r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12957
Expires: Thu, 26 Jan 2023 21:51:28 GMT
Date: Thu, 26 Jan 2023 18:15:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14199
Expires: Thu, 26 Jan 2023 22:12:11 GMT
Date: Thu, 26 Jan 2023 18:15:32 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 17:35:16 GMT
content-type: application/json
age: 2416
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8598
Expires: Thu, 26 Jan 2023 20:38:50 GMT
Date: Thu, 26 Jan 2023 18:15:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: V4TKTDIuOUDxrrY0o7qlRQO/q2px6CWP46bkkshklQaHC1hapz5a68cFtXoX5PBPQHLPKdzqy9s3YstEokb2/w==
x-amz-request-id: AJM53A0MBG4YD5CC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 17:20:12 GMT
age: 3320
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:15:32 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 17:49:01 GMT
age: 1591
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13142
Expires: Thu, 26 Jan 2023 21:54:34 GMT
Date: Thu, 26 Jan 2023 18:15:32 GMT
Connection: keep-alive
push.services.mozilla.com/
34.210.150.237101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.150.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gUWp+mxHJjz6asK33z51SQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ee1xp6NEXfPT6VyBxD5zuLrRkSc=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8925
Expires: Thu, 26 Jan 2023 20:44:19 GMT
Date: Thu, 26 Jan 2023 18:15:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8925
Expires: Thu, 26 Jan 2023 20:44:19 GMT
Date: Thu, 26 Jan 2023 18:15:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8925
Expires: Thu, 26 Jan 2023 20:44:19 GMT
Date: Thu, 26 Jan 2023 18:15:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8925
Expires: Thu, 26 Jan 2023 20:44:19 GMT
Date: Thu, 26 Jan 2023 18:15:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8925
Expires: Thu, 26 Jan 2023 20:44:19 GMT
Date: Thu, 26 Jan 2023 18:15:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 653bf5a34e9f99c9eef73a21d98d792f
c70d46aa2210c4f7c397fa20e1225b7d0734ac35
9f928ec6f194340e5543a4bf757aac31d545def67a56ae804a2039a3effd3fe0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10379
x-amzn-requestid: 419e5a80-cb6d-4904-9545-a0f815149701
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYMREwmIAMFhQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0b4-64c49f7d49687d9e5324ec64;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:35:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rZHSgPIPZyea2griEvL-3semlrUDichGSL8Rin4YeYKN909f9e0lyQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:41:09 GMT
age: 74065
etag: "c70d46aa2210c4f7c397fa20e1225b7d0734ac35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VATQ0SjZfM_btXwR4M5keLmd-EE6717EHEiXrF2zpHNrli93EhN6Rw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:48:42 GMT
age: 73612
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17e1b6f3caa98b0e0972802408dd3f93
07e48bf3565e00d093d72dd4ada606f5d39a4838
7094ef64e04573bea7a81bbcc8ab59d721c5ef433e3fa9203e5861040ced549c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9285
x-amzn-requestid: 526bd945-31d8-490e-af9d-5e6fc6ea3561
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYT2HzvoAMFYYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0e5-6812fe4354bbdac4472e7e81;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QEH9CmjfV8QZFNxFz_tEk06i_ELUSNC2QjdTF4K3xc3vS651BZ3NlQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:52:28 GMT
age: 73386
etag: "07e48bf3565e00d093d72dd4ada606f5d39a4838"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cfe699b31f96add9f1439af1ff1191eb
f77a833a69b69eef4a39e404c102f624e96b52c0
44312979ac13221e5c3328ad590f0f3dc7da00380c07c433382cd81c47b717f8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14856
x-amzn-requestid: e7d931f7-d086-42b9-a1f3-c8253b82eba6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSY_OHw7IAMFj6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d52e-4fd95c5f5a64861720a1ee60;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:07:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2yzeIjHl8sUO9s5n2sZfN6DSWOVDVQl-xdSrNmHu-yWXj_7VJJk5qA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:39:30 GMT
age: 38164
etag: "f77a833a69b69eef4a39e404c102f624e96b52c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f62e9b7bdca82d18c945851912d8fea8
a7ca44d337c43bc5c6145b26778661c71cc50484
5da02cc405c1cada55813ffe376844375f1d6ad222cbb63405348b1f5132a0b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9595
x-amzn-requestid: c257bfbe-1bd7-4540-bbfa-e4c49a2624a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXwfGigoAMFvBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a002-226c08656eeefbfa3c2dddb6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k9njnQmggD7UkVJzZqSzo90HJJjTjGK0QIoPU0HWYKrSstjM6s1rOw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:57:18 GMT
