Report - www.maryelder.shop/

Report Overview

Visited public
2025-06-20 11:39:52
Tags
scam
URL
www.maryelder.shop/
Finishing URL
www.maryelder.shop/
IP / ASN
104.21.89.245
#13335 CLOUDFLARENET
Title
Women's Phase Eight Designer Clothing | Dresses | Jumpsuits |
Scam - Fake e-Shop

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.maryelder.shop	unknown	2024-12-21	2025-04-10	2025-06-16	44 kB	3.5 MB	104.21.89.245
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-06-18	1.1 kB	104 kB	142.250.74.35
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-06-18	526 B	8.0 kB	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (48)

	URL	From	Size	First Seen	Last Seen
	www.maryelder.shop/wp-content/plugins/fma-product-custom-options/front/js/accounting.min.js?ver=5.9.3	ScriptElement	3.2 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-content/plugins/fma-product-custom-options/front/js/accounting.min.js?ver=5.9.3 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10 Last Seen2025-06-25 03:52 Times Seen9834 Hash b34ee54abcdda3f94566ea5e7312fdbc 4230cb168bd0bc6f831da5ac89517c865e0bda96 de4945bf8c32247c3570f1945b4af05f3efb440b46c93c18d2f428ae9162c8ea Loading...

	www.maryelder.shop/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	ScriptElement	11 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-25 04:56 Times Seen29001 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	www.maryelder.shop/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.7	ScriptElement	30 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.7 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26 Last Seen2025-06-25 03:52 Times Seen9746 Hash e1d6533906ba8cce9da6157ec25c0dd5 050b3341c7d1497494334ab17a78c04ddc61dc1f 9aafa38d431075d0f6c738a2633785fd32fada0e14408bd662d95e608ddb4daf Loading...

	www.maryelder.shop/wp-content/plugins/visitors-traffic-real-time-statistics/js/front.js?ver=5.9.3	ScriptElement	890 B	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-content/plugins/visitors-traffic-real-time-statistics/js/front.js?ver=5.9.3 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23 Last Seen2025-06-25 03:52 Times Seen630 Hash 3a7b373af67acb42960573e8102cea01 ace16912963355e393d455bc45742528a09aeb7c 9c01fb1b898505d38fd4bbf6060fd263bac9e0cb0cbeb0b4e1567618afb01f20 Loading...

	www.maryelder.shop/	ScriptElement	96 B	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/ IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-06-25 04:31 Times Seen14524 Hash d8772bfb2ec7dec5262a932766aa1669 8440292e305868d90f6f15a3ea6975a3b9774f43 c19c2ee1fc048012374a6d75c822daf9b7c0d4ebef7ab8df1ab22b229a00d012 Loading...

	www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.7.0	ScriptElement	2.1 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.7.0 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-25 04:54 Times Seen17432 Hash b72c1cbb1530a011a27bd9800f26765a 27b825c5d8255f33b8427a059d4545ebd65e1746 a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8 Loading...

	www.maryelder.shop/wp-content/uploads/customer_style/customer-style.js?ver=5.9.3	ScriptElement	2.7 kB	2023-11-01	2025-06-25
Pretty URL www.maryelder.shop/wp-content/uploads/customer_style/customer-style.js?ver=5.9.3 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-01 15:20 Last Seen2025-06-25 03:52 Times Seen214 Hash 4ffefcdb286f4a51ae61de2bd55507f0 a60886abcd0af5a4b58c9c21adffabb33f9a532e 4271592985a0984727e2ec0942cb1c02b86b8fc0db804cf51b536b9781049c48 Loading...

	www.maryelder.shop/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18	ScriptElement	129 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-06-25 03:52 Times Seen10360 Hash 0ce245fda586eafae053aa341ccdd2c7 3f0e5d08540860f4e1c4ba0db2bd3decf481ea44 5c9203860ae657336596c738730f9d362e00bb9948a0f581fb074270c328e26b Loading...

	www.maryelder.shop/	ScriptElement	2.2 kB	2025-04-10	2025-06-24
Pretty URL www.maryelder.shop/ IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-10 13:03 Last Seen2025-06-24 10:12 Times Seen95 Hash d2f97be98f8b12d4b2bad78d0c35db93 40e11f2f9bdba75908cfbef0a3d69a262d170ec3 efad346f02da89fca56d5637bc12ad0cc4a2aa6bfaedb63ddc5dec2a9645855d Loading...

	www.maryelder.shop/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	ScriptElement	90 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-25 04:31 Times Seen20332 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	www.maryelder.shop/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0	ScriptElement	19 kB	2023-04-05	2025-06-25
Pretty URL www.maryelder.shop/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 15:05 Last Seen2025-06-25 04:31 Times Seen10985 Hash 60c88069166716db064d51e9d7eb9bc8 28e5067d2a3b688bb5828500fffc8783f3884443 bab8bc75e2e121a7b9d273f9f38c33881e07e29070704adeb351d8936d14a16f Loading...

	www.maryelder.shop/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.12.0	ScriptElement	25 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.12.0 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-25 04:02 Times Seen9550 Hash 540be7a8259fbeaf4a732a344b267a7d ac51cc9bb5df51bd9568de8707b9b176f7d60254 a692f16cca3d27ae6772b85e05c46d117ca45678783d5ee010df7d67e8f12485 Loading...

	www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.7.0	ScriptElement	3.0 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.7.0 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-25 03:52 Times Seen11918 Hash 8bc2109ef48cabf7a26b73d7c3536c5f 0e0dfee3a3975eafc3dd55f190d1deb3c6c55d3b 8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8 Loading...

	www.maryelder.shop/	ScriptElement	174 B	2025-04-10	2025-06-24
Pretty URL www.maryelder.shop/ IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-10 13:03 Last Seen2025-06-24 10:12 Times Seen95 Hash 48960697a63e4cabf208df7d6b1baa53 6f5ff3336cdbce27b4ccce04ce40a9d6225334d1 c5cc55c13a924bf3166b8df8d64ae7d4d1e08a35db045327541e0bbf1241d4b3 Loading...

	www.maryelder.shop/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1	ScriptElement	22 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-06-25 03:35 Times Seen549 Hash e7334b0f16895605c1234c69ad86fd4a 6da3372e63cabe2d3c6b0dfecc70770c2f69921b e89d7526092c671c0a01bd02152a595271fb97f87bbd3ba379b5e8b1071f6b2d Loading...

	www.maryelder.shop/wp-content/themes/ecommerce-plus/js/jquery.matchHeight.js?ver=5.9.3	ScriptElement	12 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-content/themes/ecommerce-plus/js/jquery.matchHeight.js?ver=5.9.3 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:30 Last Seen2025-06-25 03:02 Times Seen456 Hash a4b580e5f6599aed3c62ffa1c146f63b 80435ee79890b5132b00325cf0a79da096a0032b 6ab454b01db552da83a2c237a00e6c0dedd462a48693a26d8354b4e0d9487ee4 Loading...

	www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6	ScriptElement	22 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-25 03:52 Times Seen9512 Hash d017e13d65b4c79d9a22a4ab9e6bcdf6 f766dedd77e0f910742439a102a23dbeade89299 2ef1fc50a9d78f044028f3ba7378c5bbec0188de74a5217491040f9ba435fca4 Loading...

	www.maryelder.shop/	ScriptElement	122 B	2025-04-10	2025-06-24
Pretty URL www.maryelder.shop/ IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-10 13:03 Last Seen2025-06-24 10:12 Times Seen95 Hash 59c016ca082a75432b38f817b2852db0 5d452a15e701c157a827819ef50a53922df45b03 a98acac67b495c7421adfb98706136840f6c47cf859a1fbc3a1622051d36bdd3 Loading...

	www.maryelder.shop/	ScriptElement	262 B	2025-04-10	2025-06-24
Pretty URL www.maryelder.shop/ IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-10 13:03 Last Seen2025-06-24 10:12 Times Seen93 Hash a2aa7340e91d336cc94101e4a5c43ce8 2d6edc8a37ad1f9dd9a864b55dc5372f7bb0cff8 5b31b853b470d416868fd9ea63e9322ef2359af6055b06a90383cf82d158a3ba Loading...

	www.maryelder.shop/wp-content/plugins/woo-exchange-rate/assets/js/woo-exchange-rate.js?ver=5.9.3	ScriptElement	1.2 kB	2023-03-13	2025-06-25
Pretty URL www.maryelder.shop/wp-content/plugins/woo-exchange-rate/assets/js/woo-exchange-rate.js?ver=5.9.3 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:00 Last Seen2025-06-25 03:52 Times Seen11075 Hash ae0a0a22ffec7989b87b813b626cda4a a5648556090a1310db15a5348ec4d62085c99052 c9c140eeebc4a3eb26325e247df563b2e6433c19bae11e0bdf21280c3482c0b0 Loading...

	www.maryelder.shop/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	ScriptElement	6.5 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-25 04:31 Times Seen11028 Hash 64e89b93b02055fb75ea0913089ded0b 9ccf854a6acedb27496725fa7570a670fd7bd572 a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd Loading...

	www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.7.0	ScriptElement	1.8 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.7.0 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-25 04:56 Times Seen17357 Hash d0a6d8547c66b0d7b0172466558d1208 ff93916519c7b9483251f609e4d29f38c30a66e3 3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612 Loading...

	www.maryelder.shop/wp-includes/js/hoverIntent.min.js?ver=1.10.2	ScriptElement	1.5 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-includes/js/hoverIntent.min.js?ver=1.10.2 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04 Last Seen2025-06-25 03:52 Times Seen9701 Hash 8767142f87d8ba86f0094540b29b6d97 754645c23f4faf070fd3460c5aed47ef99314790 491ee20092ce969e6785601ae4595748d4ac5ee4df19012b19b77de6c9dfd357 Loading...

	www.maryelder.shop/	ScriptElement	2.2 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/ IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-06-25 04:23 Times Seen10582 Hash cc6a0fa7152159e48d38e4d993f4c97d c9a88fa9cc00cedbc0d454a7875cb2503b7b9e24 5cad5dcc261bc6949e544662a54863753a9b7850c764e731da87e9845dbb0bbb Loading...

	www.maryelder.shop/	ScriptElement	332 B	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/ IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-06-25 04:56 Times Seen19401 Hash 7d495bb1d6c246a2d57df3ab9332a3cc 6367d4f8addf48f2af1023b8176a2263bb424d01 df09a4f39d495e901a5479fce56c8ddec4f8a6acda1b3ceab7adc704fa439e32 Loading...

	www.maryelder.shop/wp-content/themes/ecommerce-plus/js/skip-link-focus-fix.js?ver=20201201	ScriptElement	880 B	2023-03-07	2025-06-24
Pretty URL www.maryelder.shop/wp-content/themes/ecommerce-plus/js/skip-link-focus-fix.js?ver=20201201 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-06-24 23:15 Times Seen712 Hash 381a9581291af74e622863b9ae1436bd f35f2272e27f51dcfaa0a78f7595bce348b62b9c c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777 Loading...

	www.maryelder.shop/	ScriptElement	152 B	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/ IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-06-25 04:53 Times Seen35346 Hash b8c40bf7c92768058d743847cccdb147 4fbbbcb2dda4d05e2e58bf43330c559b4165fc0b 7872ff233c7b2bfa962f491d0575e71f0b0b487bc63899ff4c72c7c9d5197688 Loading...

	www.maryelder.shop/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0	ScriptElement	15 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-25 04:02 Times Seen12412 Hash 157f18464a93eab7fb62a7f3e618ac2c f47727e80d529d6e4941fea32f2e8a8ee5008b8a 9ed8f2a0e573467348e64fb1945eeac1698f32af9e9c723153eb7142d6a43306 Loading...

