maconsulting.be/itlp/?43127871///////
302 Found 0 B URL User Request GET HTTP/2 maconsulting.be/itlp/?43127871///////
IP
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /itlp/?43127871/////// HTTP/1.1
Host: maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Fri, 08 Dec 2023 03:14:57 GMT
content-type: text/html; charset=UTF-8
content-length: 0
server: fastestcache
edge-cache-engine: varnish
edge-request-id: f93b1048a67f1572998746022975afc2
cache-control: no-store
location: /
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 0
x-request-id: f93b1048a67f1572998746022975afc2
edge-cache-engine-hit: MISS
X-Firefox-Spdy: h2
302 Found 0 B URL User Request GET HTTP/2 IP
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Fri, 08 Dec 2023 03:14:57 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.maconsulting.be/
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 86369f3eb95927906192e08f6bc067bb
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 0
x-request-id: 86369f3eb95927906192e08f6bc067bb
edge-cache-engine-hit: MISS
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/plugins/pagelayer/css/combined.css?ver=1.5.4
200 OK 256 kB URL GET HTTP/2 www.maconsulting.be/wp-content/plugins/pagelayer/css/combined.css?ver=1.5.4
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
Size 256 kB (255640 bytes)
Hash 4f77602dd3ed867bef168c48ada83c5c
5675181e302390c64fe4845d5211fb123a3434ec
63eaaade9cfcae4b29f0a6646e5e0c949dfa43ba41ece8fc717f394b38f4cb62
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/pagelayer/css/combined.css?ver=1.5.4 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: text/css
content-length: 255640
server: fastestcache
edge-cache-engine: varnish
edge-request-id: a14dfb883c54f2a98e1a0584033442b0
last-modified: Mon, 09 Aug 2021 15:00:12 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80058
accept-ranges: bytes
x-request-id: a14dfb883c54f2a98e1a0584033442b0
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-includes/css/dist/block-library/style.min.css?ver=5.8.8
200 OK 81 kB URL GET HTTP/2 www.maconsulting.be/wp-includes/css/dist/block-library/style.min.css?ver=5.8.8
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash 43c4bc05b5e3b0a6684a7c3a52e63590
ed6d95d525a710a82e8b8583e9ba7bce3b2a4722
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8.8 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: text/css
content-length: 80574
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 160b9a50f3ec593d15c0fa589378e2ea
last-modified: Mon, 19 Jul 2021 05:26:58 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80058
accept-ranges: bytes
x-request-id: 160b9a50f3ec593d15c0fa589378e2ea
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=5.5.1
200 OK 3.3 kB URL GET HTTP/2 www.maconsulting.be/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=5.5.1
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (3276), with no line terminators
Hash 1acc6d05dce5567e977de5bb00610c80
72c307774f03749c32c313565da58fa3b8a80830
ae707ec81b142f04b6d5f785a5d4f7e8301bdb62a95288dee1f3e58930d21c7a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=5.5.1 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: text/css
content-length: 3276
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 477f9c9099ff7cb80dac20638e07a4eb
last-modified: Fri, 11 Mar 2022 02:37:55 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80058
accept-ranges: bytes
x-request-id: 477f9c9099ff7cb80dac20638e07a4eb
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=5.5.1
200 OK 182 kB URL GET HTTP/2 www.maconsulting.be/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=5.5.1
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size 182 kB (182136 bytes)
Hash dea45f0e1a9b50b1c50f1839edc47cc6
676a0c017708de6f28abe8f3a52b037a0d2f025d
151c1e1a788f16d0416faa66ca63d7ab79c503508a9a9fded978c0b4de7c50a8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=5.5.1 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: text/css
content-length: 182136
server: fastestcache
edge-cache-engine: varnish
edge-request-id: aa909609bf0f750202780279e5b55e09
last-modified: Fri, 11 Mar 2022 02:37:55 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80058
accept-ranges: bytes
x-request-id: aa909609bf0f750202780279e5b55e09
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
200 OK 265 kB URL User Request GET HTTP/2 IP
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1820), with CRLF, LF line terminators
Size 265 kB (264908 bytes)
Hash 7627f3a27348250143716c6b412c2b7d
406fba3a872ab2bd0d1d02731cba15c84c127a87
dac10f82403803cc4f385108c7883953585151d596112705c3fb1d81128df4b0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:57 GMT
content-type: text/html; charset=UTF-8
server: fastestcache
edge-cache-engine: varnish
edge-request-id: b1fd83321606b7103e60fb16827912f9
link: <https://www.maconsulting.be/wp-json/>; rel="https://api.w.org/", <https://www.maconsulting.be/wp-json/wp/v2/pages/30>; rel="alternate"; type="application/json", <https://www.maconsulting.be/>; rel=shortlink
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 0
accept-ranges: bytes
x-request-id: b1fd83321606b7103e60fb16827912f9
edge-cache-engine-hit: MISS
X-Firefox-Spdy: h2
www.maconsulting.be/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.8
200 OK 4.2 kB URL GET HTTP/2 www.maconsulting.be/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.8