age: 73096
etag: "a7ca44d337c43bc5c6145b26778661c71cc50484"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mjK4GJ3UCEuHk4XqmXdZCWHTVvJeX8Z2HFaem2GYzqfqlPSd_h6DfA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:33:59 GMT
age: 38495
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
maidaenterprises.com/
185.217.168.250301 Moved Permanently 0 B IP 185.217.168.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: _eshoob=1; expires=Thu, 02-Feb-2023 18:15:36 GMT; Max-Age=604800; path=/
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://maidaenterprises.com/
content-length: 0
date: Thu, 26 Jan 2023 18:15:36 GMT
maidaenterprises.com/wp-content/plugins/woocommerce-payments/vendor/woocommerce/subscriptions-core/build/index.css?ver=3.1.6
185.217.168.250200 OK 326 B URL HTTP/2 maidaenterprises.com/wp-content/plugins/woocommerce-payments/vendor/woocommerce/subscriptions-core/build/index.css?ver=3.1.6
IP 185.217.168.250:0
File type ASCII text, with very long lines (1411)
Hash e6024e94f2cdf7ff1da4c708978b252b
b394f60cab9b6c954550837e9c458444bb76ab21
bc6f40d1dc3dcb37a83cfae77f5612830ed9790683dc91f22d943d9180713d2e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce-payments/vendor/woocommerce/subscriptions-core/build/index.css?ver=3.1.6 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Sun, 03 Jul 2022 20:32:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 326
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/page-builder/bb-plugin.min.css?ver=3.8.1
185.217.168.250200 OK 127 B URL HTTP/2 maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/page-builder/bb-plugin.min.css?ver=3.8.1
IP 185.217.168.250:0
File type ASCII text, with very long lines (302), with no line terminators
Hash 09707d8249bff41ab9b149ef2fc6b72c
5238d701eaed208e52bac629e8ff59f2b94f815c
30c92fe46deaaac369efa9cb07d71427069fe60b46a095917d65d10fce6046ca
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/astra/assets/css/minified/compatibility/page-builder/bb-plugin.min.css?ver=3.8.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 17:49:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 127
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.8.1
185.217.168.250200 OK 8.4 kB URL HTTP/2 maidaenterprises.com/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.8.1
IP 185.217.168.250:0
File type ASCII text, with very long lines (43644)
Hash 392b74ecaf49fcab085b48fc8013a93e
35ac9afd186062bb55e206df347eacc422efcd36
ef9002689f85be45503bb0899e39763f210a6d9782aeddc3a0ccb48d81a0fbfe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.8.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 17:49:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8393
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 715f2a2c57230b2e1aedef83c76e0cbc
df5a219b8564a6c8fbe802e574ba625be7f204ca
ca239808557d30d1df2527ae94987866734b640bfd631282414a39eac87b872c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 18:15:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 18:15:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maidaenterprises.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
185.217.168.250200 OK 12 kB URL HTTP/2 maidaenterprises.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 185.217.168.250:0
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 15 Dec 2022 14:11:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
185.217.168.250200 OK 2.4 kB URL HTTP/2 maidaenterprises.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP 185.217.168.250:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash ce94f62588d05264ac0148712111cb11
518bcd922f54169aeb199c0ccbc5877165ac218e
84ab658a69c39f424be0b27f61d612447d01606fce33beb962cbea53627d8c81
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Wed, 30 Sep 2020 01:23:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2394
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
185.217.168.250200 OK 982 B URL HTTP/2 maidaenterprises.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
IP 185.217.168.250:0
File type ASCII text, with very long lines (4186), with no line terminators
Hash 24f4d7f425e792ab35adaab50816e54a
9e25bf79b674ddb7ba09ad7f118c50ec473c02c8
1c78bfb4d523785a4ebd37bb1f79f214f9bdb16673f7cc50805f7f1a26ad7f83
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Sat, 08 Jun 2019 06:15:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 982
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/
185.217.168.250200 OK 28 kB IP 185.217.168.250:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (61589), with CRLF, LF line terminators
Hash 76d17ad2b9bac5caa1369692c0ba8503