	www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.7.0	ScriptElement	9.5 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.7.0 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-25 03:52 Times Seen10565 Hash 87c54edf7dad7dfdfde015f6eee45ff1 96ec1a06ea3093c47e1e2fc4444ada7f4456135d ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da Loading...

	www.maryelder.shop/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0	ScriptElement	992 B	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-25 03:52 Times Seen14865 Hash 787fe4f547a6cb7f4ce4934641085910 c2dee88d5bdfef214ce9c56f71a1df51cda0f328 654aaebdea944313257827be97eb196a8218a2cdfc9ba399db23e2cd4c02bd79 Loading...

	www.maryelder.shop/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=5.9.3	ScriptElement	50 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=5.9.3 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36 Last Seen2025-06-25 03:52 Times Seen9575 Hash 6e9cb4f7cf17f8cac3a17f6d90960eba ee7d45d8d250040c7aedea363c7b2b7e7bf65bcc 8c2230e1348d437f591bf23a319992999e4869ab9aef142861ae206b05ec1be4 Loading...

	www.maryelder.shop/wp-content/themes/ecommerce-plus/js/custom.js?ver=20201203	ScriptElement	3.3 kB	2023-03-10	2025-06-24
Pretty URL www.maryelder.shop/wp-content/themes/ecommerce-plus/js/custom.js?ver=20201203 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 18:44 Last Seen2025-06-24 10:19 Times Seen353 Hash 8975e7d1e13018083cc0f866cc6b3efe f2bce4e476f933fbb772408d275d9666020a97f7 2900a0f086974d7b8c0bac162113131946a265154186fd4d68db320d054ab5bd Loading...

	www.maryelder.shop/wp-content/themes/ecommerce-plus/js/navigation.js?ver=20201202	ScriptElement	4.3 kB	2023-03-10	2025-06-24
Pretty URL www.maryelder.shop/wp-content/themes/ecommerce-plus/js/navigation.js?ver=20201202 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 18:44 Last Seen2025-06-24 10:19 Times Seen353 Hash 91a850aed787f5b49abbe5bef15e07c7 4973041c464f3b320a0d347f0966d60de6a1ca79 d50b557a828460bbb61ee88f59770356669b23d7a1288ebf6bce94827c4286e1 Loading...

	www.maryelder.shop/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=4.0.3	ScriptElement	18 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=4.0.3 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:21 Last Seen2025-06-25 03:52 Times Seen9551 Hash 3d4d4eab5c2ecf501484e45c46d2cc6e aa9024a11600daecfa9f7db24ee2a7191309a329 d6da22ca2b7058c87413a1927d90c13548535cfcb0959175fc0b32ac7417768b Loading...

	www.maryelder.shop/wp-content/plugins/js_composer/assets/lib/flexslider/jquery.flexslider.min.js?ver=6.7.0	ScriptElement	31 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-content/plugins/js_composer/assets/lib/flexslider/jquery.flexslider.min.js?ver=6.7.0 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-06-25 03:52 Times Seen9656 Hash 3f5389289396a324e7795d0995259ae9 9f77d2801ce315d937b30a157e53c691d6082928 23cf1b7e88d0a1380682288aa82eb327f78221b2097868f45e11620b3c7a9b60 Loading...

	www.maryelder.shop/	ScriptElement	1.5 kB	2025-06-20	2025-06-20
Pretty URL www.maryelder.shop/ IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-20 11:39 Last Seen2025-06-20 11:39 Times Seen2 Hash 914225fc6018754ebb98ddb053b003d7 2d15b514f21f359e5470c52de7ad6953c581c832 8ffb42495befa34e1d58c621d6bf1ebff56a9c038fe33089d623e855846befbb Loading...

	www.maryelder.shop/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3	ScriptElement	18 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-25 03:52 Times Seen14167 Hash 116c86c56f8db0bb63f15ceda50fdc98 75e308982ecf7cd43644b8b426e6aa1a0b0fbe26 def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7 Loading...

	www.maryelder.shop/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.19	ScriptElement	387 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.19 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15 Last Seen2025-06-25 03:52 Times Seen9813 Hash 811c3da189b804d68fced85b9a191e1e bc4d1ec616ba622029414fbceb0bc8d9e903f3fc 3b0b8378134e79a3a7058080f4d617969ac9b159d448be7b15e595719e5c9518 Loading...

	www.maryelder.shop/	ScriptElement	132 B	2025-04-10	2025-06-24
Pretty URL www.maryelder.shop/ IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-10 13:03 Last Seen2025-06-24 10:12 Times Seen93 Hash 417dd7680f8bedd06286368fe42b960f 4becc10d086a441ae103f7f760f84e85be4b5ef3 de1aeda94a67f02e00a05e93dd23b16889eac25f932f05fbc57675f131c5c9df Loading...

	www.maryelder.shop/wp-content/themes/ecommerce-plus/js/bootstrap.js?ver=1	ScriptElement	54 kB	2023-03-07	2025-06-24
Pretty URL www.maryelder.shop/wp-content/themes/ecommerce-plus/js/bootstrap.js?ver=1 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25 Last Seen2025-06-24 10:19 Times Seen354 Hash fd4050839637043f309325aa8962288d 889b8d35a1bec7b7d65e5239099ff05f74c80fb4 11f48fb49a71e6be4b3f8c038e89daab6a648321db3b6b7fc6e4c8e973fe8431 Loading...

	www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.7.0	ScriptElement	2.9 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.7.0 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-25 04:02 Times Seen15123 Hash 0fd625c3991a4015814cffdc88e2fc82 d7c2f53e058210ff3ea773297641008bab71a5f3 2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1 Loading...

	www.maryelder.shop/	ScriptElement	135 B	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/ IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-06-25 04:54 Times Seen36409 Hash 3f82b089cf163a5417b3edb4687151f7 28436f92ab540ff08b12fdefddc7da67ba0f04f7 5ba9af6f12e99663f8f04285ef3d4ffd4cdbca820bccbc2dda9c40f805b5a850 Loading...

	www.maryelder.shop/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.7.0	ScriptElement	20 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.7.0 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-25 03:52 Times Seen10847 Hash 596d6e5d8400fd1e913f9adc21071f93 fee2d7a4ac08d5a522c2298a5ad3ed30ac9e62ec 159faf7827be43b4c85a35fc941924a9de59a169d42d600b49161f60debf9dff Loading...

	www.maryelder.shop/	ScriptElement	294 B	2025-04-10	2025-06-24
Pretty URL www.maryelder.shop/ IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-10 13:03 Last Seen2025-06-24 10:12 Times Seen92 Hash f0df4d10c88f7a25f5dbce21b046d624 8da5a9de732b4a51975e42da3f858befb3ffb3b5 be3c61e316cfd5c411549cfa17614a94188899e1fe12748295a294a029ca46df Loading...

	www.maryelder.shop/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=5.9.3	ScriptElement	71 kB	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=5.9.3 IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-06-25 03:52 Times Seen13012 Hash 0f64f3a3a0c620a6756d36abaff1b4a6 4738d7f9885db2cb9370766974c8f6b22e9ec29d 00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b Loading...

	www.maryelder.shop/	ScriptElement	332 B	2025-06-20	2025-06-20
Pretty URL www.maryelder.shop/ IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-20 11:39 Last Seen2025-06-20 11:39 Times Seen2 Hash 9108995592a93e7f6cb51e1f4738c953 b8ec4b8bbd0fa87f0d44ba36e64df597aed91b32 bd9243fac0f5bc8905baa1123bec590e42eb6de7830d82e02b7b42a3c8395cb0 Loading...

	www.maryelder.shop/	ScriptElement	471 B	2023-03-10	2025-06-24
Pretty URL www.maryelder.shop/ IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 18:44 Last Seen2025-06-24 10:19 Times Seen272 Hash aecffb0fb4e2962cb5668f1aade68435 5ed0c62f7ed38fde280d42fe1d1f63b27640b126 f66ecf0fbff1fcae7dcc7844e244c2f8950221eddc76d5fd09d1c39ec8c25fcc Loading...

	www.maryelder.shop/	ScriptElement	78 B	2023-03-07	2025-06-25
Pretty URL www.maryelder.shop/ IP 104.21.89.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24 Last Seen2025-06-25 03:52 Times Seen8586 Hash 01e23790be4ce2b3aba2dc09884a374c 23e94090b7c158bea7e8a9c732423a1c7ec29e85 3b42ad7bcd4a7cd47666bd0d1b0d2daff953e15314f1b0577f51d90a192e0a12 Loading...

HTTP Transactions (76)

URL IP Response Size

GET www.maryelder.shop/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18

104.21.89.245

200 OK

129 kB

URL GET
www.maryelder.shop/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text, with very long lines (45108), with CRLF line terminators
Size
129 kB (128805 bytes)
Hash
0ce245fda586eafae053aa341ccdd2c7
3f0e5d08540860f4e1c4ba0db2bd3decf481ea44
5c9203860ae657336596c738730f9d362e00bb9948a0f581fb074270c328e26b

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:35 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899653-1f725"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=FeB3QyOFjsU5Zv6k2kzxl%2Fz8wrK0eKuL4nhGbmz3ATXl10Gdi4x8wTNBi5K0EsI8C%2BacyVzF13IRiP3K3d1zbCk4BABCgIkaQM2lYxodtCk%3D"}]}
cf-ray: 952afc735e065697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.12.0

104.21.89.245

200 OK

25 kB

URL GET
www.maryelder.shop/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.12.0
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text, with very long lines (24951), with no line terminators
Size
25 kB (24951 bytes)
Hash
540be7a8259fbeaf4a732a344b267a7d
ac51cc9bb5df51bd9568de8707b9b176f7d60254
a692f16cca3d27ae6772b85e05c46d117ca45678783d5ee010df7d67e8f12485

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.12.0 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:36 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899654-6177"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=86JO2AIZCGQM94WFfTXXlGK9j1OWxC2lZcoigKxiXIp9xULcsJCY%2FEf374jdYN3pCCEyrMHcCp4EcFhfY6r%2BnsQrL0pUFzZXRydqL9GgYmc%3D"}]}
cf-ray: 952afc734ddf5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/uploads/2023/06/women-dresses-phase-eight-milla-multiway-zip-ribbed-tunic-dress-black-300x420.jpg

104.21.89.245

200 OK

11 kB

URL GET
www.maryelder.shop/wp-content/uploads/2023/06/women-dresses-phase-eight-milla-multiway-zip-ribbed-tunic-dress-black-300x420.jpg
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x420, components 3
Size
11 kB (11339 bytes)
Hash
df40219ba60ee01dd23fdfe9674dc723
d36b9aa545f2c6695a8e91fb7b35af4ba8ba0467
8c78ca34a0e3e252b58be00309fb9eaa7c6cd990cf1732bc49d8f92f3c6d1630

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/uploads/2023/06/women-dresses-phase-eight-milla-multiway-zip-ribbed-tunic-dress-black-300x420.jpg HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: image/jpeg
content-length: 11339
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P8Jf%2BgDCqOFqxZw69TxWGHkmRdAxJzdB1rcAelz7vGOJQfNCpy4eOZh0%2BuWpEVo5COfl7IAp%2F4YTTef4ZBDtogBDMWVvtEVEeeZBtMHpumhdvLmjM%2B0uMvZ77aGZPWhcV0A6gTY%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 15 Jun 2023 11:31:26 GMT
etag: "648af68e-2c4b"
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 952afc78cbba56ca-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1971&min_rtt=0&rtt_var=3534&sent=242&recv=229&lost=0&retrans=0&sent_bytes=94135&recv_bytes=16235&delivery_rate=14495204&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=24340&unsent_bytes=0&cid=bd0f139f819cf116&ts=1471&inflight_dur=91&x=44"

