05 GMT

GET
H2 206 SamCERT_CA003_Aug_06_2021.pdf Show response
mcit.gov.ws/wp-content/uploads/2021/08/ 64 KB
64 KB 186ms
185ms Fetch
application/pdf 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/uploads/2021/08/SamCERT_CA003_Aug_06_2021.pdf

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/wp-content/plugins/pdf-embedder/js/pdfjs/pdf-4.6.2.min.js?ver=4.6.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

c1c41c8b4f31d2468a017830b8f22e0c542d5bd44db07a49e3a2ff54f1f6d9ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
range: bytes=0-65535

Response headers

strict-transport-security: max-age=604800
x-nginx-cache: WordPress
last-modified: Thu, 19 Aug 2021 02:30:16 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:05 GMT
x-endurance-cache-level: 0
content-type: application/pdf
Content-Range: bytes 0-65535/518684
cache-control: max-age=2592000
accept-ranges: bytes
Content-Length: 65536
expires: Sun, 02 Jan 2022 10:06:05 GMT

GET
H2 206 SamCERT_CA003_Aug_06_2021.pdf Show response
mcit.gov.ws/wp-content/uploads/2021/08/ 59 KB
59 KB 167ms
167ms Fetch
application/pdf 192.185.39.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://mcit.gov.ws/wp-content/uploads/2021/08/SamCERT_CA003_Aug_06_2021.pdf

Requested by

Host: mcit.gov.ws
URL: https://mcit.gov.ws/wp-content/plugins/pdf-embedder/js/pdfjs/pdf-4.6.2.min.js?ver=4.6.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.39.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

autolease-uae.com

Software

Apache /

Resource Hash

2828b81e0f4416a11b8a766dec143ce4420cef5a2059360e596d688a81401a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://mcit.gov.ws/2021/08/06/cs-advisory-ca003-blackbyte-ransomware/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
range: bytes=458752-518683

Response headers

strict-transport-security: max-age=604800
x-nginx-cache: WordPress
last-modified: Thu, 19 Aug 2021 02:30:16 GMT
server: Apache
date: Fri, 03 Dec 2021 10:06:05 GMT
x-endurance-cache-level: 0
content-type: application/pdf
Content-Range: bytes 458752-518683/518684
cache-control: max-age=2592000
accept-ranges: bytes
Content-Length: 59932
expires: Sun, 02 Jan 2022 10:06:05 GMT

GET
BLOB 200
OK 90a0e414-9a74-4a78-a65f-8c6e3e21f66b
https://mcit.gov.ws/ 13 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://mcit.gov.ws/90a0e414-9a74-4a78-a65f-8c6e3e21f66b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d1b116be9b24c1d56c40e03c8bca62f4c4fee43caf157043fb4c0ea67415ebc

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 12865
Content-Type: image/jpeg

GET
BLOB 200
OK 21f40403-648e-4ca1-82f2-3abae735c712
https://mcit.gov.ws/ 13 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://mcit.gov.ws/21f40403-648e-4ca1-82f2-3abae735c712
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d1b116be9b24c1d56c40e03c8bca62f4c4fee43caf157043fb4c0ea67415ebc

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 12865
Content-Type: image/jpeg

GET
BLOB 200
OK 11d52cce-a64d-4751-b8a0-437ec1278912
https://mcit.gov.ws/ 13 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://mcit.gov.ws/11d52cce-a64d-4751-b8a0-437ec1278912
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d1b116be9b24c1d56c40e03c8bca62f4c4fee43caf157043fb4c0ea67415ebc

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 12865
Content-Type: image/jpeg

GET
BLOB 200
OK dd815380-68c4-49a8-9649-ff5ef64685a1
https://mcit.gov.ws/ 13 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://mcit.gov.ws/dd815380-68c4-49a8-9649-ff5ef64685a1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d1b116be9b24c1d56c40e03c8bca62f4c4fee43caf157043fb4c0ea67415ebc

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 12865
Content-Type: image/jpeg

GET
BLOB 200
OK 95d17df7-90de-4b61-80af-9914e77de4ef
https://mcit.gov.ws/ 13 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://mcit.gov.ws/95d17df7-90de-4b61-80af-9914e77de4ef
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d1b116be9b24c1d56c40e03c8bca62f4c4fee43caf157043fb4c0ea67415ebc

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 12865
Content-Type: image/jpeg

GET
BLOB 200
OK a01bebf2-e33d-4411-9d72-3aec9341cd5f
https://mcit.gov.ws/ 13 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://mcit.gov.ws/a01bebf2-e33d-4411-9d72-3aec9341cd5f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d1b116be9b24c1d56c40e03c8bca62f4c4fee43caf157043fb4c0ea67415ebc