dd848e20affc1b433673e1166ab6a4cfc17eafe1
2fc6030f1d0c2c3a3bae9b330378474fd3d3538ed949f89d7b5b2000012d1dbc
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
set-cookie: _eshoob=1; expires=Thu, 02-Feb-2023 18:15:38 GMT; Max-Age=604800; path=/; secure
content-type: text/html; charset=UTF-8
link: <https://maidaenterprises.com/wp-json/>; rel="https://api.w.org/", <https://maidaenterprises.com/wp-json/wp/v2/pages/802>; rel="alternate"; type="application/json", <https://maidaenterprises.com/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Thu, 26 Jan 2023 18:15:38 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.4.3
185.217.168.250200 OK 1.1 kB URL HTTP/2 maidaenterprises.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.4.3
IP 185.217.168.250:0
File type ASCII text, with very long lines (4933), with no line terminators
Hash 8f2da34c6f082c7bec00f9cca661fd59
d0de5b6b29a9788a64826b833465a9d08f7c2ab7
d461fea6636b26aab698f636b2518709cb79416c7d3916d6b03497c4d75befdd
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.4.3 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 19:03:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1109
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.4.3
185.217.168.250200 OK 21 kB URL HTTP/2 maidaenterprises.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.4.3
IP 185.217.168.250:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 7132e662c49912d6a5ce770aa9ee8263
69affd392c02334b1ba4a05da84317ceb4d633bf
322595d6226fdc9456624e9694ead460d27eabae9b1b36099b7dfa378dc5344b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.4.3 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 19:03:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20570
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-base.min.css?ver=1.7.4.2
185.217.168.250200 OK 3.5 kB URL HTTP/2 maidaenterprises.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-base.min.css?ver=1.7.4.2
IP 185.217.168.250:0
File type ASCII text, with very long lines (22510)
Hash 9eb060a1c6b093caaa0e1befb1a2ce22
b7f27f76fc48cc949ce3b475446c8445a1d70bc9
041a859997e590cc821accffc7b808fe8ee84e67cbc53b61f08f4ce96d39ebf5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpforms-lite/assets/css/wpforms-base.min.css?ver=1.7.4.2 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 19:03:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3486
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.3.1
185.217.168.250200 OK 12 kB URL HTTP/2 maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.3.1
IP 185.217.168.250:0
File type ASCII text, with very long lines (59119)
Hash f286e5ab8fff36a43d406daa305ee5a8
e57a1d3ff6e89acadb6652566d2fbb7010c43003
86502649926ea8b98b10bf5e0b28846d0c5be7578858e861b960860f918bf892
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.3.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 19:02:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12370
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
185.217.168.250200 OK 30 kB URL HTTP/2 maidaenterprises.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 185.217.168.250:0
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Thu, 15 Dec 2022 14:11:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
185.217.168.250200 OK 129 B URL HTTP/2 maidaenterprises.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
IP 185.217.168.250:0
File type ASCII text, with no line terminators
Hash 5ef26b5e47e6951f43ecf2b1fc645222
081afb52577f6f3bb044fdea6d34a632c3cce7e8
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 16:45:42 GMT
accept-ranges: bytes
content-length: 129
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
185.217.168.250200 OK 4.6 kB URL HTTP/2 maidaenterprises.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 185.217.168.250:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Wed, 25 May 2022 05:32:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/uploads/2022/05/cropped-maida-logo-e1653642933941.png
185.217.168.250200 OK 6.5 kB URL HTTP/2 maidaenterprises.com/wp-content/uploads/2022/05/cropped-maida-logo-e1653642933941.png
IP 185.217.168.250:0
File type PNG image data, 102 x 88, 8-bit/color RGBA, non-interlaced\012- data
Hash dfee21f28ba5a1cf2e3a7350fa9d7d47
13a03fa5370c703765f453a775b432f2e22bb34f
c74a640201bee31294fdc1adc1d1ac96467aee5b85ea78cf635cc8592fdc403f
GET /wp-content/uploads/2022/05/cropped-maida-logo-e1653642933941.png HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: image/png
last-modified: Fri, 27 May 2022 09:17:19 GMT
accept-ranges: bytes
content-length: 6488
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/css/v4-shims.min.css?ver=2.5.3.1
185.217.168.250200 OK 4.0 kB URL HTTP/2 maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/css/v4-shims.min.css?ver=2.5.3.1