GET www.maryelder.shop/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1

104.21.89.245

200 OK

2.7 kB

URL GET
www.maryelder.shop/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
ASCII text
Size
2.7 kB (2731 bytes)
Hash
e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Z2d5f2ZXGnJXhMNjqFyq4b7eRSWGCyO2W7JksGZJ5u45sQn1AmMvUaKZCQ8%2FpMS8sM4LbACa8oniC39YN3oLp8jmXiPzNlzfQhdr1ELxJHs%3D"}]}
cf-ray: 952afc726c7f5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/visitors-traffic-real-time-statistics/js/front.js?ver=5.9.3

104.21.89.245

200 OK

890 B

URL GET
www.maryelder.shop/wp-content/plugins/visitors-traffic-real-time-statistics/js/front.js?ver=5.9.3
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
ASCII text
Size
890 B (890 bytes)
Hash
3a7b373af67acb42960573e8102cea01
ace16912963355e393d455bc45742528a09aeb7c
9c01fb1b898505d38fd4bbf6060fd263bac9e0cb0cbeb0b4e1567618afb01f20

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/visitors-traffic-real-time-statistics/js/front.js?ver=5.9.3 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:41 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=E%2BAUTmAHxeYrPp5b6ds5IcpoFFkvMn0EsqSyI8vKrksIgZnPgz%2F4PDauemecFrcog9c6sDs%2FFXMIanDRnxexRQnkBZTUi1V4aKwjintyYEA%3D"}]}
cache-control: max-age=14400
cf-cache-status: REVALIDATED
etag: W/"64899659-37a"
content-encoding: br
cf-ray: 952afc728cc95697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

104.21.89.245

200 OK

90 kB

URL GET
www.maryelder.shop/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89521 bytes)
Hash
02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:36 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899654-15db1"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=rKPysMFT5SZJWb3MmEOX7BABHzQzqbtbNOlxR4n4DAdr15Mm3IobA4%2BSjS5dzWsb00fZJH7HyLtIfs0yrn9PEAgsu7PHRwMJTrbvS5z%2FiRE%3D"}]}
cf-ray: 952afc72acf25697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/js_composer/assets/lib/flexslider/flexslider.min.css?ver=6.7.0

104.21.89.245

200 OK

4.4 kB

URL GET
www.maryelder.shop/wp-content/plugins/js_composer/assets/lib/flexslider/flexslider.min.css?ver=6.7.0
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
ASCII text, with very long lines (4420), with no line terminators
Size
4.4 kB (4420 bytes)
Hash
3a58bc351485cd8093c3413eef7c22cc
207dda1ceebaeabdec24bf030daf253d9d7868a3
be55069a1e835065f0f020c894b14093d45bc764b333f2ffb3d7cc3219db56d6

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/flexslider/flexslider.min.css?ver=6.7.0 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=BW7xzY9OnYD%2F7heYBmqHQ3vUEEiqHGYNvbw0ZtWJyMXy6WtR2ob73QZXY5lsnsIoh%2FcBw8j0mNTJW1SnNp9oWUBdD2%2BhTE24URvIg0mSXFE%3D"}]}
cf-ray: 952afc731d9d5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/uploads/2023/07/10004-gigapixel.jpg

104.21.89.245

200 OK

198 kB

URL GET
www.maryelder.shop/wp-content/uploads/2023/07/10004-gigapixel.jpg
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, xresolution=72, yresolution=72], baseline, precision 8, 400x560, components 3
Size
198 kB (197538 bytes)
Hash
6f7a41811f8fcfc4514b98f48a7cb756
cda1c97598761f12048e284e93f7075e1ec9e9a5
acd6da7555369b02f96a71f4d63db38334f8e81c0fcbe8ceab3c605087529ff1

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/uploads/2023/07/10004-gigapixel.jpg HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: image/jpeg
content-length: 197538
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=29HzoYr43rKdsDPODwZZ%2BBrT72ozx%2BqCR%2BQl%2B4HfpGTOnlYcp02GsZJdtqtinmYum4hdKa%2FMNXcVhr%2BW0EbYxTc%2BWkkM67Z0AzHdif%2F7LqsDVKOYDk6Y48VAyxMw0nq5JO4f%2FMM%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 08 Jul 2023 01:41:27 GMT
etag: "64a8bec7-303a2"
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: REVALIDATED
cf-ray: 952afc78cbbd56ca-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2544&min_rtt=0&rtt_var=2808&sent=302&recv=232&lost=0&retrans=0&sent_bytes=161459&recv_bytes=16381&delivery_rate=14495204&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=24340&unsent_bytes=0&cid=bd0f139f819cf116&ts=1611&inflight_dur=109&x=44"

GET www.maryelder.shop/wp-content/uploads/2023/07/favicon-16x16-1.png

104.21.89.245

200 OK

274 B

URL GET
www.maryelder.shop/wp-content/uploads/2023/07/favicon-16x16-1.png
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
PNG image data, 16 x 16, 8-bit grayscale, non-interlaced
Size
274 B (274 bytes)
Hash
7e687e5107468c9d40a120a07d10b6f6
bce8d0d6e22424d2b1b6a1e7ac135662c21f5925
2d4588069016b3fdc7ea3e0e92fab9f238f4424188b7814e34111833ee2c966e

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/uploads/2023/07/favicon-16x16-1.png HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 20 Jun 2025 11:39:34 GMT
content-type: image/png
content-length: 274
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FoV7IdF3jMECVvTPsx%2FJGU2HquZEwbdD12a3CUvomnE1FpvBouCQGFmFqV2ixDzSynSXrW0D271sbtUWSPbZ72PJHGltVpdnDKBmqG0hyrjW8285Ga%2BTwCPUqtp7ACV4dmfVC98%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 08 Jul 2023 01:21:07 GMT
etag: "64a8ba03-112"
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 952afc7f2c0c56ca-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1129&min_rtt=0&rtt_var=592&sent=889&recv=283&lost=0&retrans=0&sent_bytes=845853&recv_bytes=21165&delivery_rate=14894435&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=25244&unsent_bytes=0&cid=bd0f139f819cf116&ts=2850&inflight_dur=269&x=44"

GET www.maryelder.shop/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3

104.21.89.245

200 OK

83 kB

URL GET
www.maryelder.shop/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
ASCII text, with very long lines (39791)
Size
83 kB (83419 bytes)
Hash
7e7a1a9e3712cd16dade7c6e811ba28b
45e216af145ea7c3f30099c869482785ad921bc2
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=5.9.3 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=WVaxhJZfvBcAG%2F4iVQ6ODJge1cf10oyihDzHqL7hICoCDDcdk5PyJycon04%2F2sAoVNoPX2WUe4Pxg34QJY9yQNb55GNIKMmrnoGUmq0QgI0%3D"}]}
cf-ray: 952afc725c615697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/uploads/customer_style/customer-style.js?ver=5.9.3

104.21.89.245

200 OK

2.7 kB

URL GET
www.maryelder.shop/wp-content/uploads/customer_style/customer-style.js?ver=5.9.3
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text
Size
2.7 kB (2657 bytes)
Hash
4ffefcdb286f4a51ae61de2bd55507f0
a60886abcd0af5a4b58c9c21adffabb33f9a532e
4271592985a0984727e2ec0942cb1c02b86b8fc0db804cf51b536b9781049c48

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/uploads/customer_style/customer-style.js?ver=5.9.3 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:36 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899654-a61"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=7Xm%2BrwH%2FpDJmylBz7kiWxWliqNRb3bp2Trp6bkgTTcR8UUm13w2j132k5ux41Nptq67DvKxtTyjGpUNvb6LsNvTosy0Dg0BK%2FioYSTG%2FFaA%3D"}]}
cf-ray: 952afc73be8e5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/themes/ecommerce-plus/js/jquery.matchHeight.js?ver=5.9.3

104.21.89.245

200 OK

12 kB

URL GET
www.maryelder.shop/wp-content/themes/ecommerce-plus/js/jquery.matchHeight.js?ver=5.9.3
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text
Size
12 kB (11776 bytes)
Hash
a4b580e5f6599aed3c62ffa1c146f63b
80435ee79890b5132b00325cf0a79da096a0032b
6ab454b01db552da83a2c237a00e6c0dedd462a48693a26d8354b4e0d9487ee4

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/themes/ecommerce-plus/js/jquery.matchHeight.js?ver=5.9.3 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:36 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899654-2e00"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=16cSWFvkBXSvgpZxqcWZOjQut5C%2FOEwKXkC25NKn0d0ZgZVaHC1bIEv06%2FwW%2BNu3BqQGJm7ORJihkicJrzCg6wQlfHRMVWtxxpbpz%2FwL%2FHM%3D"}]}
cf-ray: 952afc739e585697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/themes/ecommerce-plus/fonts/fontawesome-webfont.woff2?v=4.7.0

104.21.89.245

200 OK

77 kB

URL GET
www.maryelder.shop/wp-content/themes/ecommerce-plus/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/themes/ecommerce-plus/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/wp-content/themes/ecommerce-plus/css/font-awesome.css?ver=5.9.3
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: font/woff2
content-length: 77160
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HYDwpWGe%2FUfzgIxu06x6EUh4oAgmeXPaM56P%2Bfx02L%2FyPyxAtc1mIM7tD8cjdkYzm60cvZCbXLEItvU54df%2BcuFiIfZcHe9hAC%2BiE1T9LwQ5PCX8OI27R9F2gZfnrkzTPtdjXmI%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 14 Jun 2023 10:28:36 GMT
etag: "64899654-12d68"
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: REVALIDATED
cf-ray: 952afc780bb656ca-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2939&min_rtt=0&rtt_var=3447&sent=174&recv=216&lost=0&retrans=0&sent_bytes=14331&recv_bytes=15646&delivery_rate=303783&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=bd0f139f819cf116&ts=1338&inflight_dur=66&x=44"

GET www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.7.0

104.21.89.245

200 OK

9.5 kB

URL GET
www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.7.0
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text, with very long lines (9139)
Size
9.5 kB (9533 bytes)
Hash
87c54edf7dad7dfdfde015f6eee45ff1
96ec1a06ea3093c47e1e2fc4444ada7f4456135d
ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.7.0 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:35 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899653-253d"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=rzvsYaOmrI6BhRv6pU%2BPM8GxzLzcAwMqd9fu%2Bz6MMIPDlWu9RtZQt%2BALykN3sEgPkEYPwYATELXAxid29Vnxg8aWFD8n4ZUs92snXmfItmY%3D"}]}
cf-ray: 952afc72acfd5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=5.9.3

104.21.89.245

200 OK

71 kB

URL GET
www.maryelder.shop/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=5.9.3
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (64131)
Size
71 kB (70851 bytes)
Hash
0f64f3a3a0c620a6756d36abaff1b4a6
4738d7f9885db2cb9370766974c8f6b22e9ec29d
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=5.9.3 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:36 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899654-114c3"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=sb16gyCHy4PQurL9Dhi65zTmKef%2FAH7653ve0%2BF%2BuqMcZy7GpIUvCflqiKYmpocbIL1TbTj6wrz2Ovk7sCTiL051sajCqq%2BPyrIuadfrFDg%3D"}]}
cf-ray: 952afc72dd3d5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/themes/ecommerce-plus/js/navigation.js?ver=20201202

104.21.89.245

200 OK

4.3 kB

URL GET
www.maryelder.shop/wp-content/themes/ecommerce-plus/js/navigation.js?ver=20201202
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text
Size
4.3 kB (4283 bytes)
Hash
91a850aed787f5b49abbe5bef15e07c7
4973041c464f3b320a0d347f0966d60de6a1ca79
d50b557a828460bbb61ee88f59770356669b23d7a1288ebf6bce94827c4286e1