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (4186), with no line terminators
Hash ea958276b7de454bd3c2873f0dc47e5f
b143f6e8e8f79d8f104c26b0057ef5514d763219
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.8 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: text/css
content-length: 4186
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 7d044d30c9a16f74b189efb448311fe1
last-modified: Sat, 08 Jun 2019 01:15:02 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80058
accept-ranges: bytes
x-request-id: 7d044d30c9a16f74b189efb448311fe1
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.6.2
200 OK 18 kB URL GET HTTP/2 www.maconsulting.be/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.6.2
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (17923), with no line terminators
Hash 1cbcc9e85ba99c007f519bf1a67feb58
82d238c9b2a1797c0ad785c01309c49dc1f302af
48052f6267b2e21fb086ad26457c715b3b8b5e8c6fcbcdea42589da06b05e9be
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.6.2 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: text/css
content-length: 17925
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 15eb1ca94fab7a8c59db2bb61f50f6ec
last-modified: Fri, 11 Mar 2022 02:37:49 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80058
accept-ranges: bytes
x-request-id: 15eb1ca94fab7a8c59db2bb61f50f6ec
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.6.2
200 OK 63 kB URL GET HTTP/2 www.maconsulting.be/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.6.2
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (62789), with no line terminators
Hash 7892d7349e74e7dd7fae386eda2dded7
bd31f749a68bfffc0ba299d94b5de5d3803d9b9b
37811d4d55ec74751bcaa643b3a9798f1d577ac2910b63c6ca202c2e36544e05
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.6.2 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: text/css
content-length: 62803
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 5812ff106b759bc359f054cffe81ee61
last-modified: Fri, 11 Mar 2022 02:37:49 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80058
accept-ranges: bytes
x-request-id: 5812ff106b759bc359f054cffe81ee61
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/themes/popularfx/sidebar.css?ver=1.2.0
200 OK 9.4 kB URL GET HTTP/2 www.maconsulting.be/wp-content/themes/popularfx/sidebar.css?ver=1.2.0
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
Hash e378f490f57ef1351b792b91eedd4c00
afc8aa6ae0f9e5dfb543451db51179cae819ffed
5003cf85adf092c554cedfbe8fdd267ccb5a11bc79d1901558901458e3f03cef
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/themes/popularfx/sidebar.css?ver=1.2.0 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: text/css
content-length: 9443
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 140ee423a2a2eb5a92500e7c75f57352
last-modified: Wed, 11 Nov 2020 09:56:46 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80058
accept-ranges: bytes
x-request-id: 140ee423a2a2eb5a92500e7c75f57352
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/uploads/popularfx-templates/financy/style.css?ver=1.2.0
200 OK 26 kB URL GET HTTP/2 www.maconsulting.be/wp-content/uploads/popularfx-templates/financy/style.css?ver=1.2.0
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type assembler source, Unicode text, UTF-8 text, with very long lines (1739)
Hash 30a87823a77a084b6994bec0c3e558ea
65c2cef211dd32c9f2f2b91187d6832160e6566d
7eee1e9b38bbaec1bfc6e037e002c739638f5832041f949f8dc1d3d0fe83db2a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/popularfx-templates/financy/style.css?ver=1.2.0 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: text/css
content-length: 25531
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 7a84be443cb9223bd3a2ad1f9f294ed6
last-modified: Wed, 29 Jul 2020 15:57:58 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80058
accept-ranges: bytes
x-request-id: 7a84be443cb9223bd3a2ad1f9f294ed6
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/plugins/jetpack/css/jetpack.css?ver=10.1.1
200 OK 87 kB URL GET HTTP/2 www.maconsulting.be/wp-content/plugins/jetpack/css/jetpack.css?ver=10.1.1
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (18436)
Hash e4f0b7415be4cdafe06fac59a28df5c9
0d46ecc680f583f52a61c2eae534907ec594df70
4c71cab3e2b7defd9022059c922d2c91359df1ba71dd47e8543b108c70537f25
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=10.1.1 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: text/css
content-length: 87131
server: fastestcache
edge-cache-engine: varnish
edge-request-id: ac0d3281a6df1dcb269a311564da1bc2
last-modified: Tue, 30 May 2023 14:55:20 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80058
accept-ranges: bytes
x-request-id: ac0d3281a6df1dcb269a311564da1bc2
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/uploads/2021/08/logo-MAC.png
200 OK 17 kB URL GET HTTP/2 www.maconsulting.be/wp-content/uploads/2021/08/logo-MAC.png
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash d7b5525d5155a29acf47e2f4671e05a8
45de030c62ee573e55e231f30e21117ed39da5fc
99d2616025a02000fb5434d6610b26ad0ea380d05058d7c0ad119906c8b8a22c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2021/08/logo-MAC.png HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: image/png
content-length: 17272
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 7a129011d342b5da36202e3aca7e6b35