IP 185.217.168.250:0
File type ASCII text, with very long lines (26516)
Hash af3d60446a63b200eff69fd62c0e2c2c
20097ed1f8fe4f1b83fe05b1b69bdcee733f7a65
20a414dca0ddb360c4efdcdd47ec61d6ad05641b1734005f10e6039151392926
GET /wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/css/v4-shims.min.css?ver=2.5.3.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 19:02:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3987
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/uploads/bb-plugin/cache/802-layout.css?ver=719e0b06772c52eaee33794ec3580fbd
185.217.168.250200 OK 8.2 kB URL HTTP/2 maidaenterprises.com/wp-content/uploads/bb-plugin/cache/802-layout.css?ver=719e0b06772c52eaee33794ec3580fbd
IP 185.217.168.250:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0a226b6d9032558addde43acd51474a6
4a2ceb15d71d54a635b8a5cd43d5310c5d13fa07
33d905a8174ff5e62b378b68b21837ba52f0957b9cea9f1045d307cf47084756
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/bb-plugin/cache/802-layout.css?ver=719e0b06772c52eaee33794ec3580fbd HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Sat, 13 Aug 2022 17:13:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8160
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1
185.217.168.250200 OK 848 B URL HTTP/2 maidaenterprises.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1
IP 185.217.168.250:0
Hash c962ba8e7d42ff9da18392b41dad5151
7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Sun, 07 Aug 2022 18:24:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 848
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.8.1
185.217.168.250200 OK 334 B URL HTTP/2 maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.8.1
IP 185.217.168.250:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 2c050b2ab2a3224dfdef5da481224d3c
1b7f0ef5dabd3c51ff834d1c6b8add92de38d97b
9af607f84b802615b08b4b25c9d38a922fa86fca149a8531d46ca45b507ef96f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.8.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 17:49:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 334
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.8.1
185.217.168.250200 OK 14 kB URL HTTP/2 maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.8.1
IP 185.217.168.250:0
File type Unicode text, UTF-8 text, with very long lines (65524), with no line terminators
Hash 88dcadb14b48922c0c5888093256f6bc
838b54ac25d6882c95a81320597e3cf9aaaf9867
ab711c4bc2560b0cb754a6f85a79056176ca5f5eff2d972bcf01829f6a3067b4
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.8.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 17:49:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13801
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.2
185.217.168.250200 OK 16 kB URL HTTP/2 maidaenterprises.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.2
IP 185.217.168.250:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 63440a10045040089c23b9e57001dc2c
ddeedb5fa2831e3c973720cdafd1843d61e6d3dd
5ab6086189a9163156a7fda2cca4ffa21a3c10083a5eb1383196b62a0ea7d131
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.2 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Sun, 07 Aug 2022 17:38:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15532
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.8.1
185.217.168.250200 OK 1.9 kB URL HTTP/2 maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.8.1
IP 185.217.168.250:0
File type ASCII text, with very long lines (17307), with no line terminators
Hash ee3d3d95d213fdc9e3759978bb38c30e
5baede86dc1b9f8132c771b088f99a862658e194
0f8ddccf97c4eb56295ad9842d7eaf323dff3d7e31674fda2c426efe5140a773
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.8.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 17:49:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1861
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
185.217.168.250200 OK 402 B URL HTTP/2 maidaenterprises.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
IP 185.217.168.250:0
File type ASCII text, with very long lines (1519), with no line terminators
Hash f9970ca05ea0a4714cb90be2d50d756d
1c34d0360bef56b0ca56c25c449e75345bf77f27
4432f43b177fd433db2325f26d91389e71aa3c7d0171e781e79b8330423c3d04
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Mon, 08 Aug 2022 16:45:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 402
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.8.1
185.217.168.250200 OK 3.7 kB URL HTTP/2 maidaenterprises.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.8.1
IP 185.217.168.250:0
File type ASCII text, with very long lines (16428), with no line terminators
Hash 9342788f1be3785bd788dc5133e483f2
ff3ea3116b0acd5a4d849fc6b7c0790e4d4a02d2
8f6a329865d98a0726dc5ac27e5bf62d5b4bb3362e932fa3d2a7c8a78e1bad25
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.8.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Thu, 19 May 2022 17:49:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3693
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.8.1
185.217.168.250200 OK 714 B URL HTTP/2 maidaenterprises.com/wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.8.1
IP 185.217.168.250:0
File type ASCII text, with very long lines (2772), with no line terminators
Hash 6d3fdc7251250ed5f839f0dda2fbc6fd
92a87896ef472ced061f8861400d9300a2c0b980
9db962dec197142751f9188192542e9426c8534a045b7665499b9dd6a1379af8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.8.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Thu, 19 May 2022 17:49:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 714
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.12
185.217.168.250200 OK 1.9 kB URL HTTP/2 maidaenterprises.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.12
IP 185.217.168.250:0
File type ASCII text, with very long lines (6020), with no line terminators
Hash 11672432a6e2edc266c91990e816ceb6
c61528d8aa2386e6dcd7bb733c65cc336f3e2e59
ea14162c428b487549585f8f52853e8d602ab56ee5ff4e8cb68ff91edc9415ec
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.12 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Thu, 11 Aug 2022 09:46:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1867
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/js/jquery.waypoints.min.js?ver=2.5.3.1
185.217.168.250200 OK 2.5 kB URL HTTP/2 maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/js/jquery.waypoints.min.js?ver=2.5.3.1
IP 185.217.168.250:0
File type Unicode text, UTF-8 text, with very long lines (8668)
Hash 8b4fa51676b888b9690b0a569df29b46
964d5ab97da06207502b98ee7843fd89892eb45c
eb319f1642b22c8345126fe8fc6c680b4f1388cce434df5079051751f44fa320
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/beaver-builder-lite-version/js/jquery.waypoints.min.js?ver=2.5.3.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Thu, 19 May 2022 19:02:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2540
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/uploads/bb-plugin/cache/802-layout.js?ver=e7f0c3d8fb2b39f359beac61be6a5794
185.217.168.250200 OK 7.9 kB URL HTTP/2 maidaenterprises.com/wp-content/uploads/bb-plugin/cache/802-layout.js?ver=e7f0c3d8fb2b39f359beac61be6a5794
IP 185.217.168.250:0
File type ASCII text, with very long lines (894)
Hash be22af8ea07fb7a512d240c26631f700
53379f56f454ec28e1469a01274b92d7567d1563
0c1ddb2b3500ce90c58c85dc677ff1aba8f261fe1b2d8b2c88159356a435c98f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/bb-plugin/cache/802-layout.js?ver=e7f0c3d8fb2b39f359beac61be6a5794 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Sat, 13 Aug 2022 17:13:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7887
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
185.217.168.250200 OK 2.4 kB URL HTTP/2 maidaenterprises.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 185.217.168.250:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Wed, 25 May 2022 05:32:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2354
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
185.217.168.250200 OK 6.3 kB URL HTTP/2 maidaenterprises.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 185.217.168.250:0
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash fecbc00e8af71d8cfb678cd811c7cb2e
44e5dd77f62cb5c67271442b75cdff10d45f2f8d
d6f03fb4728d0c23251451df8d66b5107d3c87458dc624aacfbad437e99d01f1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Thu, 15 Dec 2022 14:11:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6335
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1
185.217.168.250200 OK 6.2 kB URL HTTP/2 maidaenterprises.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1
IP 185.217.168.250:0
File type ASCII text, with very long lines (21904), with no line terminators
Hash 68439ced69fdf8292fe943cd083300d3
efbd001868e39caf4996154fc8505ccd84ff5fb0
3a3c570475bcc4a48a63637afbfa35033665881be0560a7cb0146fd23969ab40
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Sun, 07 Aug 2022 18:24:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6238
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.5.1
185.217.168.250200 OK 3.2 kB URL HTTP/2 maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.5.1
IP 185.217.168.250:0
File type ASCII text, with very long lines (9139)
Hash 2289a47b9cb9b09edb011970c0c2d4f5
1845b95796da67d0024f04f8aa419e065b3bf0de
c58f03d19efbce8043e675d39f3f7e30f6f999a9e1f7ae46b01058d31451a233
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.5.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Thu, 19 May 2022 19:02:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3245