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/themes/ecommerce-plus/js/navigation.js?ver=20201202 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:36 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899654-10bb"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=nwf9mdb%2BRta64gBofPMhPNZ8Ps5BAoLLJcM0K1CEluGQsE6WcJoP%2B08F5uMXga5mBQuOdnUZ%2BvtKB4X9GUS7tKNZ2FH%2BHCoupOtWNy1TzRw%3D"}]}
cf-ray: 952afc739e505697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/uploads/2023/07/352103025_1495214994348534_7517040173802143425_n.jpg

104.21.89.245

200 OK

319 kB

URL GET
www.maryelder.shop/wp-content/uploads/2023/07/352103025_1495214994348534_7517040173802143425_n.jpg
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1400x700, components 3
Size
319 kB (318685 bytes)
Hash
c0e30fd751e125d7876f71ac3a49a02d
ef263d61c980e1e6666e0bc95a511ce003ab208d
e8bb3d0725e2430d9b276783afcc464fe94ea115b5145f95bffcb3cd92a760f8

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/uploads/2023/07/352103025_1495214994348534_7517040173802143425_n.jpg HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 20 Jun 2025 11:39:33 GMT
content-type: image/jpeg
content-length: 318685
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fyOqtG6OG5DYOHFg3n4dvGAZmxWCVoYr0ULjHYoPwmVrqBgmmyjir27yOD%2Bfnqklvrb%2B1lWtI07Q0N5b5xdOPHQFF6PefihNZFrugqehTGEHqpWD23Yn5%2FcULirHHmdqrk2a0gc%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 08 Jul 2023 01:30:14 GMT
etag: "64a8bc26-4dcdd"
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 952afc7bcbf756ca-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1738&min_rtt=0&rtt_var=1946&sent=609&recv=257&lost=0&retrans=0&sent_bytes=515466&recv_bytes=19144&delivery_rate=14495204&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=35424&unsent_bytes=0&cid=bd0f139f819cf116&ts=1811&inflight_dur=217&x=44"

GET www.maryelder.shop/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

104.21.89.245

200 OK

11 kB

URL GET
www.maryelder.shop/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text, with very long lines (11126)
Size
11 kB (11224 bytes)
Hash
79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:36 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899654-2bd8"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=bT3WpLfEB%2BjdpfW%2Ba5nF5D0OnPsno8LwokUkI7t2dmXSLSWaDFFsOqJEYy5sq5ypT7Qjt1qNuI6Y36iZLRLnhFYk5EKIPfKLzvKdUFaYrjw%3D"}]}
cf-ray: 952afc72acf45697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

104.21.89.245

200 OK

6.5 kB

URL GET
www.maryelder.shop/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text, with very long lines (6494), with no line terminators
Size
6.5 kB (6494 bytes)
Hash
64e89b93b02055fb75ea0913089ded0b
9ccf854a6acedb27496725fa7570a670fd7bd572
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:36 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899654-195e"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=vCcpLy%2FP3kfv%2Bf%2BbZ919ltTLCRgkpRk%2FjWWYZoD74ugUjz5Vn9aOnhHMkzN3GflC1anD7HVJWUMCgh3x50Yb4wD2u80xtfwCNDL%2FVhyGj50%3D"}]}
cf-ray: 952afc734de45697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.19

104.21.89.245

200 OK

387 kB

URL GET
www.maryelder.shop/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.19
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text, with very long lines (64288)
Size
387 kB (386778 bytes)
Hash
811c3da189b804d68fced85b9a191e1e
bc4d1ec616ba622029414fbceb0bc8d9e903f3fc
3b0b8378134e79a3a7058080f4d617969ac9b159d448be7b15e595719e5c9518

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.19 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:35 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899653-5e6da"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=F2U94kJ2pU90ZuHLPRVYOMIXZSv3HCf7%2FdlYR1kEch9bS0GHOAenw0tVtNUvBRXvSwad8F%2FEq0NG%2FwVgIPnTd%2Fuyhqh11Sm6cUxKXre5WkE%3D"}]}
cf-ray: 952afc737e2f5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/uploads/2023/06/women-dresses-phase-eight-raelyn-pleated-dress-aubergine-300x420.jpg

104.21.89.245

200 OK

12 kB

URL GET
www.maryelder.shop/wp-content/uploads/2023/06/women-dresses-phase-eight-raelyn-pleated-dress-aubergine-300x420.jpg
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x420, components 3
Size
12 kB (12060 bytes)
Hash
b1dc3a32def54bc6a9f2318d35726fd5
81e662fcc691768102b2133bebb9abd4cd872158
17eacae3d6dec3716503a5788ba35bbf6f45c00fb5b59c0f6811409fcaccde05

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/uploads/2023/06/women-dresses-phase-eight-raelyn-pleated-dress-aubergine-300x420.jpg HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: image/jpeg
content-length: 12060
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FSThcun5KMMtzog58XIDHQTIbb9TeUg%2FUtkzlfMkUeTZsbyLgdNOfkXPaDwwUlxwZIFplaFjy6Oe235Z5m9eplJdknztKJVI0k9ltU1WSVGfZNSPESD%2F%2BSF0eTiUqfuOrNDE5GU%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 15 Jun 2023 15:47:08 GMT
etag: "648b327c-2f1c"
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 952afc78cbbb56ca-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1963&min_rtt=0&rtt_var=2057&sent=350&recv=235&lost=0&retrans=0&sent_bytes=218597&recv_bytes=16524&delivery_rate=14495204&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=33138&unsent_bytes=0&cid=bd0f139f819cf116&ts=1615&inflight_dur=113&x=44"

GET www.maryelder.shop/wp-content/plugins/fma-product-custom-options/front/css/fmepco_front_style.css?ver=5.9.3

104.21.89.245

200 OK

1.2 kB

URL GET
www.maryelder.shop/wp-content/plugins/fma-product-custom-options/front/css/fmepco_front_style.css?ver=5.9.3
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
ASCII text
Size
1.2 kB (1215 bytes)
Hash
819be97c3bb3de9978da74b3f2a14cfd
a901fcccb749f3797d4700afdb6bbec19b0b2199
12ad57a8f41b41e94cab57ccc2c0e711f7b910ecd14b242e5394e4190ddbd190

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/fma-product-custom-options/front/css/fmepco_front_style.css?ver=5.9.3 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=C3m6gco1vospy0%2B72IlJLl043TEXH9lGzPAG%2F2p%2F%2B1GKDJD1kvYcPavMjBf%2F%2FU7fiNk57NjVf4yBgg8wxfdAW6eD2W9SSN9eipo7yUB%2F4uk%3D"}]}
cf-ray: 952afc725c5c5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.7.0

104.21.89.245

200 OK

486 kB

URL GET
www.maryelder.shop/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.7.0
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
ASCII text, with very long lines (65358)
Size
486 kB (485496 bytes)
Hash
447df0b82fca972d090f4b55835b9289
58eaaa51c8ddc2eb3a46e7e93b9c1da5946ee23c
184158b86609c0805441583af03684e5d2e349b481bc5e0b405eef4f63d0f25f

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.7.0 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=dPCS2VC0hcJj5P5tmmQ91fDuINWquS3yapVEBHeJx4kVMGFZeG4%2F3pUsxilsktULtaWwpE%2FINjijDk1FRot9Yl2y05Z2snCsJQw%2BLJ3cNpI%3D"}]}
cf-ray: 952afc728cc15697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1

104.21.89.245

200 OK

22 kB

URL GET
www.maryelder.shop/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text, with very long lines (21904), with no line terminators
Size
22 kB (21904 bytes)
Hash
e7334b0f16895605c1234c69ad86fd4a
6da3372e63cabe2d3c6b0dfecc70770c2f69921b
e89d7526092c671c0a01bd02152a595271fb97f87bbd3ba379b5e8b1071f6b2d

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:32 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899650-5590"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=VVONcx0MIiju5CXUClyWENFBjUQKyNYJ1wO4DnPBWKEDAXG7GGZg%2FwiYmDKM3a4LZCE5goQ67GlSX8WTpIXcVQWLT%2Bkk0hYRPbWf549YocM%3D"}]}
cf-ray: 952afc734ded5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-includes/js/hoverIntent.min.js?ver=1.10.2

104.21.89.245

200 OK

1.5 kB

URL GET
www.maryelder.shop/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text, with very long lines (1465)
Size
1.5 kB (1500 bytes)
Hash
8767142f87d8ba86f0094540b29b6d97
754645c23f4faf070fd3460c5aed47ef99314790
491ee20092ce969e6785601ae4595748d4ac5ee4df19012b19b77de6c9dfd357

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:36 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899654-5dc"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=cFyMnt1QzBFDx5z3bqexDvAiXFziuCJN30ZhWvqWMOK6itM%2BZNtVxmJ0x9s4Ox46dcBfRqSYEGap9tI1K2YFpRjcQ6wZCJShkABTt%2Fy39RU%3D"}]}
cf-ray: 952afc73ae6a5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/uploads/2023/07/10001.png

104.21.89.245

200 OK

4.2 kB

URL GET
www.maryelder.shop/wp-content/uploads/2023/07/10001.png
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
PNG image data, 180 x 60, 8-bit colormap, non-interlaced
Size
4.2 kB (4153 bytes)
Hash
799a163c8c4ff17f73091fd96fa1214c
8452cb563090e5622d59f9359945f968b68bc05b
6f847206b8de4a249671240c2e5bb61182ea068b27a3a3b6de7e767160776c91

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/uploads/2023/07/10001.png HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: image/png
content-length: 4153
server: cloudflare
last-modified: Sat, 08 Jul 2023 01:21:03 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "64a8b9ff-1039"
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: REVALIDATED
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=6mc6rYIKVKMCpbOpwwckb5YaHys8ch7aBuKJY5uU74BWSBol%2BjxoTimI9SYsCDZ5zVHW4YNJzxEHWD1nTYZShAIqnkNBUQrXamMW3mvkmX4%3D"}]}
cf-ray: 952afc730d735697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/uploads/2023/06/women-bags-phase-eight-patent-open-top-slim-clutch-navy-300x420.jpg

104.21.89.245

200 OK

6.4 kB

URL GET
www.maryelder.shop/wp-content/uploads/2023/06/women-bags-phase-eight-patent-open-top-slim-clutch-navy-300x420.jpg
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x420, components 3
Size
6.4 kB (6443 bytes)
Hash
fcf9d3a10b3ba11c1350571f495dad31
db24cc29b029d12f008e7f5ff9994ee2214facbb
0d870ea9668202fbe538bbd1673772d9d6cb762b4aa39672f0fca244a7d7000a

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/uploads/2023/06/women-bags-phase-eight-patent-open-top-slim-clutch-navy-300x420.jpg HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: image/jpeg
content-length: 6443
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ykwOw12fXMJEMIqsWQgQZM%2B09N%2BjfOdnX9faZ2AYfsVUaOnN4JDMPEB2K7m8r7z3bfjGFY0%2B2L9o%2BZ2EMnJ8LjOUrtmq7YFfIlIrSMpYhdPRAFIPPCgpdSmxiFYizSaNgYXlf9I%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 16 Jun 2023 07:21:54 GMT
etag: "648c0d92-192b"
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 952afc78cbbc56ca-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2581&min_rtt=0&rtt_var=3646&sent=259&recv=231&lost=0&retrans=0&sent_bytes=112779&recv_bytes=16332&delivery_rate=14495204&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=24340&unsent_bytes=0&cid=bd0f139f819cf116&ts=1605&inflight_dur=103&x=44"

GET www.maryelder.shop/wp-content/uploads/2023/06/women-jewellery-phase-eight-gold-bracelet-gold-300x420.jpg