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 12865
Content-Type: image/jpeg

GET
BLOB 200
OK 8e5ca5f2-8375-489f-8d0c-42b0bef10c86
https://mcit.gov.ws/ 13 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://mcit.gov.ws/8e5ca5f2-8375-489f-8d0c-42b0bef10c86
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d1b116be9b24c1d56c40e03c8bca62f4c4fee43caf157043fb4c0ea67415ebc

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 12865
Content-Type: image/jpeg

GET
BLOB 200
OK 0f67723a-7b7b-442c-82c0-4db1dd4c33fb
https://mcit.gov.ws/ 13 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://mcit.gov.ws/0f67723a-7b7b-442c-82c0-4db1dd4c33fb
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d1b116be9b24c1d56c40e03c8bca62f4c4fee43caf157043fb4c0ea67415ebc

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 12865
Content-Type: image/jpeg

GET
BLOB 200
OK 9c88c08b-b7df-41c8-9fa5-cd96359de19a
https://mcit.gov.ws/ 64 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://mcit.gov.ws/9c88c08b-b7df-41c8-9fa5-cd96359de19a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbefbe120b6cfb7afc797896378024e3472a585b2cd23b401b7713f04cc8f557

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 65112
Content-Type: image/jpeg

GET
BLOB 200
OK c3dca7cf-3b7e-4886-b04c-1c89a4a7ac73
https://mcit.gov.ws/ 43 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://mcit.gov.ws/c3dca7cf-3b7e-4886-b04c-1c89a4a7ac73
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9564a121d683f1b480b0d4b4698bea832a20dbb380bb17e4979013e0c4a7ec2b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 43756
Content-Type: image/jpeg

GET
BLOB 200
OK 894bbde6-2045-4b5d-b04f-7d93f70ff5da
https://mcit.gov.ws/ 3 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://mcit.gov.ws/894bbde6-2045-4b5d-b04f-7d93f70ff5da
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 530f24cdb7610555958872bb1b6dce2513e0cd0e7b15f51ef88c931f26d44640

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 3070
Content-Type: image/jpeg

GET
BLOB 200
OK 6461303b-3201-475f-8847-b0619d4f2c3d
https://mcit.gov.ws/ 47 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://mcit.gov.ws/6461303b-3201-475f-8847-b0619d4f2c3d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 958012dc9677fff984d338e072b1fc6c17c62b3ef33ffc7a998ee599a7312016

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 47923
Content-Type: image/jpeg

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mcit.gov.ws/	1970-01-20 16:39:57	Name: _ga Value: GA1.3.2094773475.1638525964
.mcit.gov.ws/	1970-01-19 23:10:12	Name: _gid Value: GA1.3.1914246086.1638525964
.mcit.gov.ws/	1970-01-19 23:08:46	Name: _gat_gtag_UA_159365476_1 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	info	URL: https://mcit.gov.ws/wp-content/plugins/pdf-embedder/js/pdfjs/pdf-4.6.2.worker.min.js?ver=4.6.2 Message: Warning: TT: undefined function: 32