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.5.1
185.217.168.250200 OK 970 B URL HTTP/2 maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.5.1
IP 185.217.168.250:0
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 155d874ef60217f790dedec58e83d832
42a2698adec25b2000046cf7e3818e6478951fc3
c6801f4d5dcdd86ba3e33dc35a8765c03fd55e9f621443dd0fb7cd8c8e6707da
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.5.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Thu, 19 May 2022 19:02:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 970
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.5.1
185.217.168.250200 OK 899 B URL HTTP/2 maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.5.1
IP 185.217.168.250:0
File type ASCII text, with very long lines (1668)
Hash 22d65ba38528349e705d912ce26bf8ac
c89ba006009043d93b88ff155b4fec8797330550
6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.5.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Thu, 19 May 2022 19:02:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 899
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.5.1
185.217.168.250200 OK 677 B URL HTTP/2 maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.5.1
IP 185.217.168.250:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash a43fc0dde8fdd69656ad0957e62849c7
4b07cf702ac8a770c8cbffc22b9a788b6e5389ba
1ce3d0493424870c81deec0ec41de0592d2af9f91cd8081cd40a1d7ea89b614f
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.5.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Thu, 19 May 2022 19:02:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 677
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.5.1
185.217.168.250200 OK 934 B URL HTTP/2 maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.5.1
IP 185.217.168.250:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash cf25dd071a208312bdc07f34d2cee027
76119563119eaae392ecc8903c989d98d0b93002
8635ba2cad8f887e72779bd526f8738ff6343c74cba715caf2eddea383ba7ce6
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.5.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Thu, 19 May 2022 19:02:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 934
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=3.8.1
185.217.168.250200 OK 820 B URL HTTP/2 maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=3.8.1
IP 185.217.168.250:0
File type ASCII text, with very long lines (5985), with no line terminators
Hash 3a408d8991f7ecad01d07ed951df7d39
75922587c1255452e85daec21697daf4e0073184
e83bcd35725b609cd59fad0580ff24e360d15d70e9c480830e937c1ef23d430c
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=3.8.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 17:49:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 820
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 18:15:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 18:15:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
142.250.74.35200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 14060, version 1.0\012- data
Hash aacf0f4f8b5d693087b4d8ac6c86d2ae
ad06f3ffd0db6034eb0a12f98aa8aa4dead430fb
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
GET /s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maidaenterprises.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14060
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 10:04:36 GMT
expires: Tue, 23 Jan 2024 10:04:36 GMT
cache-control: public, max-age=31536000
age: 288663
last-modified: Mon, 18 Jul 2022 19:44:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&j=1%3A11.2&blog=208546188&post=802&tz=0&srv=maidaenterprises.com&host=maidaenterprises.com&ref=&fcp=0&rand=0.8583316675452061
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A11.2&blog=208546188&post=802&tz=0&srv=maidaenterprises.com&host=maidaenterprises.com&ref=&fcp=0&rand=0.8583316675452061
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A11.2&blog=208546188&post=802&tz=0&srv=maidaenterprises.com&host=maidaenterprises.com&ref=&fcp=0&rand=0.8583316675452061 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:15:39 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 18:15:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
142.250.74.35200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 19860, version 1.0\012- data
Hash a95e391373ad634c3b7dbaf77de3f40e
ddc4638bc28c21a400fcd2df94448743f198a257
fa3d5a0422c9b413abb4c78f8ff80de8a8ed58766f7110c82febf5296e899b47
GET /s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maidaenterprises.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 15:34:19 GMT
expires: Fri, 26 Jan 2024 15:34:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:06:33 GMT
content-type: font/woff2
age: 9680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lemonada/v22/0QI-MXFD9oygTWy_R-FFlwV-bgfR7QJGeutGnv-d.woff2
142.250.74.35200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/lemonada/v22/0QI-MXFD9oygTWy_R-FFlwV-bgfR7QJGeutGnv-d.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 13672, version 1.0\012- data
Hash 10f476f994c7c03948647fd58e423318
84bccf6bcaa85b72587ee5c37e5940b326d87b12
ff2fd902cd3897dbcd1076cfbbaca4a1304e53de7364ce54e01a489316d733fd
GET /s/lemonada/v22/0QI-MXFD9oygTWy_R-FFlwV-bgfR7QJGeutGnv-d.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maidaenterprises.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13672
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:16:01 GMT
expires: Tue, 23 Jan 2024 18:16:01 GMT
cache-control: public, max-age=31536000
age: 259178
last-modified: Wed, 07 Dec 2022 18:31:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 18:15:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maidaenterprises.com/wp-content/uploads/2022/07/parker-burchfield-tvG4WvjgsEY-unsplash-scaled.jpg
185.217.168.250200 OK 280 kB URL HTTP/2 maidaenterprises.com/wp-content/uploads/2022/07/parker-burchfield-tvG4WvjgsEY-unsplash-scaled.jpg
IP 185.217.168.250:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 2560x1707, components 3\012- data
Size 280 kB (280132 bytes)
Hash f8dbcc87b879c7cb9cf723e4c9677df8
994334139ce9d543c38e95339e8ce0113bd5fba2
dfac9ec34af650186de0db6b7e0992816c61bb911730f7bc5c8dd40dc9fcf066
GET /wp-content/uploads/2022/07/parker-burchfield-tvG4WvjgsEY-unsplash-scaled.jpg HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/wp-content/uploads/bb-plugin/cache/802-layout.css?ver=719e0b06772c52eaee33794ec3580fbd
Cookie: _eshoob=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: image/jpeg
last-modified: Sat, 02 Jul 2022 16:21:58 GMT
accept-ranges: bytes
content-length: 280132
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/uploads/2022/07/image505.png
185.217.168.250200 OK 52 kB URL HTTP/2 maidaenterprises.com/wp-content/uploads/2022/07/image505.png
IP 185.217.168.250:0
File type PNG image data, 225 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash c0f3d433599ad14f94441de1b147d132
24aa6c98f02a10c15b11115b71b5da49cd274b7b
f77fcece39eb034e7fa46674f8b3c4df91454493a7bbab118d8b03a5048e66e7
GET /wp-content/uploads/2022/07/image505.png HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/wp-content/uploads/bb-plugin/cache/802-layout.css?ver=719e0b06772c52eaee33794ec3580fbd
Cookie: _eshoob=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: image/png
last-modified: Sun, 03 Jul 2022 09:24:26 GMT
accept-ranges: bytes
content-length: 52186
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/uploads/2022/07/image485.png
185.217.168.250200 OK 63 kB URL HTTP/2 maidaenterprises.com/wp-content/uploads/2022/07/image485.png
IP 185.217.168.250:0
File type PNG image data, 225 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash ff508f33c891e8509b55bcf0884b50aa
b8e859b17b83cafd8958231a839b98c249d9900e
223b928c54349e0c6a28127f02c6f69dd2ed1069891e8a09da40fdbbfa12bebd
GET /wp-content/uploads/2022/07/image485.png HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/wp-content/uploads/bb-plugin/cache/802-layout.css?ver=719e0b06772c52eaee33794ec3580fbd
Cookie: _eshoob=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: image/png
last-modified: Sun, 03 Jul 2022 09:25:37 GMT
accept-ranges: bytes
content-length: 63020
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/uploads/2022/07/3.jpg
185.217.168.250200 OK 30 kB URL HTTP/2 maidaenterprises.com/wp-content/uploads/2022/07/3.jpg
IP 185.217.168.250:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left], baseline, precision 8, 417x507, components 3\012- data
Hash 00bafeb6740465371c11be6fa7fc497b
a3c8d556d18cb8b8083d32b45c5c67ea8be47230
adf9e050dfd30eda42dd645aa8427b3a8984a3e575b7bc50215d157b45be2712
GET /wp-content/uploads/2022/07/3.jpg HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/wp-content/uploads/bb-plugin/cache/802-layout.css?ver=719e0b06772c52eaee33794ec3580fbd
Cookie: _eshoob=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: image/jpeg
last-modified: Wed, 06 Jul 2022 17:51:59 GMT
accept-ranges: bytes
content-length: 30445
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/themes/astra/assets/fonts/astra.woff
185.217.168.250200 OK 3.3 kB URL HTTP/2 maidaenterprises.com/wp-content/themes/astra/assets/fonts/astra.woff
IP 185.217.168.250:0
File type Web Open Font Format, TrueType, length 3304, version 1.0\012- data
Hash bfe0ed8503c926d68f58ed0408dfe0d0
0346d02d96ff7d2a0278bc10f4dfdf365c80eac3
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/astra/assets/fonts/astra.woff HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: font/woff