last-modified: Mon, 16 Aug 2021 15:40:02 GMT
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
age: 80057
accept-ranges: bytes
x-request-id: 7a129011d342b5da36202e3aca7e6b35
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 11 kB URL GET HTTP/2 www.maconsulting.be/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: application/javascript
content-length: 11224
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 05475719adcb72829c440a25e8742719
last-modified: Wed, 18 Nov 2020 14:36:06 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80058
accept-ranges: bytes
x-request-id: 05475719adcb72829c440a25e8742719
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
200 OK 90 kB URL GET HTTP/2 www.maconsulting.be/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: application/javascript
content-length: 89521
server: fastestcache
edge-cache-engine: varnish
edge-request-id: bd0225d7e6acced4e36640bcc3931176
last-modified: Wed, 10 Mar 2021 20:37:24 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80058
accept-ranges: bytes
x-request-id: bd0225d7e6acced4e36640bcc3931176
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/uploads/2021/08/home01.jpg
200 OK 32 kB URL GET HTTP/2 www.maconsulting.be/wp-content/uploads/2021/08/home01.jpg
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 700x700, components 3\012- data
Hash 8a82ce894041fa5103f3e49b03037327
1bb0e63bf89d5876198670da9e5da798cba0804c
589d0a51613b74c7428bc400b11634363e64ef812e6e98aeab602b891255f3cd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2021/08/home01.jpg HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: image/jpeg
content-length: 31902
server: fastestcache
edge-cache-engine: varnish
edge-request-id: c01f7ccafe18e8c14d8a48b9b3c185f3
last-modified: Mon, 16 Aug 2021 13:01:17 GMT
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
age: 80057
accept-ranges: bytes
x-request-id: c01f7ccafe18e8c14d8a48b9b3c185f3
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.6.2
200 OK 3.0 kB URL GET HTTP/2 www.maconsulting.be/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.6.2
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 8bc2109ef48cabf7a26b73d7c3536c5f
0e0dfee3a3975eafc3dd55f190d1deb3c6c55d3b
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.6.2 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: application/javascript
content-length: 3037
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 92cceb477f22b6c167a564ed2c62e8a7
last-modified: Fri, 11 Mar 2022 02:37:49 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80057
accept-ranges: bytes
x-request-id: 92cceb477f22b6c167a564ed2c62e8a7
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/uploads/2021/08/client03.jpg
200 OK 12 kB URL GET HTTP/2 www.maconsulting.be/wp-content/uploads/2021/08/client03.jpg
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 1a282d7c3a0348eb736bedb85525a251
17672a6dfeeb30b06388574107e6af53d3cac7e6
053c20768937f275a78085bc220b4485e03684c12c54c3ceb2a9352dde98c1cf
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2021/08/client03.jpg HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: image/jpeg
content-length: 12521
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 8248bf32194181b988c9de722eacffa3
last-modified: Mon, 16 Aug 2021 13:01:21 GMT
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
age: 80057
accept-ranges: bytes
x-request-id: 8248bf32194181b988c9de722eacffa3
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/plugins/pagelayer/js/combined.js?ver=1.5.4
200 OK 110 kB URL GET HTTP/2 www.maconsulting.be/wp-content/plugins/pagelayer/js/combined.js?ver=1.5.4
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (8099), with CRLF, LF line terminators
Size 110 kB (110257 bytes)
Hash fe603118627e5ecf1f117fa61624a4d0
0b1375b3061882ecf64193983918446195c3509f
77044316583c671905533fb448e91a6a3f5f3c6f41557a627574179c0cc537ea
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/pagelayer/js/combined.js?ver=1.5.4 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: application/javascript
content-length: 110257
server: fastestcache
edge-cache-engine: varnish
edge-request-id: d4c714823dbb48dffdadd9d3000b4b7f
last-modified: Tue, 27 Jul 2021 15:09:04 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80058
accept-ranges: bytes
x-request-id: d4c714823dbb48dffdadd9d3000b4b7f
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.6.2
200 OK 9.5 kB URL GET HTTP/2 www.maconsulting.be/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.6.2
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (9151)
Hash 2e96f622673104a3fb67ab56f849c073
f4c17ae4709cad9bc997357581f4e30fc4bbee2c
b49498d1142de7f2e16afc2cd4250d2ba30c5df4de5d291f51d7cf69727efdbe
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.6.2 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: application/javascript
content-length: 9545
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 4dcf2db7b84f721a67305489f8d9563b
last-modified: Fri, 11 Mar 2022 02:37:49 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80057
accept-ranges: bytes
x-request-id: 4dcf2db7b84f721a67305489f8d9563b
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.6.2
200 OK 2.9 kB URL GET HTTP/2 www.maconsulting.be/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.6.2