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=604800

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.sitespeaker.link
c0.wp.com
cdn.printfriendly.com
fonts.googleapis.com
fonts.gstatic.com
graph.facebook.com
i2.wp.com
key-cdn.printfriendly.com
maxcdn.bootstrapcdn.com
mcit.gov.ws
pixel.wp.com
stats.wp.com
www.google-analytics.com
www.googletagmanager.com
143.204.98.68
192.0.76.3
192.0.77.2
192.0.77.37
192.185.39.31
2606:4700::6812:bcf
2a00:1450:4001:80e::2008
2a00:1450:4001:827::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::200a
2a02:6ea0:c700::10
2a02:6ea0:c700::11
2a03:2880:f02d:e:face:b00c:0:2
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
053ebaffd4512d6dd320e37994c6308512ea70d8a206ede7fad84d610632d9d3
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
09767fccb55396fc1869129606721e4db0b171d3b1c2f6bbb446d2802ac19745
0ab1646d67611bc61ce6215a21448a31531d2ed735f4dcde4c0142d767b71bdc
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0c853c2cc205bafe5d893017b6a03a2acf0f04a11b85f80605514cf0ae540fe6
0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
13fb71a9a9faad4058a02db638640a5b48f9500032195d508209ec542d712bdb
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
193d36831feb2e2630e8cd67e74c72057091631fa565dc174b44246c5d3eb940
1d1b116be9b24c1d56c40e03c8bca62f4c4fee43caf157043fb4c0ea67415ebc
205187854f041ee1447896c8b120aed28ba61fcd43cb9f58a39b889790225b6b
20f157665a9c225683813a4e8e1924ad757112d92289a128d55e640d98202482
23a57aed407545bd964231bcb511674996bdd28a4f2a57ca66bca72de0bf3d2d
27ead7f47a3fb4d1e7cbef0c68e28bde7ea18923cf41d8ca82ba13584eebc710
2828b81e0f4416a11b8a766dec143ce4420cef5a2059360e596d688a81401a9d
28474ddcbfd7f4ed03058e51750b32468ef55d4279cb02f66af65b5d4c615849
2aac92b7b250274fdb2d7a759e0706ea8df17dbc1eae29c5385af4f94fde5c0b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2c10dbc11cbab6a92d713a95f2bcd29e26654747470901a17d94f7c32460c34f
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2dc4deb4bde9740c81eba4a5534221a57a20fe2240a50612109e0f3ffd917109
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
310d2dc6d83d8ec02ccae7ec5947a37259e5838137c450e622dce40f2c236f8d
34c9c7b0c3bf56eb5f75a833ca9fcdd615c5f12985ef35010c2bb03e3815b80e
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7
3687924532c884e25b4e53f85e49af039308bb841defab89a1e6bf81f95fdb50
3b2c127c954d9fcd366aa49b8bd2d4f378711b012a0635cd004ba31563df6b83
449e2d8b37ae8b7cd0e922b7a32b6c8850527b2bb1e64d1a750551c5ba87c7dd
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
474754d75548fad740bb581e4b0596cb9a1c0b47cfc03f8a6e273cc6da9b9080
4c71cab3e2b7defd9022059c922d2c91359df1ba71dd47e8543b108c70537f25
513658eb0f453ec6a80ffd2b3a51592a42959c53d4b5366330f76bddeff011a0
51771be546bca005afbddc380ae8db13d8c35f1e4a14df04dd628ce9e724629d
530f24cdb7610555958872bb1b6dce2513e0cd0e7b15f51ef88c931f26d44640
541b6b40d28280077ea0c9a4dd7aba9dfaa87b55a7039b1241a307d6dfa39e95
550bee253a00a7e6089b3aa136a1f21d904592e93ee0740f08d4d36e4b1dcbe5
58c636594fb2533e4cdfe29e09c63f7703eeb89d9305dafdb122042ded868840
5af21edd8b55ded8b11bd539e8b3fb342788231f282f3682d4320fe99b1c6073
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60d0996accfe6cefdffca5aad2d0e6ca6789b8f2e85b11b3b6e4ae2831ccc8c0
60e04dcb9483e44801771aab65df07bfa3fabbaf9a4386fd05f568d0e4d8710d
6105b2533b5c9cd0609dce7d9f3ea4737e6140f2d2c2f61d1cd05989c651d600
617e9877ad49e85ede06b9752e55b8ee228c90fcdc2576f8c5180ededc6d709f
619512b6a0f5b62b25e45ae2ef6b5b97563bc34c76ec8cf2b15bad096a156675
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad
6d54ea418add198200d44ecb57ff76838088014bbad5646276edb1b41fa014d8
6fca02b19d20d3d253570d5214277219bf1a30dd97fa4029645e76d50d241912
731632153abc0257d98d744c780cbc28f1e998d552a543619f143035f513d0ba
7544406f2f573e217474cb3bbf072754eff3055feca68bfef07434fd90d15f46
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c57c60903652122ed4d8242367a814fb5d6ce0e8fd4152d38ec7f9bcad039d3
7ce632879b4aecd23badcdd61b01c5416e6470a9474fa2300d48d400f170b6bf
80ee2d8ce5d2a3f78fc3b8eaa67bc266645c58b96d8a804556f1e6cb8737d0cf