104.21.89.245

200 OK

22 kB

URL GET
www.maryelder.shop/wp-content/uploads/2023/06/women-jewellery-phase-eight-gold-bracelet-gold-300x420.jpg
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x420, components 3
Size
22 kB (22240 bytes)
Hash
8e3f2cfc595d1db202b0bad3a2ac9e57
634c3f99f78a337fc65d196b30870e178e812db3
e7cedf49c176c17074dd94eb28b8c89d3b2a3666c92ba06d807f3bcc7e2e992a

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/uploads/2023/06/women-jewellery-phase-eight-gold-bracelet-gold-300x420.jpg HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: image/jpeg
content-length: 22240
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UUWgvN8DGzj%2BLThtN%2Bb3qYA3yZiws7BTJc8L1J96fV6956EHP2aSyLNIWWIHJ2Gl9IAHL%2BjbouURupWaTAJA3%2Bky%2B1LZPIreWYyj%2FfF9mvlZzbnMfqUWSbbEn7dhvBk67auvWE0%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 16 Jun 2023 07:30:01 GMT
etag: "648c0f79-56e0"
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 952afc78cbbe56ca-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1607&min_rtt=0&rtt_var=1052&sent=436&recv=239&lost=0&retrans=0&sent_bytes=319331&recv_bytes=16713&delivery_rate=14495204&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=35424&unsent_bytes=0&cid=bd0f139f819cf116&ts=1628&inflight_dur=125&x=44"

GET www.maryelder.shop/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.8.3

104.21.89.245

200 OK

4.9 kB

URL GET
www.maryelder.shop/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.8.3
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
ASCII text, with very long lines (4933), with no line terminators
Size
4.9 kB (4933 bytes)
Hash
e372df47bd19e1563b557d7bdb817188
4efdf4050a78bdbd88aa255955b7423105895dd0
4b7693154069c53a16468d09d89c9eba5da6c0dfc69cf4d7eb675e32ba663361

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.8.3 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=2FIN%2BQABcR1nmjQaejaADFkiTi2dYIjCzc4VN%2BemP5pOrEbNClsStk3nyuKIXiPFN8Px9f4lJ4K%2Bc1m4ebCC5BnGl7vds%2BdlLUlU69u%2BkQo%3D"}]}
cf-ray: 952afc725c665697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=3.1.6

104.21.89.245

200 OK

9.3 kB

URL GET
www.maryelder.shop/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=3.1.6
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
ASCII text, with very long lines (9281), with no line terminators
Size
9.3 kB (9281 bytes)
Hash
57a347480fbe0b3d235993f4f1ec3b2c
ec01673e887c236765156496c7d00111238554d8
9097a2c579616889e829be95554ebf90ec5900045f4d2282cce31d5a999acc03

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=3.1.6 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=USfW4c4PhnMYtkb2V2rMZoX0ObWnWMo%2F%2FTyPc99U7jxeWRLw1Y0KHJZKc6wBXbCoAIJQzM5XEEtRDlwz5bkSVBde7%2FrsWOtosuDt5lJL5%2BA%3D"}]}
cf-ray: 952afc725c765697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.7.0

104.21.89.245

200 OK

63 kB

URL GET
www.maryelder.shop/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.7.0
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Size
63 kB (62755 bytes)
Hash
979b8b56e801469d95453055366ef54c
cb8a0bb5f00fee130a289ea4dfafc00fa53e1c04
d3322ccb3912f7a9485eb1d75971fd5e1eb49c6575ff5ad985fb5496333e8c8b

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.7.0 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ihFc4UiytEsAHdopLBSzlVq4XLv2p322Uix98MzTyWlEHSBcNLxvsExJ9CZw1FDcW11M%2BLblWOAbt%2FIc5b6XYt53GwkulaqVZ1DxA9XjE8E%3D"}]}
cf-ray: 952afc726c845697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/themes/ecommerce-plus/js/bootstrap.js?ver=1

104.21.89.245

200 OK

54 kB

URL GET
www.maryelder.shop/wp-content/themes/ecommerce-plus/js/bootstrap.js?ver=1
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text, with very long lines (550)
Size
54 kB (54311 bytes)
Hash
fd4050839637043f309325aa8962288d
889b8d35a1bec7b7d65e5239099ff05f74c80fb4
11f48fb49a71e6be4b3f8c038e89daab6a648321db3b6b7fc6e4c8e973fe8431

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/themes/ecommerce-plus/js/bootstrap.js?ver=1 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:36 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899654-d427"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=PiUDqZJ%2BclzI7l9b38Ds%2Fuk2FSHMhwz8LY3xgK37nOtoc%2BX2zceclR0H%2FKchwRGW%2BaEpRfWDidUiEkK3fte%2Bv4G8ew9Aq6x4LROCBiFkVgQ%3D"}]}
cf-ray: 952afc72fd6a5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/uploads/2023/07/10002.jpg

104.21.89.245

200 OK

61 kB

URL GET
www.maryelder.shop/wp-content/uploads/2023/07/10002.jpg
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1400x700, components 3
Size
61 kB (60973 bytes)
Hash
c5333929539e84aadc74a516030f6070
6e67553b2b8158c90089b56983e8c4a080168cd1
a8bda4415beda42fc049a64c3c01f07880e99f22fe0ae18962a9ad08861d3bc3

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/uploads/2023/07/10002.jpg HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 20 Jun 2025 11:39:33 GMT
content-type: image/jpeg
content-length: 60973
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8JjPk36wPe9Izcj16blOTxhE5fdSqST9PTrstj1ff%2Fwng2jQmiW0B3uNm3jFQEkGJ6085FhDzdcqHSk7mFDFr%2FFAOvRJGEirWu93W14zjWERU2%2FopUuHCODk5%2Foe3Fc7M%2FiOzQQ%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 08 Jul 2023 01:30:08 GMT
etag: "64a8bc20-ee2d"
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 952afc7bcbf656ca-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3132&min_rtt=0&rtt_var=3062&sent=555&recv=251&lost=0&retrans=0&sent_bytes=452279&recv_bytes=18877&delivery_rate=14495204&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=35424&unsent_bytes=0&cid=bd0f139f819cf116&ts=1797&inflight_dur=211&x=44"

GET www.maryelder.shop/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.19

104.21.89.245

200 OK

59 kB

URL GET
www.maryelder.shop/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.19
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Size
59 kB (59154 bytes)
Hash
aa4c7e30d0f121bf25a7f892dc618ea9
09dc35a42918427d0943cdf6c96805aeeed1664c
9435c8c132bbfd387d4b14f9e07d60c0ba7fb5a1eca2b49882f62b2ef113eee8

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.19 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=XtHlsnEjr5jQeOrkX9%2FjmGX%2Fwz0P5nDsM2z54AMyaxTTPmCjugiG%2B1Qu9ETsudHfSOol%2BJQs0YlB7Pk4IiwF6ACR%2FQPDjbMNvSY1mCNmNTc%3D"}]}
cf-ray: 952afc732db95697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=4.0.3

104.21.89.245

200 OK

18 kB

URL GET
www.maryelder.shop/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=4.0.3
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text, with very long lines (18465), with no line terminators
Size
18 kB (18465 bytes)
Hash
3d4d4eab5c2ecf501484e45c46d2cc6e
aa9024a11600daecfa9f7db24ee2a7191309a329
d6da22ca2b7058c87413a1927d90c13548535cfcb0959175fc0b32ac7417768b

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=4.0.3 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:36 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899654-4821"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=mcKzz%2F%2FwbladcXri%2BgIor8zhnDoJIjg0CQqBLGzdkSoQC0ngCLbdaOGJbzeKmZfN2mMkt2b2eoaqUqf%2F1VM1EGAR%2B7KKoKETPBJVob%2BHXoQ%3D"}]}
cf-ray: 952afc738e405697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/robotocondensed/v30/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

142.250.74.35

200 OK

51 kB

URL GET
fonts.gstatic.com/s/robotocondensed/v30/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 51412, version 1.0
Size
51 kB (51412 bytes)
Hash
9e5e97447fcc00eca79e97de3b337831
efafc4ef0f1ac7fefb6e22be4ea9c681a53d415a
8d230115e58faa2ed303bee567b91d1a792e0c958a0118998b53648b2ab7c057

HTTP Headers

GET /s/robotocondensed/v30/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.maryelder.shop
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 51412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jun 2025 11:02:50 GMT
expires: Fri, 19 Jun 2026 11:02:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 28 May 2025 16:58:12 GMT
content-type: font/woff2
age: 88602
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0

104.21.89.245

200 OK

992 B

URL GET
www.maryelder.shop/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text
Size
992 B (992 bytes)
Hash
787fe4f547a6cb7f4ce4934641085910
c2dee88d5bdfef214ce9c56f71a1df51cda0f328
654aaebdea944313257827be97eb196a8218a2cdfc9ba399db23e2cd4c02bd79

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:34 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=eBOxsA3SDwfrlKr6v4F3yomfj9%2BQxSqoFcTj3P6VK%2FtrOJjoQY%2FAfbmmIVA%2F7LaCkgz5Xn9Bm8rcazcfpqJKnBYhx%2BBlAKOzZ84vQcHGnGY%3D"}]}
cache-control: max-age=14400
cf-cache-status: REVALIDATED
etag: W/"64899652-3e0"
content-encoding: br
cf-ray: 952afc72fd655697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.7.0

104.21.89.245

200 OK

1.8 kB

URL GET
www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.7.0
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text, with very long lines (1668)
Size
1.8 kB (1834 bytes)
Hash
d0a6d8547c66b0d7b0172466558d1208
ff93916519c7b9483251f609e4d29f38c30a66e3
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.7.0 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:35 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899653-72a"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=4NNttjJVH3%2FwFn1fZbVpXQcQv2Wxhk12gRM1sm%2Fky2balcqtacBBhTKcgbOm4CTlUq2cax4xwSTc8Tlnr%2BrUKxHSYeFtPUsHvtVMNEAd4zI%3D"}]}
cf-ray: 952afc737e315697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/themes/ecommerce-plus/js/custom.js?ver=20201203

104.21.89.245

200 OK

3.3 kB

URL GET
www.maryelder.shop/wp-content/themes/ecommerce-plus/js/custom.js?ver=20201203
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text
Size
3.3 kB (3262 bytes)
Hash
8975e7d1e13018083cc0f866cc6b3efe
f2bce4e476f933fbb772408d275d9666020a97f7
2900a0f086974d7b8c0bac162113131946a265154186fd4d68db320d054ab5bd

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/themes/ecommerce-plus/js/custom.js?ver=20201203 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:36 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899654-cbe"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=kLhaLKcNYqH7ez38HciFBg9IshLkJjagkYhSWU%2BmFQBkoaANsEKyuR7D3yky3NNpLDvWBaj67JRwVdydy%2BJWcLKD5nZIRZLfQO0qeFfXhFM%3D"}]}
cf-ray: 952afc739e5e5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3

104.21.89.245

200 OK

18 kB

URL GET
www.maryelder.shop/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text, with very long lines (15224)
Size
18 kB (18181 bytes)
Hash
116c86c56f8db0bb63f15ceda50fdc98
75e308982ecf7cd43644b8b426e6aa1a0b0fbe26
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=5.9.3 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=luFH7NYoohHYzZUTWv6LsWm4AnHms19tNxPFSA4foRH7P8Q6SxMKu2aSE81p0%2FXA3EZ6Oxc1fGjX7MZOS%2BvBsMtkTI6JRl%2F21Mr%2BdvjUWt4q3O8llgVsXXrWSvJCiWSRSA%2Beuwo%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 14 Jun 2023 10:28:36 GMT
vary: Accept-Encoding
etag: "64899654-4705"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
cf-ray: 952afc767bb056ca-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1846&min_rtt=0&rtt_var=2901&sent=253&recv=230&lost=0&retrans=0&sent_bytes=106431&recv_bytes=16284&delivery_rate=14495204&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=24340&unsent_bytes=0&cid=bd0f139f819cf116&ts=1482&inflight_dur=94&x=44"