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (2938), with no line terminators
Hash 51af5d767f0300f23ecec6298b707395
5eb2d3d937fe0392a974937125d0420666b9396c
9c7c023f91428234ca0ea4df1199758686f4dcd04da96ba63571788fb3389c0b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.6.2 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: application/javascript
content-length: 2938
server: fastestcache
edge-cache-engine: varnish
edge-request-id: eacb067d6f005da44dc794c810051406
last-modified: Fri, 11 Mar 2022 02:37:49 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80057
accept-ranges: bytes
x-request-id: eacb067d6f005da44dc794c810051406
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1631792431
200 OK 4.2 kB URL GET HTTP/2 www.maconsulting.be/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1631792431
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (4184), with no line terminators
Hash 5d4894dfb5fa6ce16d2fdd4b48a59650
e6d76d2053d48e018c3da4a01905303582ca3218
92c811b4ac9b3f23ec0c8eadae3be374682a860d290aac9cde2a8a8911b7412c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1631792431 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: application/javascript
content-length: 4184
server: fastestcache
edge-cache-engine: varnish
edge-request-id: d9cff71e0980c3338c54c77e79704c70
last-modified: Thu, 16 Sep 2021 11:40:31 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80057
accept-ranges: bytes
x-request-id: d9cff71e0980c3338c54c77e79704c70
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/themes/popularfx/js/navigation.js?ver=1.2.0
200 OK 3.8 kB URL GET HTTP/2 www.maconsulting.be/wp-content/themes/popularfx/js/navigation.js?ver=1.2.0
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
Hash 17c6146540d761dbecf608e75148fc85
cb3f191f5069f79e0a965d5b139022dfd1887155
07e2a0152bb2da5534afc82a9ae1b0b526d69ca3340c0037ff25735461153c32
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/themes/popularfx/js/navigation.js?ver=1.2.0 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: application/javascript
content-length: 3848
server: fastestcache
edge-cache-engine: varnish
edge-request-id: d5d83b17a811518bc4d9c0b49759b3bc
last-modified: Wed, 11 Nov 2020 09:56:46 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80057
accept-ranges: bytes
x-request-id: d5d83b17a811518bc4d9c0b49759b3bc
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.6.2
200 OK 1.8 kB URL GET HTTP/2 www.maconsulting.be/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.6.2
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (1668)
Hash d0a6d8547c66b0d7b0172466558d1208
ff93916519c7b9483251f609e4d29f38c30a66e3
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.6.2 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: application/javascript
content-length: 1834
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 56c2e823e21b023e81842dc867251ca0
last-modified: Fri, 11 Mar 2022 02:37:49 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80057
accept-ranges: bytes
x-request-id: 56c2e823e21b023e81842dc867251ca0
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.6.2
200 OK 2.1 kB URL GET HTTP/2 www.maconsulting.be/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.6.2
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (2139), with no line terminators
Hash b72c1cbb1530a011a27bd9800f26765a
27b825c5d8255f33b8427a059d4545ebd65e1746
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.6.2 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: application/javascript
content-length: 2139
server: fastestcache
edge-cache-engine: varnish
edge-request-id: f93971695c4d533bbb98ab4274627fb9
last-modified: Fri, 11 Mar 2022 02:37:49 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80057
accept-ranges: bytes
x-request-id: f93971695c4d533bbb98ab4274627fb9
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-includes/js/wp-embed.min.js?ver=5.8.8
200 OK 1.5 kB URL GET HTTP/2 www.maconsulting.be/wp-includes/js/wp-embed.min.js?ver=5.8.8
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (1443)
Hash 7c5c36baa69fcdb57bd891cda90920b3
9d8b3df7a4fa2968403290d69a60b2eab20734f5
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/wp-embed.min.js?ver=5.8.8 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: application/javascript
content-length: 1478
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 7f9c20c7153141dc8668cfdaaea7be82
last-modified: Wed, 17 May 2023 03:19:27 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80057
accept-ranges: bytes
x-request-id: 7f9c20c7153141dc8668cfdaaea7be82
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/uploads/2021/08/client01.jpg
200 OK 36 kB URL GET HTTP/2 www.maconsulting.be/wp-content/uploads/2021/08/client01.jpg
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 630x630, components 3\012- data
Hash 004e30ea20143187ec1968edcafd1e8d
6e3cb99b18eca979cd69626cffa9a8ab79bf1c2c
65d6513324d906993200c4cccfee41c66153f21e4fded52183c35875a2858f78
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2021/08/client01.jpg HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: image/jpeg
content-length: 35498
server: fastestcache
edge-cache-engine: varnish
edge-request-id: cd31b69318976ce4c5eba32fd693d9e9
last-modified: Mon, 16 Aug 2021 13:01:22 GMT
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
age: 80057
accept-ranges: bytes