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82f306ed641a399e93425dbcfbb6f14fd2b09109916dcc71d067efbdb776b7fa
84f86d633f3e8caebf1946b617e3b7c410528b9b149c9d1d7093bd1b5923c3cb
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8964f1fe20bd22829aa12283e7e59515e7fc658348810e00c55a4c6c1c368628
89976b22448d5e41dec0002cfef255acf6e43506087ff5dbf668b318ed234d59
8cdc53975174314cc55ef7ca7ee80afbf80e724452e4b0fc7e4bea1e43ad4f59
8d73392f1f569c51f57b7f9a30278358484f1795584aa2cd540e5b8ea650593e
8df1f817d8e5a7678d76a329bb4b231f4a646ee689d02d4ad97e79b4e8f22303
8e987e5bc6849f261f2fe0911d7ee47ec354bee4a3edef4b73c36da1b58f68ee
911953fa018ac7d286f1174094b32c039ad1521151bdc794336ded48e1bcbd9c
92c9af7db31c2227c92c12fd8c2b7b51cb19c70bf99f90ce067533adf7b3bb75
947b99f6d4a677180b4a0f251119a70058a05d9fa6388adb07f64808e2f535fe
9564a121d683f1b480b0d4b4698bea832a20dbb380bb17e4979013e0c4a7ec2b
958012dc9677fff984d338e072b1fc6c17c62b3ef33ffc7a998ee599a7312016
9c6975c674a7c3077bd95750428313e78b92d370b90ca5a303b627c71d2afcf3
9d9fb0ab4cee5bf56efa04aea70d2d8bdaf545e3fff38ba69da75abcacf200de
a08f70192e175e56a5b8b010f2573e5300087f3fe8f9aa9c161f7104b1cb78ac
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a19b0427e4034655836cc1c392ee9006d78774562e7dc63813f9308710b0e8e1
a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8
a5cc06b61721c8998f374c5d0e1ce195240b8094133e1091bd2a5c0d25f800a4
a90b3a79a5605961b73075ac6be9f9624b3c74095d16fd216d4983453f0a480a
a9b7cd90e1981d947af48dd7d93e6a285d2908a837265f47d9f78aea9ada76ab
ab81a86600ff8e5478c816ef6929371420f1a801ab30a710cb631f98500678c6
b148915c3848bf48d65b3ae67c81be13e9b2e6365364d9f5e7397cca9ac78cdb
b1cb01db3d168b3ddbd6bf379672e458b05418170ae4735bb2eed879c520dcce
b24151251f091b90d9f1a5c0b7b6103bafc269d86c80c7d528cb55a2a442e25a
b33ad98b7200ea07d4e9a6e41724936a5750bae711e3ca0a5d46b8dcaff69637
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
bd6402497fd4949e3d2591fbcebb4e7bf60463d24427603cce162b073f62d97a
bd83e7253bd3004c2bb22ee4a3fb50b41ce80b37fcfe65b6b06c53039dd1ef57
bfb7193aea3f75ab16eb85440d16d84d60358022214d3ffc5975745e12846658
c1c41c8b4f31d2468a017830b8f22e0c542d5bd44db07a49e3a2ff54f1f6d9ce
c29735146da635af46cac2beba08895d88559a8939db28ad4511b5d69f4a3bf3
cd65539b75f37f4c62aba49b6716e72fc24968f1eb1e132017910058f7f6b2ba
cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c
cf336c45a2703f7789e216a34213f660ec9d6a8a802b83fbefc1c1cec537d5a4
d18b50f00c0f0df8d007c0b2786541e8aff5463b344621bff668dde051954eb7
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d41cecbb63c831ff24e93201701e144cb9e276a8c4d337d5a53d96c2f2a372d1
db958c4699de9db91234cb9c1c564971e5ea43230a7c411546f03e7acd21342b
dc22ae03545c512c391d5dc7d683000cbfaf4d78a8d60b22d806d574804350ca
e1533980f7aa3b907bb9d20fdb5778389cd13b3c15621019b5f9b6cc96eba2c9
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e2b09090ca4c15d60ca4b912153412bd8b3edc7f281e855ce934f46f75e41094
e37f367876ef831bb563ae3953371e2b237a8c05ec13c98ecf6661339298c7dd
e660e91fb1e4381d50141952b02a5bec468153e2c288f2b2274a10d31d6a769b
e69d17966c87ced93f60016674f0e6b10786838cfc6973e34e195649166b225e
e94b12cb948d3d2eff43addf04700f8611ba383c00892652dc294a76bec2a105
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ed2e6f1873a979a8cd7b5e3988b3061eb421f3ec12cac002d49ba44798412c2b
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5ac17a4c97674041f6b16102ebe3f83a48d0c11f7a11010b732940a86e416fd
fa148572d2672e71ea497fc3df43eac4aa513b293ece427699b863e6c155703d
fbef83905a74252a45a5d238f24994d3b17e3739bdb4e11d262d6b7d63fe0bfd
fbefbe120b6cfb7afc797896378024e3472a585b2cd23b401b7713f04cc8f557

mcit.gov.ws Open in urlscan Pro 192.185.39.31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

127 Requests

91 %HTTPS

62 %IPv6

10 Domains

14 Subdomains

14 IPs

2 Countries

2077 kBTransfer

5109 kBSize

3 Cookies

26 Outgoing links

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mcit.gov.ws Open in urlscan Pro
192.185.39.31 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

91 %
HTTPS

62 %
IPv6

10
Domains

14
Subdomains

14
IPs

2
Countries

2077 kB
Transfer

5109 kB
Size

3
Cookies

127 HTTP transactions
2 data transactions