last-modified: Thu, 19 May 2022 17:49:20 GMT
accept-ranges: bytes
content-length: 3304
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/plugins/woocommerce/assets/fonts/star.woff
185.217.168.250200 OK 1.3 kB URL HTTP/2 maidaenterprises.com/wp-content/plugins/woocommerce/assets/fonts/star.woff
IP 185.217.168.250:0
File type Web Open Font Format, CFF, length 1304, version 1.0\012- data
Hash 335cbf607c55aa32fd06809d1f9eb127
e70dd0cd93614997e251f26477ea815435981e19
d87af7a2528beb59a990e0414df87b4e4115f77f3a4a750f6616ff189b70345a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/fonts/star.woff HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.8.1
Cookie: _eshoob=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: font/woff
last-modified: Thu, 19 May 2022 19:02:53 GMT
accept-ranges: bytes
content-length: 1304
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2
185.217.168.250200 OK 78 kB URL HTTP/2 maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2
IP 185.217.168.250:0
File type Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196\012- data
Hash d824df7eb2e268626a2dd9a6a741ac4e
0ccb2c814a7e4ca12c4778821633809cb0361eaa
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.3.1
Cookie: _eshoob=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: font/woff2
last-modified: Thu, 19 May 2022 19:02:13 GMT
accept-ranges: bytes
content-length: 78268
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/uploads/2022/05/cropped-maida-logo-e1653642933941-1-192x192.png
185.217.168.250200 OK 15 kB URL HTTP/2 maidaenterprises.com/wp-content/uploads/2022/05/cropped-maida-logo-e1653642933941-1-192x192.png
IP 185.217.168.250:0
Hash 0c520a96ddeac0aff3a9fd77496d0864
a64557ea3dfd49d45f1260de05c347a6c36543e4
5a9f6461d013a44ec53ff5c411e3534c25f5515878be4bca4780d235f1b518e0
GET /wp-content/uploads/2022/05/cropped-maida-logo-e1653642933941-1-192x192.png HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:40 GMT
content-type: image/png
last-modified: Fri, 27 May 2022 13:19:52 GMT
accept-ranges: bytes
content-length: 14835
date: Thu, 26 Jan 2023 18:15:40 GMT
X-Firefox-Spdy: h2
maidaenterprises.com/wp-content/uploads/2022/05/cropped-maida-logo-e1653642933941-1-32x32.png
185.217.168.250200 OK 1.8 kB URL HTTP/2 maidaenterprises.com/wp-content/uploads/2022/05/cropped-maida-logo-e1653642933941-1-32x32.png
IP 185.217.168.250:0
Hash 4b2f63276f0aa2bfa663aa4a5dddd324
1d3056aa030475f8109fc37b359cb1ea576e5740
82d0424b57ab8cd1235ebc00162c3f13a5eaa72b15299e2f48676f7331122f05
GET /wp-content/uploads/2022/05/cropped-maida-logo-e1653642933941-1-32x32.png HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:40 GMT
content-type: image/png
last-modified: Fri, 27 May 2022 13:19:52 GMT
accept-ranges: bytes
content-length: 1151
date: Thu, 26 Jan 2023 18:15:40 GMT
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Nunito%3A400%7CPlayfair+Display%3A400%7CMontserrat%3A700&display=fallback&ver=3.8.1
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Nunito%3A400%7CPlayfair+Display%3A400%7CMontserrat%3A700&display=fallback&ver=3.8.1
IP 142.250.74.74:0
GET /css?family=Nunito%3A400%7CPlayfair+Display%3A400%7CMontserrat%3A700&display=fallback&ver=3.8.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 18:15:39 GMT
date: Thu, 26 Jan 2023 18:15:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lemonada%3A400&ver=6.1.1
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lemonada%3A400&ver=6.1.1
IP 142.250.74.74:0
GET /css?family=Lemonada%3A400&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 18:15:39 GMT
date: Thu, 26 Jan 2023 18:15:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maidaenterprises.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
185.217.168.250200 OK 0 B URL HTTP/2 maidaenterprises.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 185.217.168.250:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2
stats.wp.com/s-202304.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /s-202304.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:15:39 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-2494"
content-encoding: br
expires: Mon, 22 Jan 2024 15:38:27 GMT
cache-control: max-age=31536000
x-nc: HIT arn
X-Firefox-Spdy: h2
static.addtoany.com/menu/page.js
172.67.39.148200 OK 0 B URL HTTP/2 static.addtoany.com/menu/page.js
IP 172.67.39.148:0
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 18:15:39 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-bgj: minify
access-control-allow-origin: *
age: 147586
etag: W/"c04-5f1f2ae2e431b"
last-modified: Wed, 11 Jan 2023 01:11:30 GMT
vary: Accept-Encoding
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78fb3c3579c6b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2