x-request-id: cd31b69318976ce4c5eba32fd693d9e9
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/uploads/2021/08/staff01.jpg
200 OK 32 kB URL GET HTTP/2 www.maconsulting.be/wp-content/uploads/2021/08/staff01.jpg
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x804, components 3\012- data
Hash 5b5567444ae73a897280823db36c0360
90d86bc52b33df0d081c6079679dc4226f93e8b8
84db5241ee7288fc8a0845f7c85bf3dc61f22187db55ee525155d9954796bf8c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2021/08/staff01.jpg HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: image/jpeg
content-length: 32483
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 78879e15f23c7e265216547295a9aa0b
last-modified: Mon, 16 Aug 2021 13:01:17 GMT
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
age: 80057
accept-ranges: bytes
x-request-id: 78879e15f23c7e265216547295a9aa0b
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/uploads/2021/08/client02.jpg
200 OK 39 kB URL GET HTTP/2 www.maconsulting.be/wp-content/uploads/2021/08/client02.jpg
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 630x630, components 3\012- data
Hash a632628ef1f998acb55331e6c2ace6ff
8d0ec926760de2116fb5d6861023bfc70e248842
453822bf4335507e91ad6992bf04fd491b2ce52bdb4b10a56afd4ed263371c45
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2021/08/client02.jpg HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: image/jpeg
content-length: 38759
server: fastestcache
edge-cache-engine: varnish
edge-request-id: f7a5ad45d9cca442c9717bee98ccc227
last-modified: Mon, 16 Aug 2021 13:01:22 GMT
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
age: 80057
accept-ranges: bytes
x-request-id: f7a5ad45d9cca442c9717bee98ccc227
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/uploads/2021/08/staff03.jpg
200 OK 55 kB URL GET HTTP/2 www.maconsulting.be/wp-content/uploads/2021/08/staff03.jpg
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x804, components 3\012- data
Hash 63ded3100df28f20c347cbdf9e863a47
4873db6beb334c7bf92f416bbf068004d559b488
b4d3fda58e7052d5d107186c614b05837b6ee9a06ae6a1c5e1a20848976271dc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2021/08/staff03.jpg HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: image/jpeg
content-length: 54843
server: fastestcache
edge-cache-engine: varnish
edge-request-id: fe1a5e2733e963db766b25a50ab40e8c
last-modified: Mon, 16 Aug 2021 13:01:22 GMT
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
age: 80057
accept-ranges: bytes
x-request-id: fe1a5e2733e963db766b25a50ab40e8c
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/uploads/2021/08/staff02.jpg
200 OK 34 kB URL GET HTTP/2 www.maconsulting.be/wp-content/uploads/2021/08/staff02.jpg
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x804, components 3\012- data
Hash 18fb65b92a88de8ae249dd2cf75591d4
d334bdc41710e20fa576c1c220a7062181f7ca87
384a4df80cb38d8c6138f30198d4a8983a577d6866452ba26abfebd8496e57a7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2021/08/staff02.jpg HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: image/jpeg
content-length: 34358
server: fastestcache
edge-cache-engine: varnish
edge-request-id: b2b97d742cb858a9cbef38c47c93d8e7
last-modified: Mon, 16 Aug 2021 13:01:21 GMT
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
age: 80057
accept-ranges: bytes
x-request-id: b2b97d742cb858a9cbef38c47c93d8e7
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
stats.wp.com/e-202349.js
200 OK 21 kB IP
Requested by https://www.maconsulting.be/
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (6931), with no line terminators
Hash 2567b82fc5b4900c78be291e6a957e99
114ec9e929313111ec06f33e342205c52cce5b11
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
GET /e-202349.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: application/javascript
vary: Accept-Encoding
x-minify: t
x-minify-cache: hit
etag: W/13576-1684461103136.7104
content-encoding: br
expires: Sat, 30 Nov 2024 21:59:05 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.6.2
200 OK 7.0 kB URL GET HTTP/2 www.maconsulting.be/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.6.2
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (7043), with no line terminators
Hash 456663a286a204386735fd775542a59e
0a61620b88f4ae0fa7d71e2c7a014ea2c3ab5749
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.6.2 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: text/css
content-length: 7043
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 66ff89e66d7d491bef04e06ed1a51046
last-modified: Fri, 11 Mar 2022 02:37:49 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80058
accept-ranges: bytes
x-request-id: 66ff89e66d7d491bef04e06ed1a51046
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/uploads/2021/09/essaimac.jpeg
200 OK 45 kB URL GET HTTP/2 www.maconsulting.be/wp-content/uploads/2021/09/essaimac.jpeg
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x720, components 3\012- data
Hash bb8e9b2b9232d9ae738a089896b97e85
7b5fd045665c07f1525158f04e305e8523813727
f92dc9a934942bd15b70cdff71642ef33934ff90d7752a3e5f465f6fc08296ab
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2021/09/essaimac.jpeg HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: image/jpeg
content-length: 45334
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 4009a66d48f479d2827ca18654a453bf
last-modified: Sat, 18 Sep 2021 17:35:30 GMT
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
age: 80057
accept-ranges: bytes
x-request-id: 4009a66d48f479d2827ca18654a453bf
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/uploads/2021/08/home-bg01.jpg
200 OK 22 kB URL GET HTTP/2 www.maconsulting.be/wp-content/uploads/2021/08/home-bg01.jpg
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x334, components 3\012- data
Hash abf88d28b8f6df554832600c0667ec61
bc40ccaf1fbec17b43b510df2b3f9a48867dde29
8b0b0ae6437aff27f53670921510ea35c0a322372c05427d85d5d8f951501b39
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2021/08/home-bg01.jpg HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: image/jpeg
content-length: 21742
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 357fa4e8b23d09b751197a4cd000b7a3
last-modified: Mon, 16 Aug 2021 13:01:21 GMT
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
age: 80057
accept-ranges: bytes
x-request-id: 357fa4e8b23d09b751197a4cd000b7a3
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
Requested by https://www.maconsulting.be/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 48208, version 1.0\012- data
Hash c49b7c3643f781d71645c5a40a78b5bf
e71138026b38afc443fb60da5ffc2244c4f5eb11
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
GET /s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.maconsulting.be
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 16:03:24 GMT
expires: Fri, 06 Dec 2024 16:03:24 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
content-type: font/woff2
age: 40295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
200 OK 7.8 kB URL GET HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
IP
Requested by https://www.maconsulting.be/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 7824, version 1.0\012- data
Hash af4d371a10271dafeb343f1eace762bc
6d11d743bc3cfb169d70bc86450f18351dc1a905
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
GET /s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.maconsulting.be
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:57:27 GMT
expires: Fri, 06 Dec 2024 15:57:27 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:52:02 GMT
content-type: font/woff2
age: 40652
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
Requested by https://www.maconsulting.be/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 48208, version 1.0\012- data
Hash c49b7c3643f781d71645c5a40a78b5bf
e71138026b38afc443fb60da5ffc2244c4f5eb11
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
GET /s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.maconsulting.be
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 16:03:24 GMT
expires: Fri, 06 Dec 2024 16:03:24 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
content-type: font/woff2
age: 40295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
200 OK 7.9 kB URL GET HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
Requested by https://www.maconsulting.be/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.maconsulting.be
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 05:00:07 GMT
expires: Fri, 06 Dec 2024 05:00:07 GMT
cache-control: public, max-age=31536000
age: 80092
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
200 OK 7.8 kB URL GET HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
Requested by https://www.maconsulting.be/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.maconsulting.be
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:54:30 GMT
expires: Fri, 06 Dec 2024 15:54:30 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
age: 40829
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
200 OK 7.7 kB URL GET HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
Requested by https://www.maconsulting.be/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.maconsulting.be
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 05:13:52 GMT
expires: Fri, 06 Dec 2024 05:13:52 GMT
cache-control: public, max-age=31536000
age: 79267
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v29/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCIPrE.woff2
200 OK 23 kB URL GET HTTP/2 fonts.gstatic.com/s/raleway/v29/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCIPrE.woff2
IP
Requested by https://www.maconsulting.be/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 22680, version 1.0\012- data
Hash 79d692afccb3e3fefd2371a7fdc26baf
00d4ab2275f47f1c42590e955b94b2d7951c4230
cdb9f92dad1013de7fd56d59eba4c69f50bbb446cc03d3cf03e376b582a51a2b
GET /s/raleway/v29/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCIPrE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.maconsulting.be
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22680
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:43:35 GMT
expires: Fri, 06 Dec 2024 15:43:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:23:26 GMT
content-type: font/woff2
age: 41484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
Requested by https://www.maconsulting.be/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 48208, version 1.0\012- data
Hash c49b7c3643f781d71645c5a40a78b5bf
e71138026b38afc443fb60da5ffc2244c4f5eb11
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
GET /s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.maconsulting.be
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 16:03:24 GMT
expires: Fri, 06 Dec 2024 16:03:24 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
content-type: font/woff2
age: 40295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
Requested by https://www.maconsulting.be/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 48208, version 1.0\012- data
Hash c49b7c3643f781d71645c5a40a78b5bf
e71138026b38afc443fb60da5ffc2244c4f5eb11
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
GET /s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.maconsulting.be
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 16:03:24 GMT
expires: Fri, 06 Dec 2024 16:03:24 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
content-type: font/woff2
age: 40295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/plugins/pagelayer/fonts/fa-brands-400.woff2
200 OK 76 kB URL GET HTTP/2 www.maconsulting.be/wp-content/plugins/pagelayer/fonts/fa-brands-400.woff2
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 75336, version 330.32636\012- data
Hash cca9a5319386641f134407308add7011
fa8b1e74b1c38d003b1d28dacc1bdb7932558791
0bbed61ca938ebd555e020a654aa22a7d7ef70d3b6e63cef93ed68c2b5d39238
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/pagelayer/fonts/fa-brands-400.woff2 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/wp-content/plugins/pagelayer/css/combined.css?ver=1.5.4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:59 GMT
content-type: font/woff2
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 29b9c0df1d357fd51c9da70ece413a20
last-modified: Mon, 18 Nov 2019 12:01:10 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 0
accept-ranges: bytes
x-request-id: 29b9c0df1d357fd51c9da70ece413a20
edge-cache-engine-hit: MISS
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&j=1%3A10.1.1&blog=197670137&post=30&tz=0&srv=www.maconsulting.be&host=www.maconsulting.be&ref=&fcp=2463&rand=0.20454141048427177
200 OK 50 B URL GET HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A10.1.1&blog=197670137&post=30&tz=0&srv=www.maconsulting.be&host=www.maconsulting.be&ref=&fcp=2463&rand=0.20454141048427177
IP
Requested by https://www.maconsulting.be/
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A10.1.1&blog=197670137&post=30&tz=0&srv=www.maconsulting.be&host=www.maconsulting.be&ref=&fcp=2463&rand=0.20454141048427177 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 03:14:59 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.maconsulting.be/favicon.ico
302 Found 0 B URL GET HTTP/2 www.maconsulting.be/favicon.ico
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Fri, 08 Dec 2023 03:14:59 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.maconsulting.be/wp-includes/images/w-logo-blue-white-bg.png
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 00b532df3ba2d838d497c3547cf84e87
link: <https://www.maconsulting.be/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 0
x-request-id: 00b532df3ba2d838d497c3547cf84e87
edge-cache-engine-hit: MISS
X-Firefox-Spdy: h2
www.maconsulting.be/?wc-ajax=get_refreshed_fragments
200 OK 127 B URL POST HTTP/2 www.maconsulting.be/?wc-ajax=get_refreshed_fragments
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 21f27aa533b58c6147246aecf34dc6ba
c6582367fb4708bc54095008c023bcd0cbf240bf
a8b04509d8b1a35314d19eae7475024cb56f6caeeb2edf0691e151b6e4106a8b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://www.maconsulting.be
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:59 GMT
content-type: application/json; charset=UTF-8
content-length: 127
server: fastestcache
edge-cache-engine: varnish
edge-request-id: a86aa1252f37730dca046b09084f9287
access-control-allow-origin: https://www.maconsulting.be
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding
content-encoding: br
edge-cache-engine-mode: ACTIVE
age: 0
x-request-id: a86aa1252f37730dca046b09084f9287
edge-cache-engine-hit: MISS
X-Firefox-Spdy: h2
www.maconsulting.be/wp-includes/images/w-logo-blue-white-bg.png
200 OK 4.1 kB URL GET HTTP/2 www.maconsulting.be/wp-includes/images/w-logo-blue-white-bg.png
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.maconsulting.be/
DNT: 1
Connection: keep-alive
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:59 GMT
content-type: image/png
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 5412d65194958ab018c0313cef730152
last-modified: Thu, 21 May 2020 13:40:12 GMT
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
age: 0
accept-ranges: bytes
x-request-id: 5412d65194958ab018c0313cef730152
edge-cache-engine-hit: MISS
X-Firefox-Spdy: h2
www.maconsulting.be/wp-content/plugins/pagelayer/fonts/fa-solid-900.woff2
200 OK 76 kB URL GET HTTP/2 www.maconsulting.be/wp-content/plugins/pagelayer/fonts/fa-solid-900.woff2
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 75728, version 330.32636\012- data
Hash 44d537ab79f921fde5a28b2c1636f397
b2879f9e1d0985a96842bf7f55a2b2cc4c636d04
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/pagelayer/fonts/fa-solid-900.woff2 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/wp-content/plugins/pagelayer/css/combined.css?ver=1.5.4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:59 GMT
content-type: font/woff2
server: fastestcache
edge-cache-engine: varnish
edge-request-id: adadf46e388166863112b8a999fd4d50
last-modified: Mon, 18 Nov 2019 12:01:10 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 0