GET www.maryelder.shop/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.7.0

104.21.89.245

200 OK

7.0 kB

URL GET
www.maryelder.shop/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.7.0
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
ASCII text, with very long lines (7043), with no line terminators
Size
7.0 kB (7043 bytes)
Hash
456663a286a204386735fd775542a59e
0a61620b88f4ae0fa7d71e2c7a014ea2c3ab5749
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.7.0 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fqtuaj44wjXMsGSiTkUsyiNJefBEmBL8DrKFGNVcHzM3KIEPnG%2F%2FncKfV3USga0vEOyLCN6EMtZKXgEaZUoUXWb%2B2XaMlajYjQ5LPMEoK98uRfVCyTn%2FSUaTSew%2BxlX6cdiyJrU%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:32 GMT
cf-ray: 952afc76fbb156ca-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3629&min_rtt=545&rtt_var=4078&sent=166&recv=210&lost=0&retrans=0&sent_bytes=12121&recv_bytes=12693&delivery_rate=303783&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=bd0f139f819cf116&ts=1180&inflight_dur=38&x=44"

POST www.maryelder.shop/?wc-ajax=get_refreshed_fragments

104.21.89.245

200 OK

529 B

URL POST
www.maryelder.shop/?wc-ajax=get_refreshed_fragments
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JSON text data
Size
529 B (529 bytes)
Hash
53e7cf944bae8b385aaa5e8a74a26ffe
4f8a41980c4f69d9a50642f33776d9b15fec564e
e44e4478f06c9c13632d044b048c54adf10f7d5d77b2d70aec4148dfe74f064a

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://www.maryelder.shop
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 20 Jun 2025 11:39:35 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qM%2FbhiXs%2FDvzg9c8peXSkBUJFFm7IUQ7mjOBlDDEZHyJAeZispn%2FZx6v7e4fCEAJvCUCZc%2FrxfowJGBW0yy%2F2ahNX6Parkmdw6GC8YZkAY90Mlv%2BKTkccTFofWEtoHW8ijmycJQ%3D"}],"group":"cf-nel","max_age":604800}
pragma: no-cache
set-cookie: ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009; expires=Fri, 20-Jun-2025 12:09:29 GMT; Max-Age=1795; path=/
access-control-allow-origin: https://www.maryelder.shop
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 952afc7b3bf256ca-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1399&min_rtt=0&rtt_var=778&sent=892&recv=285&lost=0&retrans=0&sent_bytes=847762&recv_bytes=21254&delivery_rate=14894435&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=25244&unsent_bytes=0&cid=bd0f139f819cf116&ts=3908&inflight_dur=278&x=44"

GET www.maryelder.shop/wp-content/uploads/2023/07/favicon-16x16-1.png

104.21.89.245

200 OK

274 B

URL GET
www.maryelder.shop/wp-content/uploads/2023/07/favicon-16x16-1.png
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
PNG image data, 16 x 16, 8-bit grayscale, non-interlaced
Size
274 B (274 bytes)
Hash
7e687e5107468c9d40a120a07d10b6f6
bce8d0d6e22424d2b1b6a1e7ac135662c21f5925
2d4588069016b3fdc7ea3e0e92fab9f238f4424188b7814e34111833ee2c966e

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/uploads/2023/07/favicon-16x16-1.png HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 20 Jun 2025 11:39:34 GMT
content-type: image/png
content-length: 274
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6hiOMqlCJkWt35sTM3D2x%2FOibS%2B56AXsBwX%2BXsaJ8TIsT66AdS8baaw5CIb15hSnk6ip2kEpXPmcivo3tjd5stk3yHNqgS%2F7UK%2BmcK77VqErxInWu2On6dW48jKqaZK8ONV9EvE%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 08 Jul 2023 01:21:07 GMT
etag: "64a8ba03-112"
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: REVALIDATED
cf-ray: 952afc7f2c0b56ca-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1129&min_rtt=0&rtt_var=592&sent=888&recv=283&lost=0&retrans=0&sent_bytes=844890&recv_bytes=21165&delivery_rate=14894435&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=25244&unsent_bytes=0&cid=bd0f139f819cf116&ts=2847&inflight_dur=269&x=44"

GET www.maryelder.shop/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css?ver=4.7.0

104.21.89.245

200 OK

31 kB

URL GET
www.maryelder.shop/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css?ver=4.7.0
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
ASCII text, with very long lines (30441)
Size
31 kB (30603 bytes)
Hash
d3ec229e04c8634c88cc4cb3f2934c11
785cb4beecaad98329fff0a54f9a5536cda200ab
73835f9dd494931cd0562ab2d4db8aaf3d54dca375abade1794ad1a12ae0d97c

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css?ver=4.7.0 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=J345%2BUGbVV%2FKmATqQjfeSvdoSiDghxqVxUCEerEdVe%2BetBoPlgGTiQnPfpk0fmGxR4cUA%2FmzehgZ1XpcfmD%2FUstI%2BKBIg0m%2BZwXd7bNKVNs%3D"}]}
cf-ray: 952afc725c715697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6

104.21.89.245

200 OK

22 kB

URL GET
www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
HTML document, ASCII text, with very long lines (21538), with no line terminators
Size
22 kB (21538 bytes)
Hash
d017e13d65b4c79d9a22a4ab9e6bcdf6
f766dedd77e0f910742439a102a23dbeade89299
2ef1fc50a9d78f044028f3ba7378c5bbec0188de74a5217491040f9ba435fca4

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:35 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899653-5422"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=tsO6FUPbzHHhPK4xCAvjD9XgIeBEOPaPYBoVBK%2FZbTUnfBmP4kQ9GzLezxbwuQ94LnIHXqG2Ujb6kQ9Pqe7b78DdXDjlyjbyfK0bTzCltZk%3D"}]}
cf-ray: 952afc734ddb5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/themes/ecommerce-plus/js/skip-link-focus-fix.js?ver=20201201

104.21.89.245

200 OK

880 B

URL GET
www.maryelder.shop/wp-content/themes/ecommerce-plus/js/skip-link-focus-fix.js?ver=20201201
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
ASCII text
Size
880 B (880 bytes)
Hash
381a9581291af74e622863b9ae1436bd
f35f2272e27f51dcfaa0a78f7595bce348b62b9c
c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/themes/ecommerce-plus/js/skip-link-focus-fix.js?ver=20201201 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:36 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=nLKyArFrVH0fEjGplgHfW2szn3KmZH%2B5dBGXU4RbMRtpHrsqw%2FgYMYyFtntaBfuirFCRDB%2Bg3OBJzTMFXS0MubRqfxabUzyiPWovF4Li%2Fv0%3D"}]}
cache-control: max-age=14400
cf-cache-status: REVALIDATED
etag: W/"64899654-370"
content-encoding: br
cf-ray: 952afc738e485697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.7

104.21.89.245

200 OK

30 kB

URL GET
www.maryelder.shop/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.7
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text, with very long lines (315)
Size
30 kB (30529 bytes)
Hash
e1d6533906ba8cce9da6157ec25c0dd5
050b3341c7d1497494334ab17a78c04ddc61dc1f
9aafa38d431075d0f6c738a2633785fd32fada0e14408bd662d95e608ddb4daf

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.7 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:34 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899652-7741"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=DgoPWACsjYfYTyYxVMOinxZr%2Buqo3jsR65%2FndVNEkTAOW7cifeuWNZyuqrsluV7f8DB9e%2F7FrY0QuMH8JkLRkzGQYQ9%2FRlD%2B3t0zRpLb1b0%3D"}]}
cf-ray: 952afc73be805697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0

104.21.89.245

200 OK

15 kB

URL GET
www.maryelder.shop/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (14924), with no line terminators
Size
15 kB (14927 bytes)
Hash
157f18464a93eab7fb62a7f3e618ac2c
f47727e80d529d6e4941fea32f2e8a8ee5008b8a
9ed8f2a0e573467348e64fb1945eeac1698f32af9e9c723153eb7142d6a43306

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:36 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899654-3a4f"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=0Y3Mx5QDMr6e5jGRq9GE7qu8cEnISFOKWYATK2AgJHqki5enM7y7Sp3uh9nJn%2FtrCQHepFnwe%2FB3U3iYuBTj6OJmTaXUdEzTqtLi%2BybSFag%3D"}]}
cf-ray: 952afc733dd35697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.7.0

104.21.89.245

200 OK

2.1 kB

URL GET
www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.7.0
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text, with very long lines (2139), with no line terminators
Size
2.1 kB (2139 bytes)
Hash
b72c1cbb1530a011a27bd9800f26765a
27b825c5d8255f33b8427a059d4545ebd65e1746
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.7.0 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:35 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899653-85b"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=vDl0x%2BzONhE0ujUTkDIhACOT383nGVYHcZ2cN%2BdBJkpcmjfZZ0cKL6D89kSY0yoQgovEeAxG9qkf0Hc1XJqU76GUCZkKRBdcevOiEBpuG%2BM%3D"}]}
cf-ray: 952afc737e345697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=4.0.3

104.21.89.245

200 OK

100 kB

URL GET
www.maryelder.shop/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=4.0.3
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
100 kB (99671 bytes)
Hash
056f4766ba0439624d22d8aa7d84c359
52df4d1bee0edbf2319c318cbdb46c8a16287849
19395a31eba590812aa5b60221b9ae0f2afff2a89bffcd05efdb5e0001a4bf8d

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=4.0.3 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=AtaqpRQIeT1TpE5bFs%2FHCYSopfp92D6paU3XkphgK6zAn13OQMzy8kH8lxP2hCaKemrtjs11WJez%2BhgCbr0VU7BvIP0GetY0Ich9apgy7Pc%3D"}]}
cf-ray: 952afc726c875697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=5.9.3

104.21.89.245

200 OK

15 kB

URL GET
www.maryelder.shop/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=5.9.3
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
ASCII text, with very long lines (14965), with no line terminators
Size
15 kB (14965 bytes)
Hash
bc523f920a653b0baf7e325592052fe1
310a1dbec5d49fb39b18ab28eba63dac5cb95176
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=5.9.3 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=cCtwSn1tXke1r4r1eoegj15g01IGssnVsV%2FmGKx5uK2VffoVGrUzR0wJmeAaFoKR5hgbzgXuz%2Bu5SjGKJYRWls8vojQ5kfO%2FnLiJLqAK8xQ%3D"}]}
cf-ray: 952afc726c8f5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/themes/ecommerce-plus/css/bootstrap.css?ver=5.9.3

104.21.89.245

200 OK

57 kB

URL GET
www.maryelder.shop/wp-content/themes/ecommerce-plus/css/bootstrap.css?ver=5.9.3
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
ASCII text, with very long lines (386), with CRLF line terminators
Size
57 kB (57449 bytes)
Hash
a2e8a58ca8977bd1df5410c7897d6fb5
a74743c580126c78f841b47f5eb782aa33792af8
9fcb3051178ad6973074ec612f8e95c36cb1026b492218837bfdb65246e8e95a

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/themes/ecommerce-plus/css/bootstrap.css?ver=5.9.3 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=XOiEtoVM3lG0vC1e%2Fqtu10%2BIvjewDME8baXLiKqxfkZrtBrdI06ehmH2HK9NdOj7uwJWpuuz6zZrR6DD2dy7W%2BwafUUmrIJR15f9vNuz0L4%3D"}]}
cf-ray: 952afc727ca95697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/uploads/customer_style/customer-style.css?ver=5.9.3