accept-ranges: bytes
x-request-id: adadf46e388166863112b8a999fd4d50
edge-cache-engine-hit: MISS
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Archivo+Black&family=Raleway:wght@300;500;600;700&display=swap
200 OK 7.9 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Archivo+Black&family=Raleway:wght@300;500;600;700&display=swap
IP
Requested by https://www.maconsulting.be/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (8137), with no line terminators
Hash bff22fc52ca5cfa61dbaaddb635f91d1
fd69d95fa59d314a68987565116433b3737b550f
9efed3900036b418f99210a1d5d3c12fb4d1245a974ef3d202944174ed7e18cd
GET /css2?family=Archivo+Black&family=Raleway:wght@300;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 08 Dec 2023 03:14:58 GMT
date: Fri, 08 Dec 2023 03:14:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A800%2C400%2C700%2C500%7CRaleway%3A800
200 OK 6.0 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Poppins%3A800%2C400%2C700%2C500%7CRaleway%3A800
IP
Requested by https://www.maconsulting.be/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (6103), with no line terminators
Hash 30d064b3c069d9b1a855f1b40312d3ae
3f386d3913aa333f34b97a043f77780ed299d184
149bd13d715c76e599239bfc78971c77c22f7375d97c9a5091a3f50e99f998e0
GET /css?family=Poppins%3A800%2C400%2C700%2C500%7CRaleway%3A800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.maconsulting.be
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 08 Dec 2023 03:14:58 GMT
date: Fri, 08 Dec 2023 03:14:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maconsulting.be/itlp?43127871///////
301 Moved Permanently 254 kB URL User Request GET HTTP/2 maconsulting.be/itlp?43127871///////
IP
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
Size 254 kB (253652 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /itlp?43127871/////// HTTP/1.1
Host: maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 08 Dec 2023 03:14:56 GMT
content-type: text/html; charset=iso-8859-1
location: https://maconsulting.be/itlp/?43127871///////
server: fastestcache
edge-cache-engine: varnish
edge-request-id: 7398bc58e5f6d5b6220575b55cce4210
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
age: 0
x-request-id: 7398bc58e5f6d5b6220575b55cce4210
edge-cache-engine-hit: MISS
X-Firefox-Spdy: h2
www.maconsulting.be/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
200 OK 11 kB URL GET HTTP/2 www.maconsulting.be/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (11256), with no line terminators
Hash 2b0dd7eecea03b4bdedb94ba622fdb03
703becba85161118dd6fc66af465428ef43f561c
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: text/css
content-length: 11256
server: fastestcache
edge-cache-engine: varnish
edge-request-id: aaf145b0d7c664ad13cad6aa8573c183
last-modified: Tue, 29 Sep 2020 20:23:06 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80058
accept-ranges: bytes
x-request-id: aaf145b0d7c664ad13cad6aa8573c183
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
www.maconsulting.be/wp-includes/js/wp-emoji-release.min.js?ver=5.8.8
200 OK 18 kB URL GET HTTP/2 www.maconsulting.be/wp-includes/js/wp-emoji-release.min.js?ver=5.8.8
IP
Requested by https://www.maconsulting.be/
Certificate IssuercPanel, Inc.
Subjectmaconsulting.be
Fingerprint07:36:AB:0B:D4:92:01:0C:D2:89:A4:21:B3:4B:4E:D5:57:03:D6:F2
ValidityTue, 03 Oct 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (15224)
Hash 116c86c56f8db0bb63f15ceda50fdc98
75e308982ecf7cd43644b8b426e6aa1a0b0fbe26
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.8 HTTP/1.1
Host: www.maconsulting.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: application/javascript
content-length: 18181
server: fastestcache
edge-cache-engine: varnish
edge-request-id: b1bdfa59293a81ab5d970dad7944b178
last-modified: Wed, 09 Jun 2021 02:45:12 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 80057
accept-ranges: bytes
x-request-id: b1bdfa59293a81ab5d970dad7944b178
edge-cache-engine-hit: HIT
X-Firefox-Spdy: h2
stats.wp.com/s-202349.js
200 OK 9.7 kB IP
Requested by https://www.maconsulting.be/
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (9943), with no line terminators
Hash 41c8533b774dd50d50a93986dc559d26
5f9beece974a105477db9dae544fbc499fa877f9
57515dea9e5f17e0ca68d25b1c53ef4e3eb4891cb641fa72b37f0c5cb270381d
GET /s-202349.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 03:14:58 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 13:38:52 GMT
vary: Accept-Encoding
etag: W/"654254ec-25ea"
content-encoding: br
expires: Sat, 30 Nov 2024 21:59:05 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A800%2C400%2C700%2C500%7CRaleway%3A800&ver=1.5.4
200 OK 6.0 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Poppins%3A800%2C400%2C700%2C500%7CRaleway%3A800&ver=1.5.4
IP
Requested by https://www.maconsulting.be/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (6103), with no line terminators
Hash 30d064b3c069d9b1a855f1b40312d3ae
3f386d3913aa333f34b97a043f77780ed299d184
149bd13d715c76e599239bfc78971c77c22f7375d97c9a5091a3f50e99f998e0
GET /css?family=Poppins%3A800%2C400%2C700%2C500%7CRaleway%3A800&ver=1.5.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maconsulting.be/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 08 Dec 2023 03:14:58 GMT
date: Fri, 08 Dec 2023 03:14:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
91.234.195.40
192.0.76.3