104.21.89.245

200 OK

7.7 kB

URL GET
www.maryelder.shop/wp-content/uploads/customer_style/customer-style.css?ver=5.9.3
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
ASCII text
Size
7.7 kB (7722 bytes)
Hash
90c9050c640e475ada27ac94395909d8
9d9d02c78ac9b475c1dacf4998c3709d55e1de79
af2157367eafc19a71365ebc63d326082275f4dbfda4f22733426f0f80290a90

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/uploads/customer_style/customer-style.css?ver=5.9.3 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=6GmuoDvJdOq9U6tRfyBPoom3rYsWoLCm4%2Bohy8FeXR6YBumjVsoAp%2BIy1xIqWwk%2BC%2Fxdi5NoMjoYcsCS8A5QgB9qC7FwtTaX0JIZtEr9nkk%3D"}]}
cf-ray: 952afc732da65697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

104.21.89.245

200 OK

19 kB

URL GET
www.maryelder.shop/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (19110)
Size
19 kB (19261 bytes)
Hash
60c88069166716db064d51e9d7eb9bc8
28e5067d2a3b688bb5828500fffc8783f3884443
bab8bc75e2e121a7b9d273f9f38c33881e07e29070704adeb351d8936d14a16f

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:36 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899654-4b3d"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=5ivUwiNoJ2OpAFSXdB5Z72%2BAX3iDloYZK4NJGH2nAadFMGBvBXbahUvEZFo2pUSELsmUE06VoFUjEtVNQnDPQ2a28FR5nPV2QUB7ptoEeaE%3D"}]}
cf-ray: 952afc734de55697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.7.0

104.21.89.245

200 OK

2.9 kB

URL GET
www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.7.0
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text, with very long lines (2938), with no line terminators
Size
2.9 kB (2938 bytes)
Hash
0fd625c3991a4015814cffdc88e2fc82
d7c2f53e058210ff3ea773297641008bab71a5f3
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.7.0 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:35 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899653-b7a"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=yc3%2F5s6CRSZ%2FX1zJQuDWVXgmjX03G08qFjqspxDJwO8EbEE9WGRHV%2BGiyA3xdiI9eEvftcWYPI8m%2BORwIDZLNB4c9JhMhKTSrXwy6So6gi4%3D"}]}
cf-ray: 952afc738e3b5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/js_composer/assets/lib/flexslider/jquery.flexslider.min.js?ver=6.7.0

104.21.89.245

200 OK

31 kB

URL GET
www.maryelder.shop/wp-content/plugins/js_composer/assets/lib/flexslider/jquery.flexslider.min.js?ver=6.7.0
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text, with very long lines (30459)
Size
31 kB (30678 bytes)
Hash
3f5389289396a324e7795d0995259ae9
9f77d2801ce315d937b30a157e53c691d6082928
23cf1b7e88d0a1380682288aa82eb327f78221b2097868f45e11620b3c7a9b60

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/flexslider/jquery.flexslider.min.js?ver=6.7.0 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:34 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899652-77d6"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Ynr%2Fte7vmU8qCtN41ZCmf%2FF8IB85SGjyJyDOLV0HDrFjYLiZXGL%2F66yEXlmtbfhZlKCF8PifqY5JTyzX7cvEJtzpP3YCauVIhE1wOP9xNJc%3D"}]}
cf-ray: 952afc73be8a5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/uploads/2023/07/10006-gigapixel.jpg

104.21.89.245

200 OK

89 kB

URL GET
www.maryelder.shop/wp-content/uploads/2023/07/10006-gigapixel.jpg
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, xresolution=72, yresolution=72], baseline, precision 8, 400x560, components 3
Size
89 kB (89363 bytes)
Hash
84ab3795a9b891a1479c2f19d86e1d37
971d7b27f2738049dd29678bfc52c5ff1acc8ab1
45a50f17369aee679f1c5bb2985f70ea0384aa546bc4777f658217a9cde7bb9f

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/uploads/2023/07/10006-gigapixel.jpg HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: image/jpeg
content-length: 89363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EiuQ2DHbcMfyB9A%2BZNDg8rUqY0lNxsiAFTQVb91Uhezrufjv3NEqiKxACMmtKlRGtNOL2IfXboM%2Fl0%2Fqi4Cih%2FoLajAvRitRpDgSR%2Bq%2Fal%2BW013lJ4Zy3y3O73GEV1ZbiQDUyDw%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 08 Jul 2023 01:42:36 GMT
etag: "64a8bf0c-15d13"
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: REVALIDATED
cf-ray: 952afc78dbbf56ca-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2581&min_rtt=0&rtt_var=3646&sent=266&recv=231&lost=0&retrans=0&sent_bytes=120069&recv_bytes=16332&delivery_rate=14495204&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=24340&unsent_bytes=0&cid=bd0f139f819cf116&ts=1605&inflight_dur=103&x=44"

GET www.maryelder.shop/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.7.0

104.21.89.245

200 OK

18 kB

URL GET
www.maryelder.shop/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.7.0
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
ASCII text, with very long lines (17809), with no line terminators
Size
18 kB (17809 bytes)
Hash
1ddf23fcfd1b2941c456ce01da8180a6
156ef5cc77061010e3f4123a47fa415c6391e5ff
dd18a408a35aa5d393458657eb24fb56ab754ece3f88bd78a038e5793d3f6991

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.7.0 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=bjvyE4ruX0SWzEsgl8xycrLmGH49z%2FyoSwuJkc4GrJmmeWCQhd%2FZApQZiIgsac%2ByJLBwBgSWTz8UHG1WT9gugwqY5eKd%2BrBdEX8rjxmsEI8%3D"}]}
cf-ray: 952afc726c825697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/themes/ecommerce-plus/style.css?ver=5.9.3

104.21.89.245

200 OK

121 kB

URL GET
www.maryelder.shop/wp-content/themes/ecommerce-plus/style.css?ver=5.9.3
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
Unicode text, UTF-8 text, with very long lines (604), with CRLF line terminators
Size
121 kB (121330 bytes)
Hash
12eb68cb35771607a7e0bac680109bd2
d21674804c8c8f563a0f2a441f9d6465e0e50edb
4fcb9c6f4b1f91ee535902f76e0ad4b759dd0a7d6d6b9746d623e6ad13111c12

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/themes/ecommerce-plus/style.css?ver=5.9.3 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=GlDrhTWQjdYMH0MkbT71w31lSd1FD7vf%2Fp6%2FdT463G9J9SZkYNjc61qIXMevDpUUay3mrz%2BrBjwPHkwNCp3EEXNhKgwy8G7RhZmGyTX7reA%3D"}]}
cf-ray: 952afc727cab5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/newsletter/style.css?ver=7.5.1

104.21.89.245

200 OK

6.3 kB

URL GET
www.maryelder.shop/wp-content/plugins/newsletter/style.css?ver=7.5.1
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
ASCII text
Size
6.3 kB (6282 bytes)
Hash
e82f7c1bf34a75131708b4d9028fd6f1
587555f2d28fd2b15d470116a6e3c322a06e7cc1
ff7cbd7d791c0f01f1b7db211981bb0506701f663e9e41422586b9e625753ba3

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/newsletter/style.css?ver=7.5.1 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=aVgI1mJPQ7%2BUuCE2k3kasyr5XfuzW617TvoSTzAQxl0HbvYTqeRRY%2BYMfTG20yokQuOGplh%2F5rwl4ixV2GS56DERvROMDZJpG4m6ODSdsZo%3D"}]}
cf-ray: 952afc728cb95697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.7.0

104.21.89.245

200 OK

3.0 kB

URL GET
www.maryelder.shop/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.7.0
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text, with very long lines (3037), with no line terminators
Size
3.0 kB (3037 bytes)
Hash
8bc2109ef48cabf7a26b73d7c3536c5f
0e0dfee3a3975eafc3dd55f190d1deb3c6c55d3b
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.7.0 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:35 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899653-bdd"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=FxdYn5jU1mBsAfpT2eh9uUfkem6eFupvFF%2BlaroFHTyHogRBaFE%2BFnw7y3bzDqLndXtOC4h1Is8rHgdQhnRm5BAigjdhHkBD%2FSbONaf%2BABI%3D"}]}
cf-ray: 952afc72cd285697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/js_composer/assets/lib/flexslider/fonts/flexslider-icon.woff

104.21.89.245

200 OK

1.3 kB

URL GET
www.maryelder.shop/wp-content/plugins/js_composer/assets/lib/flexslider/fonts/flexslider-icon.woff
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
Web Open Font Format, TrueType, length 1268, version 1.0
Size
1.3 kB (1268 bytes)
Hash
f8b92f66539473eea649c8514eb836a0
9876bce2a7b39125bd7a406c445e46e704d7b37e
333fe8266952f16c8b686f3edd78293da28e6eaef314dca86bc4eeaa23f290e8

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/flexslider/fonts/flexslider-icon.woff HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/wp-content/plugins/js_composer/assets/lib/flexslider/flexslider.min.css?ver=6.7.0
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 20 Jun 2025 11:39:33 GMT
content-type: font/woff
content-length: 1268
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7SHxG97VpBtlM8VcJpU%2B%2FJxPvUrhNcQyh8otmoAbMYtMgoGTIzjQu0wJkj743kyuY3QX0xOOIhWcu2NgqSl%2F4reXkh%2BJwsrB%2FfDs3SpNgjdwR3uNNezML%2Fg9dGW%2FbjUxL9SIFHw%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 14 Jun 2023 10:28:34 GMT
etag: "64899652-4f4"
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: REVALIDATED
cf-ray: 952afc7bcbf556ca-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1052&min_rtt=0&rtt_var=585&sent=885&recv=281&lost=0&retrans=0&sent_bytes=842865&recv_bytes=20377&delivery_rate=14894435&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=25244&unsent_bytes=0&cid=bd0f139f819cf116&ts=2095&inflight_dur=267&x=44"

GET www.maryelder.shop/

104.21.89.245

200 OK

184 kB

URL User Request GET
www.maryelder.shop/
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
HTML document, ASCII text, with very long lines (8303), with CRLF, LF line terminators
Size
184 kB (184544 bytes)
Hash
2bc4c7ccd28b1fd7355f1139518be1b2
1a0dcc41422bebb1054941c42ac434c4a3e43d28
75dc6742a5a64c58fd6f08c80e4c3b1f88bb7d55f81c627f2e76223589f8c06d

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET / HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0, no-store
link: <http://www.maryelder.shop/wp-json/>; rel="https://api.w.org/", <http://www.maryelder.shop/wp-json/wp/v2/pages/319>; rel="alternate"; type="application/json", <http://www.maryelder.shop/>; rel=shortlink
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=YqIwHNLXB0FRXz0bUQ27ZVd15Z8YYvKAZhNkdHvvmWXSVfit3euGfxJr6vxEOg%2FS15%2BJhyvSWHj1uHPY8LmPyhGkSHjD6Qk09mKkxRY%2BHXg%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; Path=/
ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009; Path=/; Max-Age=1800; Expires=Fri, 20 Jun 2025 12:09:29 GMT
cf-ray: 952afc619c715697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0

104.21.89.245

200 OK

2.6 kB

URL GET
www.maryelder.shop/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
ASCII text, with very long lines (2630), with no line terminators
Size
2.6 kB (2630 bytes)
Hash
eade318fbed91c096467dffa56406638
69d306a2097e792f99c80a5e0bb8863260399cad
d589803f3ab380582ab137b22493c2bacaa92424fa88cee212e80288cac11fbb

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=zEXzRMu2%2FeCz0QOPMTu0XKf%2Bl5u43bYGSruskxf8F0DHDuRgmG6B7k5jc1P6XRuVro59SnBrlSPQN3MXmka7RMaJr0N3dn4SjDuv2KzJRfw%3D"}]}
cf-ray: 952afc725c6d5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.7.0

104.21.89.245

200 OK

20 kB

URL GET
www.maryelder.shop/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.7.0
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text, with very long lines (19905)
Size
20 kB (20124 bytes)
Hash
596d6e5d8400fd1e913f9adc21071f93
fee2d7a4ac08d5a522c2298a5ad3ed30ac9e62ec
159faf7827be43b4c85a35fc941924a9de59a169d42d600b49161f60debf9dff

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.7.0 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:32 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:34 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899652-4e9c"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=lggiR7gyqCiDZDWrOADwM4U%2BmMbv1TaOjXm0sqHoOeEwiFuIc14WC5HeMIIaXwYucrLRmE3iR%2F8Dd1l4LKjEsiwioHr%2B6PHOaItMEmYnn8Q%3D"}]}
cf-ray: 952afc73be875697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

POST www.maryelder.shop/wp-admin/admin-ajax.php

104.21.89.245

200 OK

1 B

URL POST
www.maryelder.shop/wp-admin/admin-ajax.php
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

POST /wp-admin/admin-ajax.php HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 230
Origin: https://www.maryelder.shop
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 20 Jun 2025 11:39:34 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=npOH5vwY%2FDwoaFjaAGiMQ1%2FLx78ollojr2LB2wHGNLaMl3BnXz22fxfUZOpWBHDI8q2gSyv%2BbuB9%2F9SBEcuTmFideQp0aydNoOBzMmW2yQqgg%2BS3xyKXpygnpi67MOj4NwAraow%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
pragma: no-cache
set-cookie: ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009; expires=Fri, 20-Jun-2025 12:09:29 GMT; Max-Age=1796; path=/
access-control-allow-origin: https://www.maryelder.shop
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 952afc76fbb256ca-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1320&min_rtt=0&rtt_var=826&sent=890&recv=284&lost=0&retrans=0&sent_bytes=846808&recv_bytes=21210&delivery_rate=14894435&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=25244&unsent_bytes=0&cid=bd0f139f819cf116&ts=2882&inflight_dur=276&x=44"

GET www.maryelder.shop/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.8.3

104.21.89.245

200 OK

210 kB

URL GET
www.maryelder.shop/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.8.3
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size
210 kB (209885 bytes)
Hash
375cb90c5332267d20d6043a63444e6d
c9e3491ce137aa644109765ff590e0d30da35e72
9e4f92eb422eb08e7fdb89083b71ade65040e339149d2c901f957dc7f202055f

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.8.3 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=JJgdL6%2FefLz%2FuJ4rcD146czIF%2FZpNqoeT4otbJP4z9Yfme2MNjpg17JULvBpXXJ0%2FgWeUfX9O%2B0fur9JbeKqLUYewfOqbzyXD%2BgxzQ3kyXQ%3D"}]}
cf-ray: 952afc725c695697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C600%2C700%7CGoogle+SansMuli%3A300%2C400%2C600%2C700&subset=latin%2Clatin-ext

142.250.74.10

200 OK

7.3 kB

URL GET
fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C600%2C700%7CGoogle+SansMuli%3A300%2C400%2C600%2C700&subset=latin%2Clatin-ext
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint58:09:05:96:27:31:E2:3D:AB:89:AD:1C:2E:C3:03:82:B0:27:3D:86
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
ASCII text
Size
7.3 kB (7332 bytes)
Hash
cef623f8b22c2993d489bbdfc772686a
84a1c33d286625d46ec0a628c75044395ec9b157
fd8e2add91ccdf1a6e234fc2ef135c83a5787e7a3b926003066b03f0bbe862b0

HTTP Headers

GET /css?family=Roboto+Condensed%3A400%2C600%2C700%7CGoogle+SansMuli%3A300%2C400%2C600%2C700&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 20 Jun 2025 11:39:31 GMT
date: Fri, 20 Jun 2025 11:39:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/themes/ecommerce-plus/css/font-awesome.css?ver=5.9.3

104.21.89.245

200 OK

37 kB

URL GET
www.maryelder.shop/wp-content/themes/ecommerce-plus/css/font-awesome.css?ver=5.9.3
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (372)
Size
37 kB (37414 bytes)
Hash
c495654869785bc3df60216616814ad1
0140952c64e3f2b74ef64e050f2fe86eab6624c8
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/themes/ecommerce-plus/css/font-awesome.css?ver=5.9.3 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=pjJDqbbLnzyzgaZTfstXyFH9o2vS7fzv4q5%2FFKQcnsPGki%2FoRwix6kaRJFx2LcMPuMj7xKym9HH%2FVcxN3nYriMfxdsxr7AayHF64%2BZMhd%2BA%3D"}]}
cf-ray: 952afc727ca65697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=5.9.3

104.21.89.245

200 OK

50 kB

URL GET
www.maryelder.shop/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=5.9.3
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text, with very long lines (31759)
Size
50 kB (50544 bytes)
Hash
6e9cb4f7cf17f8cac3a17f6d90960eba
ee7d45d8d250040c7aedea363c7b2b7e7bf65bcc
8c2230e1348d437f591bf23a319992999e4869ab9aef142861ae206b05ec1be4

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=5.9.3 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:36 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899654-c570"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=CITa9FQ1cMr4nm%2FdtqnxwUnSzO6wcdyHxQ2jOi2UIdX4Zs7UP%2FzT9n2WvUcg6ZNSyDtM9pphsOaJuqEBlwKvWpj8gEouTeDAgsTw6b5Hqmc%3D"}]}
cf-ray: 952afc72cd2c5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/woo-exchange-rate/assets/js/woo-exchange-rate.js?ver=5.9.3

104.21.89.245

200 OK

1.2 kB

URL GET
www.maryelder.shop/wp-content/plugins/woo-exchange-rate/assets/js/woo-exchange-rate.js?ver=5.9.3
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
1.2 kB (1179 bytes)
Hash
ae0a0a22ffec7989b87b813b626cda4a
a5648556090a1310db15a5348ec4d62085c99052
c9c140eeebc4a3eb26325e247df563b2e6433c19bae11e0bdf21280c3482c0b0

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/woo-exchange-rate/assets/js/woo-exchange-rate.js?ver=5.9.3 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:35 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899653-49b"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=l2rtSn8%2FP0pZTP%2BsGQoE6Lo9zZUH8tAr8LTSiueYcHoQPg4waHZfWOm6sXrLPu8QjOpYE1bPmTv%2FcbfuEBU2gE6CbADdQd%2BGX1X%2FXyOKb%2Bk%3D"}]}
cf-ray: 952afc72acf75697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/robotocondensed/v30/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

142.250.74.35

200 OK

51 kB

URL GET
fonts.gstatic.com/s/robotocondensed/v30/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 51412, version 1.0
Size
51 kB (51412 bytes)
Hash
9e5e97447fcc00eca79e97de3b337831
efafc4ef0f1ac7fefb6e22be4ea9c681a53d415a
8d230115e58faa2ed303bee567b91d1a792e0c958a0118998b53648b2ab7c057

HTTP Headers

GET /s/robotocondensed/v30/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.maryelder.shop
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 51412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jun 2025 11:02:50 GMT
expires: Fri, 19 Jun 2026 11:02:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 28 May 2025 16:58:12 GMT
content-type: font/woff2
age: 88602
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.12.0

104.21.89.245

200 OK

29 kB

URL GET
www.maryelder.shop/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.12.0
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
ASCII text, with very long lines (29337), with no line terminators
Size
29 kB (29337 bytes)
Hash
4de6dfc6ff180e33262861a679d40546
8de11c7f99e413282baa349d11657ccd2c468d4f
3e61990964ebd31443be4e6598163ebd71b73b139c42d52547b8a290f7d059ca

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.12.0 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=KUZytde4%2FhkFksXqgBxtpcVY%2Bzw%2F6FfQIZtnNj%2B%2F4OuuoUAmr4Aq4GSJQDy6Sq2bVe9yKeKZcqbrYLKlu05p2012Hv6ujODTnbHaJQrgT%2BE%3D"}]}
cf-ray: 952afc726c7b5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=4.0.3

104.21.89.245

200 OK

14 kB

URL GET
www.maryelder.shop/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=4.0.3
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
ASCII text, with very long lines (13825), with no line terminators
Size
14 kB (13825 bytes)
Hash
91dae79d84791e79dfc8b84e2c7f15e5
ede13453fb61b42ccd04784933f6c67b74aa9a34
3668f6d335416599574fb1f336cbd2b9bb2f8fcff63e63a9ca3b68df4d0c6165

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=4.0.3 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=rjz2pnklnX%2Fn9y433x7Oyew0N4iWcyUoTcg6%2BvzRi4gvHNOD1dFvsPR8HQy6Oc12yTdmUVedl46lSvw3Hz9tot516RYLuoairnXrMmc2ELw%3D"}]}
cf-ray: 952afc726c8d5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-includes/css/dashicons.min.css?ver=5.9.3

104.21.89.245

200 OK

59 kB

URL GET
www.maryelder.shop/wp-includes/css/dashicons.min.css?ver=5.9.3
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
ASCII text, with very long lines (58981)
Size
59 kB (59016 bytes)
Hash
d68d6bf519169d86e155bad0bed833f8
27ba9c67d0e775fc4e6dd62011daf4c3902698fc
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-includes/css/dashicons.min.css?ver=5.9.3 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 20 Jun 2025 11:39:31 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2BYSG21tCBPkFKE13n8ZaLqw0suSG9PXxN3mgI5xiMvaBibwYOdXNKgdh9xWQKwAMaWhFQX3qzIzinsrlC6JlWJKSJ984x%2FOiugbVW741N2A%3D"}]}
cf-ray: 952afc727ca45697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.maryelder.shop/wp-content/plugins/fma-product-custom-options/front/js/accounting.min.js?ver=5.9.3

104.21.89.245

200 OK

3.2 kB

URL GET
www.maryelder.shop/wp-content/plugins/fma-product-custom-options/front/js/accounting.min.js?ver=5.9.3
IP
104.21.89.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.maryelder.shop/
Certificate
IssuerGoogle Trust Services
Subjectmaryelder.shop
FingerprintD5:2F:84:26:8A:EB:6E:FC:93:17:7E:72:C2:14:3F:D5:83:C3:F6:14
ValidityMon, 16 Jun 2025 18:39:40 GMT - Sun, 14 Sep 2025 19:36:15 GMT

File type
JavaScript source, ASCII text, with very long lines (3019)
Size
3.2 kB (3151 bytes)
Hash
b34ee54abcdda3f94566ea5e7312fdbc
4230cb168bd0bc6f831da5ac89517c865e0bda96
de4945bf8c32247c3570f1945b4af05f3efb440b46c93c18d2f428ae9162c8ea

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake e-Shop

HTTP Headers

GET /wp-content/plugins/fma-product-custom-options/front/js/accounting.min.js?ver=5.9.3 HTTP/1.1
Host: www.maryelder.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.maryelder.shop/
Cookie: PHPSESSID=bthgsc82a3th40k7qjca3eqp52; ppwp_wp_session=7e65d85c5e705e9a7ff65dcb02a33327%7C%7C1750421369%7C%7C1750421009
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Jun 2025 11:39:31 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 14 Jun 2023 10:28:32 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "64899650-c4f"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2F3t0sBhGE%2BytpAzn6QDrmATsL61Vp6mQgyivOqx6DvRiyXLyHMt3LbTfSQT%2FrN1jYUtpqadxJB4APjgvPoTvurspwaOju3BQ8rSb3%2Biecjw%3D"}]}
cf-ray: 952afc728cc35697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (48)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML