Report - maidaenterprises.com/

Report Overview

Submitted URL
maidaenterprises.com/
IP
185.217.168.250
ASN
#35913 DEDIPATH-LLC
Submitted
2023-01-26 18:15:43
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
60

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	69 kB	34.120.237.76
maidaenterprises.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	24 kB	755 kB	185.217.168.250
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	50 kB	142.250.74.35
pixel.wp.com	2545	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	525 B	239 B	192.0.76.3
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.210.150.237
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	142.250.74.131
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	879 B	1.5 kB	142.250.74.74
stats.wp.com	2711	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	364 B	283 B	192.0.76.3
static.addtoany.com	4091	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	587 B	172.67.39.148
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	8.0 kB	23.36.76.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-26	medium	maidaenterprises.com/	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/plugins/woocommerce-payments/vendor/woocommerce/subscriptions-core/build/index.css?ver=3.1.6	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/page-builder/bb-plugin.min.css?ver=3.8.1	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.8.1	Malware
2023-01-26	medium	maidaenterprises.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1	Malware
2023-01-26	medium	maidaenterprises.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17	Malware
2023-01-26	medium	maidaenterprises.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1	Malware
2023-01-26	medium	maidaenterprises.com/	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.4.3	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-base.min.css?ver=1.7.4.2	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.3.1	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/uploads/bb-plugin/cache/802-layout.css?ver=719e0b06772c52eaee33794ec3580fbd	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.8.1	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.2	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.8.1	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.8.1	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.8.1	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.12	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/js/jquery.waypoints.min.js?ver=2.5.3.1	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/uploads/bb-plugin/cache/802-layout.js?ver=e7f0c3d8fb2b39f359beac61be6a5794	Malware
2023-01-26	medium	maidaenterprises.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.5.1	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/themes/astra/assets/fonts/astra.woff	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/plugins/woocommerce/assets/fonts/star.woff	Malware
2023-01-26	medium	maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2	Malware
2023-01-26	medium	maidaenterprises.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (38)

	URL	Size	First Seen	Last Seen
	maidaenterprises.com/	363 B	2023-03-13	2023-03-13
Pretty URL maidaenterprises.com/ IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:39:54 Last Seen2023-03-13 07:39:54 Times Seen1 Hash d205dc88fb8196711595f89c13cdea54 19587f3862b7df960508d816924b9df6fa4105f0 1113d18e980ec9b9e2392cd22c14a40e2ad4ffca2a04375294035c6e0b72ce84 Loading...

	static.addtoany.com/menu/modules/core.26680508.js	71 kB	2023-03-12	2024-04-14
Pretty URL static.addtoany.com/menu/modules/core.26680508.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:04:10 Last Seen2024-04-14 12:45:18 Times Seen2677 Hash 4ddbe13185968a307e265ee10588d974 d943845db5f4b564f6eafd4048e76b9dee329f80 73cfb0ed71e314a835831530e27ba1fde5609b224781f7dbc2dd3eb9a08603cd Loading...

	stats.wp.com/s-202304.js	9.4 kB	2023-03-07	2024-03-07
Pretty URL stats.wp.com/s-202304.js IP 192.0.76.3 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-03-07 00:14:50 Times Seen3354 Hash 82d763decfeb58a330f075ecd1bfbec4 9834c21e75bcf80d52c98bf55641f2bd92e200d3 7faf2fee5a715e1668f517f67a4b21cddd539b978678ce1bfd48a597044079e1 Loading...

	maidaenterprises.com/	152 B	2023-03-07	2024-04-23
Pretty URL maidaenterprises.com/ IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-23 11:53:44 Times Seen19874 Hash b8c40bf7c92768058d743847cccdb147 4fbbbcb2dda4d05e2e58bf43330c559b4165fc0b 7872ff233c7b2bfa962f491d0575e71f0b0b487bc63899ff4c72c7c9d5197688 Loading...

	maidaenterprises.com/	108 B	2023-03-13	2023-03-13
Pretty URL maidaenterprises.com/ IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:39:54 Last Seen2023-03-13 07:39:54 Times Seen1 Hash c943ae3956133c9b1c044021f91e2c20 0b59587530e30d8e4c9e52fc14489f58a74c78eb 511623117997bcf5da87cdc51a9f31eb8cd48353b3e3a3a4f23a25405368d736 Loading...

	maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/js/jquery.waypoints.min.js?ver=2.5.3.1	8.8 kB	2023-03-07	2024-04-22
Pretty URL maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/js/jquery.waypoints.min.js?ver=2.5.3.1 IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:49 Last Seen2024-04-22 19:01:23 Times Seen1866 Hash 43b1aa1ea2d73e79e9d45980c7920446 1bef149aedeafff7a797e799cfba168bed0d6dc6 9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35 Loading...

	maidaenterprises.com/wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.8.1	2.8 kB	2023-03-07	2023-11-28
Pretty URL maidaenterprises.com/wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.8.1 IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:47 Last Seen2023-11-28 06:33:31 Times Seen35 Hash 35547923369a71c7a64eadd08835fedd 5f295fb32ca5b0ececeb02f5e87556ad9f81d608 1cc9826562538fa9b1bab6bf38d1011216e190f85e525887d2f2539ab88f94b2 Loading...

	maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.5.1	2.1 kB	2023-03-07	2024-04-22
Pretty URL maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.5.1 IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-22 09:19:48 Times Seen22371 Hash b72c1cbb1530a011a27bd9800f26765a 27b825c5d8255f33b8427a059d4545ebd65e1746 a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8 Loading...

	maidaenterprises.com/	491 B	2023-03-07	2024-04-10
Pretty URL maidaenterprises.com/ IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:50 Last Seen2024-04-10 00:36:22 Times Seen2042 Hash eda0861d93eea53c3286b2fd93d2e42d 979767d815a8847b00fe1d45a5757fdf67b8ca1b 6e799f88d7836b96f8d81538a375039937e497b6a103bd1d259dfef980fdf926 Loading...

	static.addtoany.com/menu/sm.24.html#type=core&event=load	551 B	2023-03-08	2023-04-05
Pretty URL static.addtoany.com/menu/sm.24.html#type=core&event=load IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:33 Last Seen2023-04-05 02:10:42 Times Seen517 Hash d51b83b6cab0a31d7e631829656a22b1 cd7bc9245b65c5c851e03a04541d4785c550b1f4 82e320c0c3f2224c9bdeadab1078c0e5b4b705b8e2da82700b6f305bbdf380f9 Loading...

	stats.wp.com/e-202304.js	9.0 kB	2023-03-07	2024-01-05
Pretty URL stats.wp.com/e-202304.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:19 Last Seen2024-01-05 09:08:33 Times Seen3233 Hash 9152c169155daa333287728cb8e4ae93 1e45a9ea1464acf983f022567cb9f669f4c77f65 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Loading...

	maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.5.1	3.0 kB	2023-03-07	2024-04-22
Pretty URL maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.5.1 IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-22 16:48:45 Times Seen5917 Hash 8bc2109ef48cabf7a26b73d7c3536c5f 0e0dfee3a3975eafc3dd55f190d1deb3c6c55d3b 8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8 Loading...

	unknown	0 B	2023-03-07	2024-04-23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 12:03:45 Times Seen37019006 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	maidaenterprises.com/	47 B	2023-03-07	2024-04-22
Pretty URL maidaenterprises.com/ IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-22 09:02:48 Times Seen2002 Hash 2c51b5be11f71c5e12aff7f05787fdfd 5e99384e82d66bdfa4db7c8b43a9066c2896e46d f305ca5823e9ef3bf3cdd312369057a018addabb859d129e07543349fdd74d35 Loading...

	maidaenterprises.com/	237 B	2023-03-13	2023-03-13
Pretty URL maidaenterprises.com/ IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:39:54 Last Seen2023-03-13 07:39:54 Times Seen1 Hash f43c73297279bc2af323c06f1fd925cc ff4f2371b6183878e43d26451641e5eb1736ce99 da2bc975db5e0c841034a92da2ae4196ff420a45cf43459e3338120a344c1ed3 Loading...

	static.addtoany.com/menu/page.js	3.1 kB	2023-03-12	2023-10-24
Pretty URL static.addtoany.com/menu/page.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:04:09 Last Seen2023-10-24 05:00:50 Times Seen1940 Hash ce36bcabfd02e6132ece55637827631b 7513229734b52ac8f7ef86273b7fd263249a691b 2c5cc47eb8499efe3f4353bc50b38690756e78da21b0e158e14293b39c5ef812 Loading...

	static.addtoany.com/menu/svg/icons/email.js	393 B	2023-03-08	2023-11-02
Pretty URL static.addtoany.com/menu/svg/icons/email.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:25 Last Seen2023-11-02 06:47:56 Times Seen2812 Hash 04ba107d68bf12c4064d52b2435c3eb4 f6e7b82ddb8a8baec367d913d6445e432c7840f3 15684309274ca43c5240c88c5be2c9ed2f56ed2b38d0367dc372760f9e287c50 Loading...

	maidaenterprises.com/	32 B	2023-03-07	2024-04-21
Pretty URL maidaenterprises.com/ IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:05 Last Seen2024-04-21 08:46:13 Times Seen3384 Hash f28cdba8b1a33fab7b4935482c683e17 7fb92b438ae880e659636e12f78ecca1ab9dd1a9 76d9ab1fc9999540d0f7167df3325f71fbd86160eda576cb60f285b0e65d89a9 Loading...

	maidaenterprises.com/	2.2 kB	2023-03-13	2023-03-13
Pretty URL maidaenterprises.com/ IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:39:54 Last Seen2023-03-13 07:39:54 Times Seen1 Hash 5d54c5696ca65b4794bad597eaa4a0d7 05fb929b16d339ca430413d007a072e60347093c 2c2fe97ef54473cbcf22a553281df050af79a2493e10213775afc8a49b8574be Loading...

	static.addtoany.com/menu/svg/icons/facebook.js	318 B	2023-03-08	2023-10-29
Pretty URL static.addtoany.com/menu/svg/icons/facebook.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:33 Last Seen2023-10-29 06:42:20 Times Seen3991 Hash bd42caff99f3e28c34363fa883363984 e6c80f5fdc2811e497e314aba3d9fa1137e1daa0 3a19ff3554a1e589f756a92be8263726674127c133feb1d333095668b77ba08c Loading...

	maidaenterprises.com/	109 B	2023-03-07	2024-04-23
Pretty URL maidaenterprises.com/ IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-23 11:53:43 Times Seen4195 Hash c3041f910d72f3447c03a53d6b8df977 d2959e0ca4bfa2ec8613d1fba8ae2399aebdd123 9b5e9931c5ad5f273f4c6eb5988506ef60471957923124b28aab2f8563e8b7fd Loading...

	maidaenterprises.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.8.1	16 kB	2023-03-07	2024-04-05
Pretty URL maidaenterprises.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.8.1 IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:00 Last Seen2024-04-05 08:32:55 Times Seen254 Hash c8937b02c3e7026eaa4726d58ff49d2f ce19c06b4874d116b453b5481e00c16fb846a030 6de026295dcce0702131280e771bce028a6d63d74b025b3595291dafd8e36e69 Loading...

	maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.5.1	1.8 kB	2023-03-07	2024-04-22
Pretty URL maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.5.1 IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-22 16:48:45 Times Seen21573 Hash d0a6d8547c66b0d7b0172466558d1208 ff93916519c7b9483251f609e4d29f38c30a66e3 3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612 Loading...

	maidaenterprises.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1	22 kB	2023-03-07	2024-04-16
Pretty URL maidaenterprises.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1 IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:28 Last Seen2024-04-16 08:13:03 Times Seen1041 Hash e7334b0f16895605c1234c69ad86fd4a 6da3372e63cabe2d3c6b0dfecc70770c2f69921b e89d7526092c671c0a01bd02152a595271fb97f87bbd3ba379b5e8b1071f6b2d Loading...

	maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.5.1	2.9 kB	2023-03-07	2024-04-22
Pretty URL maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.5.1 IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-22 09:02:15 Times Seen13953 Hash 0fd625c3991a4015814cffdc88e2fc82 d7c2f53e058210ff3ea773297641008bab71a5f3 2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1 Loading...

	maidaenterprises.com/	192 B	2023-03-13	2023-03-13
Pretty URL maidaenterprises.com/ IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:39:54 Last Seen2023-03-13 07:39:54 Times Seen1 Hash 21ba2511cba67f59f376753506801a67 69f9b640648b212456ae096bdf9b9bdc22637dd7 0bfc435524e112af0e1886a6fcb605c0c0f154b718e2e2957b7404f786af68a3 Loading...

	static.addtoany.com/menu/svg/icons/twitter.js	695 B	2023-03-08	2024-04-11
Pretty URL static.addtoany.com/menu/svg/icons/twitter.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:33 Last Seen2024-04-11 22:41:57 Times Seen4985 Hash 27cd96b1f5736097c53caaeb6d2dc62c 2f853bd93d200defae6f66090d0746ecee3e71d6 74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f Loading...

	maidaenterprises.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.12	6.0 kB	2023-03-07	2023-11-17
Pretty URL maidaenterprises.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.12 IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:48 Last Seen2023-11-17 21:54:50 Times Seen12 Hash 0174706e1fc74a998b875cc0a1951848 f347b74304893c509a451bdce467aecdf5cb6daf 56fa3579291144f224e0680a0f30f3d3c627f4c8825ec9fab32f3a13ae935f60 Loading...

	maidaenterprises.com/wp-content/uploads/bb-plugin/cache/802-layout.js?ver=e7f0c3d8fb2b39f359beac61be6a5794	31 kB	2023-03-13	2023-03-13
Pretty URL maidaenterprises.com/wp-content/uploads/bb-plugin/cache/802-layout.js?ver=e7f0c3d8fb2b39f359beac61be6a5794 IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:39:54 Last Seen2023-03-13 07:39:54 Times Seen1 Hash e7f0c3d8fb2b39f359beac61be6a5794 c49e56f9b64ce9719496b20f26dbd29412cf3729 1c52fb18da4ff6ea76d2efbb8d576acd0b895e76ce31cd97010508d202f7e79c Loading...

	maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.5.1	9.5 kB	2023-03-07	2024-04-18
Pretty URL maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.5.1 IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-18 05:49:36 Times Seen2816 Hash 87c54edf7dad7dfdfde015f6eee45ff1 96ec1a06ea3093c47e1e2fc4444ada7f4456135d ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da Loading...

	maidaenterprises.com/	113 B	2023-03-07	2024-04-19
Pretty URL maidaenterprises.com/ IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:19 Last Seen2024-04-19 18:13:10 Times Seen1013 Hash 9efb9f3f2410506c59f3f679002e6707 96fde248ab9455c53f9205a0b75c133a39d87156 6868576dfe490569034a480a1368369c1b81470651ca70b5ff1e82de507ff6ea Loading...

	maidaenterprises.com/	333 B	2023-03-07	2024-04-22
Pretty URL maidaenterprises.com/ IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-22 23:08:01 Times Seen7458 Hash 3688fd64c409264431201fa55a828e81 2b7eeefaa1edf3a7621f7576b35b01c895ef5367 944433761a880eab1d567dd5389499af76aa03582c82a8aa88838e3c6c2134c6 Loading...

	static.addtoany.com/menu/svg/icons/whatsapp.js	1.1 kB	2023-03-08	2023-11-02
Pretty URL static.addtoany.com/menu/svg/icons/whatsapp.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:33:09 Last Seen2023-11-02 03:46:18 Times Seen818 Hash a85a710aa4b2371a7d11c225ad6eb877 5c5407b0588a94421c68416d16c1075e89a24023 96840bd7cc7d8edd1d1ffaff60d7f335fd866cd9a6132c8524d620482f4df64a Loading...

	maidaenterprises.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-04-22
Pretty URL maidaenterprises.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-22 15:34:31 Times Seen38020 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	maidaenterprises.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	6.5 kB	2023-03-07	2024-04-21
Pretty URL maidaenterprises.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-21 18:36:10 Times Seen15482 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	maidaenterprises.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1	129 B	2023-03-07	2024-04-22
Pretty URL maidaenterprises.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1 IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:19 Last Seen2024-04-22 09:27:56 Times Seen4977 Hash 5ef26b5e47e6951f43ecf2b1fc645222 081afb52577f6f3bb044fdea6d34a632c3cce7e8 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1 Loading...

	maidaenterprises.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-23
Pretty URL maidaenterprises.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-23 00:53:38 Times Seen68558 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	maidaenterprises.com/	268 B	2023-03-13	2023-03-13
Pretty URL maidaenterprises.com/ IP 185.217.168.250 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:39:54 Last Seen2023-03-13 07:39:54 Times Seen1 Hash fb72ca45858dd272bafe5242932c25c6 bf280bab745c39e45845ff1703353708860f9ebb d5a616155b68e6c231405d60296f358aa3caafacb59c7e6ca97bfdfd14756fb1 Loading...

HTTP Transactions (82)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12957
Expires: Thu, 26 Jan 2023 21:51:28 GMT
Date: Thu, 26 Jan 2023 18:15:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14199
Expires: Thu, 26 Jan 2023 22:12:11 GMT
Date: Thu, 26 Jan 2023 18:15:32 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 17:35:16 GMT
content-type: application/json
age: 2416
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8598
Expires: Thu, 26 Jan 2023 20:38:50 GMT
Date: Thu, 26 Jan 2023 18:15:32 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: V4TKTDIuOUDxrrY0o7qlRQO/q2px6CWP46bkkshklQaHC1hapz5a68cFtXoX5PBPQHLPKdzqy9s3YstEokb2/w==
x-amz-request-id: AJM53A0MBG4YD5CC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 17:20:12 GMT
age: 3320
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:15:32 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 17:49:01 GMT
age: 1591
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13142
Expires: Thu, 26 Jan 2023 21:54:34 GMT
Date: Thu, 26 Jan 2023 18:15:32 GMT
Connection: keep-alive

push.services.mozilla.com/

34.210.150.237

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.210.150.237:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gUWp+mxHJjz6asK33z51SQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ee1xp6NEXfPT6VyBxD5zuLrRkSc=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8925
Expires: Thu, 26 Jan 2023 20:44:19 GMT
Date: Thu, 26 Jan 2023 18:15:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8925
Expires: Thu, 26 Jan 2023 20:44:19 GMT
Date: Thu, 26 Jan 2023 18:15:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8925
Expires: Thu, 26 Jan 2023 20:44:19 GMT
Date: Thu, 26 Jan 2023 18:15:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8925
Expires: Thu, 26 Jan 2023 20:44:19 GMT
Date: Thu, 26 Jan 2023 18:15:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8925
Expires: Thu, 26 Jan 2023 20:44:19 GMT
Date: Thu, 26 Jan 2023 18:15:34 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10379 bytes)
Hash
653bf5a34e9f99c9eef73a21d98d792f
c70d46aa2210c4f7c397fa20e1225b7d0734ac35
9f928ec6f194340e5543a4bf757aac31d545def67a56ae804a2039a3effd3fe0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10379
x-amzn-requestid: 419e5a80-cb6d-4904-9545-a0f815149701
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYMREwmIAMFhQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0b4-64c49f7d49687d9e5324ec64;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:35:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rZHSgPIPZyea2griEvL-3semlrUDichGSL8Rin4YeYKN909f9e0lyQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:41:09 GMT
age: 74065
etag: "c70d46aa2210c4f7c397fa20e1225b7d0734ac35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5943 bytes)
Hash
ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VATQ0SjZfM_btXwR4M5keLmd-EE6717EHEiXrF2zpHNrli93EhN6Rw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:48:42 GMT
age: 73612
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9285 bytes)
Hash
17e1b6f3caa98b0e0972802408dd3f93
07e48bf3565e00d093d72dd4ada606f5d39a4838
7094ef64e04573bea7a81bbcc8ab59d721c5ef433e3fa9203e5861040ced549c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9285
x-amzn-requestid: 526bd945-31d8-490e-af9d-5e6fc6ea3561
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYT2HzvoAMFYYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0e5-6812fe4354bbdac4472e7e81;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QEH9CmjfV8QZFNxFz_tEk06i_ELUSNC2QjdTF4K3xc3vS651BZ3NlQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:52:28 GMT
age: 73386
etag: "07e48bf3565e00d093d72dd4ada606f5d39a4838"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (14856 bytes)
Hash
cfe699b31f96add9f1439af1ff1191eb
f77a833a69b69eef4a39e404c102f624e96b52c0
44312979ac13221e5c3328ad590f0f3dc7da00380c07c433382cd81c47b717f8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14856
x-amzn-requestid: e7d931f7-d086-42b9-a1f3-c8253b82eba6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSY_OHw7IAMFj6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d52e-4fd95c5f5a64861720a1ee60;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:07:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2yzeIjHl8sUO9s5n2sZfN6DSWOVDVQl-xdSrNmHu-yWXj_7VJJk5qA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:39:30 GMT
age: 38164
etag: "f77a833a69b69eef4a39e404c102f624e96b52c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9595 bytes)
Hash
f62e9b7bdca82d18c945851912d8fea8
a7ca44d337c43bc5c6145b26778661c71cc50484
5da02cc405c1cada55813ffe376844375f1d6ad222cbb63405348b1f5132a0b1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9595
x-amzn-requestid: c257bfbe-1bd7-4540-bbfa-e4c49a2624a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXwfGigoAMFvBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a002-226c08656eeefbfa3c2dddb6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k9njnQmggD7UkVJzZqSzo90HJJjTjGK0QIoPU0HWYKrSstjM6s1rOw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:57:18 GMT
age: 73096
etag: "a7ca44d337c43bc5c6145b26778661c71cc50484"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12758 bytes)
Hash
7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mjK4GJ3UCEuHk4XqmXdZCWHTVvJeX8Z2HFaem2GYzqfqlPSd_h6DfA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:33:59 GMT
age: 38495
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

maidaenterprises.com/

185.217.168.250

301 Moved Permanently

0 B

URL HTTP/1.1
maidaenterprises.com/
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: _eshoob=1; expires=Thu, 02-Feb-2023 18:15:36 GMT; Max-Age=604800; path=/
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://maidaenterprises.com/
content-length: 0
date: Thu, 26 Jan 2023 18:15:36 GMT

maidaenterprises.com/wp-content/plugins/woocommerce-payments/vendor/woocommerce/subscriptions-core/build/index.css?ver=3.1.6

185.217.168.250

200 OK

326 B

URL HTTP/2
maidaenterprises.com/wp-content/plugins/woocommerce-payments/vendor/woocommerce/subscriptions-core/build/index.css?ver=3.1.6
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (1411)
Size
326 B (326 bytes)
Hash
e6024e94f2cdf7ff1da4c708978b252b
b394f60cab9b6c954550837e9c458444bb76ab21
bc6f40d1dc3dcb37a83cfae77f5612830ed9790683dc91f22d943d9180713d2e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce-payments/vendor/woocommerce/subscriptions-core/build/index.css?ver=3.1.6 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Sun, 03 Jul 2022 20:32:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 326
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/page-builder/bb-plugin.min.css?ver=3.8.1

185.217.168.250

200 OK

127 B

URL HTTP/2
maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/page-builder/bb-plugin.min.css?ver=3.8.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (302), with no line terminators
Size
127 B (127 bytes)
Hash
09707d8249bff41ab9b149ef2fc6b72c
5238d701eaed208e52bac629e8ff59f2b94f815c
30c92fe46deaaac369efa9cb07d71427069fe60b46a095917d65d10fce6046ca

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/astra/assets/css/minified/compatibility/page-builder/bb-plugin.min.css?ver=3.8.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 17:49:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 127
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.8.1

185.217.168.250

200 OK

8.4 kB

URL HTTP/2
maidaenterprises.com/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.8.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (43644)
Size
8.4 kB (8393 bytes)
Hash
392b74ecaf49fcab085b48fc8013a93e
35ac9afd186062bb55e206df347eacc422efcd36
ef9002689f85be45503bb0899e39763f210a6d9782aeddc3a0ccb48d81a0fbfe

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.8.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 17:49:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8393
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
715f2a2c57230b2e1aedef83c76e0cbc
df5a219b8564a6c8fbe802e574ba625be7f204ca
ca239808557d30d1df2527ae94987866734b640bfd631282414a39eac87b872c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 18:15:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 18:15:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

maidaenterprises.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

185.217.168.250

200 OK

12 kB

URL HTTP/2
maidaenterprises.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (47826)
Size
12 kB (11616 bytes)
Hash
c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 15 Dec 2022 14:11:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

185.217.168.250

200 OK

2.4 kB

URL HTTP/2
maidaenterprises.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (11256), with no line terminators
Size
2.4 kB (2394 bytes)
Hash
ce94f62588d05264ac0148712111cb11
518bcd922f54169aeb199c0ccbc5877165ac218e
84ab658a69c39f424be0b27f61d612447d01606fce33beb962cbea53627d8c81

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Wed, 30 Sep 2020 01:23:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2394
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1

185.217.168.250

200 OK

982 B

URL HTTP/2
maidaenterprises.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (4186), with no line terminators
Size
982 B (982 bytes)
Hash
24f4d7f425e792ab35adaab50816e54a
9e25bf79b674ddb7ba09ad7f118c50ec473c02c8
1c78bfb4d523785a4ebd37bb1f79f214f9bdb16673f7cc50805f7f1a26ad7f83

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Sat, 08 Jun 2019 06:15:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 982
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/

185.217.168.250

200 OK

28 kB

URL HTTP/2
maidaenterprises.com/
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (61589), with CRLF, LF line terminators
Size
28 kB (27573 bytes)
Hash
76d17ad2b9bac5caa1369692c0ba8503
dd848e20affc1b433673e1166ab6a4cfc17eafe1
2fc6030f1d0c2c3a3bae9b330378474fd3d3538ed949f89d7b5b2000012d1dbc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
set-cookie: _eshoob=1; expires=Thu, 02-Feb-2023 18:15:38 GMT; Max-Age=604800; path=/; secure
content-type: text/html; charset=UTF-8
link: <https://maidaenterprises.com/wp-json/>; rel="https://api.w.org/", <https://maidaenterprises.com/wp-json/wp/v2/pages/802>; rel="alternate"; type="application/json", <https://maidaenterprises.com/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Thu, 26 Jan 2023 18:15:38 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.4.3

185.217.168.250

200 OK

1.1 kB

URL HTTP/2
maidaenterprises.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.4.3
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (4933), with no line terminators
Size
1.1 kB (1109 bytes)
Hash
8f2da34c6f082c7bec00f9cca661fd59
d0de5b6b29a9788a64826b833465a9d08f7c2ab7
d461fea6636b26aab698f636b2518709cb79416c7d3916d6b03497c4d75befdd

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.4.3 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 19:03:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1109
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.4.3

185.217.168.250

200 OK

21 kB

URL HTTP/2
maidaenterprises.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.4.3
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size
21 kB (20570 bytes)
Hash
7132e662c49912d6a5ce770aa9ee8263
69affd392c02334b1ba4a05da84317ceb4d633bf
322595d6226fdc9456624e9694ead460d27eabae9b1b36099b7dfa378dc5344b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.4.3 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 19:03:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20570
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-base.min.css?ver=1.7.4.2

185.217.168.250

200 OK

3.5 kB

URL HTTP/2
maidaenterprises.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-base.min.css?ver=1.7.4.2
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (22510)
Size
3.5 kB (3486 bytes)
Hash
9eb060a1c6b093caaa0e1befb1a2ce22
b7f27f76fc48cc949ce3b475446c8445a1d70bc9
041a859997e590cc821accffc7b808fe8ee84e67cbc53b61f08f4ce96d39ebf5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/wpforms-lite/assets/css/wpforms-base.min.css?ver=1.7.4.2 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 19:03:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3486
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.3.1

185.217.168.250

200 OK

12 kB

URL HTTP/2
maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.3.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (59119)
Size
12 kB (12370 bytes)
Hash
f286e5ab8fff36a43d406daa305ee5a8
e57a1d3ff6e89acadb6652566d2fbb7010c43003
86502649926ea8b98b10bf5e0b28846d0c5be7578858e861b960860f918bf892

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.3.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 19:02:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12370
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

185.217.168.250

200 OK

30 kB

URL HTTP/2
maidaenterprises.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (65447)
Size
30 kB (30324 bytes)
Hash
3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Thu, 15 Dec 2022 14:11:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1

185.217.168.250

200 OK

129 B

URL HTTP/2
maidaenterprises.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with no line terminators
Size
129 B (129 bytes)
Hash
5ef26b5e47e6951f43ecf2b1fc645222
081afb52577f6f3bb044fdea6d34a632c3cce7e8
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 16:45:42 GMT
accept-ranges: bytes
content-length: 129
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

185.217.168.250

200 OK

4.6 kB

URL HTTP/2
maidaenterprises.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (15660)
Size
4.6 kB (4619 bytes)
Hash
0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Wed, 25 May 2022 05:32:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/uploads/2022/05/cropped-maida-logo-e1653642933941.png

185.217.168.250

200 OK

6.5 kB

URL HTTP/2
maidaenterprises.com/wp-content/uploads/2022/05/cropped-maida-logo-e1653642933941.png
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
PNG image data, 102 x 88, 8-bit/color RGBA, non-interlaced\012- data
Size
6.5 kB (6488 bytes)
Hash
dfee21f28ba5a1cf2e3a7350fa9d7d47
13a03fa5370c703765f453a775b432f2e22bb34f
c74a640201bee31294fdc1adc1d1ac96467aee5b85ea78cf635cc8592fdc403f

HTTP Headers

GET /wp-content/uploads/2022/05/cropped-maida-logo-e1653642933941.png HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: image/png
last-modified: Fri, 27 May 2022 09:17:19 GMT
accept-ranges: bytes
content-length: 6488
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/css/v4-shims.min.css?ver=2.5.3.1

185.217.168.250

200 OK

4.0 kB

URL HTTP/2
maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/css/v4-shims.min.css?ver=2.5.3.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (26516)
Size
4.0 kB (3987 bytes)
Hash
af3d60446a63b200eff69fd62c0e2c2c
20097ed1f8fe4f1b83fe05b1b69bdcee733f7a65
20a414dca0ddb360c4efdcdd47ec61d6ad05641b1734005f10e6039151392926

HTTP Headers

GET /wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/css/v4-shims.min.css?ver=2.5.3.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 19:02:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3987
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/uploads/bb-plugin/cache/802-layout.css?ver=719e0b06772c52eaee33794ec3580fbd

185.217.168.250

200 OK

8.2 kB

URL HTTP/2
maidaenterprises.com/wp-content/uploads/bb-plugin/cache/802-layout.css?ver=719e0b06772c52eaee33794ec3580fbd
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
8.2 kB (8160 bytes)
Hash
0a226b6d9032558addde43acd51474a6
4a2ceb15d71d54a635b8a5cd43d5310c5d13fa07
33d905a8174ff5e62b378b68b21837ba52f0957b9cea9f1045d307cf47084756

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/802-layout.css?ver=719e0b06772c52eaee33794ec3580fbd HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Sat, 13 Aug 2022 17:13:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8160
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1

185.217.168.250

200 OK

848 B

URL HTTP/2
maidaenterprises.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text
Size
848 B (848 bytes)
Hash
c962ba8e7d42ff9da18392b41dad5151
7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Sun, 07 Aug 2022 18:24:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 848
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.8.1

185.217.168.250

200 OK

334 B

URL HTTP/2
maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.8.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (850), with no line terminators
Size
334 B (334 bytes)
Hash
2c050b2ab2a3224dfdef5da481224d3c
1b7f0ef5dabd3c51ff834d1c6b8add92de38d97b
9af607f84b802615b08b4b25c9d38a922fa86fca149a8531d46ca45b507ef96f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.8.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 17:49:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 334
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.8.1

185.217.168.250

200 OK

14 kB

URL HTTP/2
maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.8.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
Unicode text, UTF-8 text, with very long lines (65524), with no line terminators
Size
14 kB (13801 bytes)
Hash
88dcadb14b48922c0c5888093256f6bc
838b54ac25d6882c95a81320597e3cf9aaaf9867
ab711c4bc2560b0cb754a6f85a79056176ca5f5eff2d972bcf01829f6a3067b4

HTTP Headers

GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.8.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 17:49:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13801
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.2

185.217.168.250

200 OK

16 kB

URL HTTP/2
maidaenterprises.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.2
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
16 kB (15532 bytes)
Hash
63440a10045040089c23b9e57001dc2c
ddeedb5fa2831e3c973720cdafd1843d61e6d3dd
5ab6086189a9163156a7fda2cca4ffa21a3c10083a5eb1383196b62a0ea7d131

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.2 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Sun, 07 Aug 2022 17:38:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15532
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.8.1

185.217.168.250

200 OK

1.9 kB

URL HTTP/2
maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.8.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (17307), with no line terminators
Size
1.9 kB (1861 bytes)
Hash
ee3d3d95d213fdc9e3759978bb38c30e
5baede86dc1b9f8132c771b088f99a862658e194
0f8ddccf97c4eb56295ad9842d7eaf323dff3d7e31674fda2c426efe5140a773

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.8.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 17:49:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1861
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16

185.217.168.250

200 OK

402 B

URL HTTP/2
maidaenterprises.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (1519), with no line terminators
Size
402 B (402 bytes)
Hash
f9970ca05ea0a4714cb90be2d50d756d
1c34d0360bef56b0ca56c25c449e75345bf77f27
4432f43b177fd433db2325f26d91389e71aa3c7d0171e781e79b8330423c3d04

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Mon, 08 Aug 2022 16:45:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 402
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.8.1

185.217.168.250

200 OK

3.7 kB

URL HTTP/2
maidaenterprises.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.8.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (16428), with no line terminators
Size
3.7 kB (3693 bytes)
Hash
9342788f1be3785bd788dc5133e483f2
ff3ea3116b0acd5a4d849fc6b7c0790e4d4a02d2
8f6a329865d98a0726dc5ac27e5bf62d5b4bb3362e932fa3d2a7c8a78e1bad25

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.8.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Thu, 19 May 2022 17:49:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3693
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.8.1

185.217.168.250

200 OK

714 B

URL HTTP/2
maidaenterprises.com/wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.8.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (2772), with no line terminators
Size
714 B (714 bytes)
Hash
6d3fdc7251250ed5f839f0dda2fbc6fd
92a87896ef472ced061f8861400d9300a2c0b980
9db962dec197142751f9188192542e9426c8534a045b7665499b9dd6a1379af8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.8.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Thu, 19 May 2022 17:49:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 714
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.12

185.217.168.250

200 OK

1.9 kB

URL HTTP/2
maidaenterprises.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.12
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (6020), with no line terminators
Size
1.9 kB (1867 bytes)
Hash
11672432a6e2edc266c91990e816ceb6
c61528d8aa2386e6dcd7bb733c65cc336f3e2e59
ea14162c428b487549585f8f52853e8d602ab56ee5ff4e8cb68ff91edc9415ec

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.12 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Thu, 11 Aug 2022 09:46:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1867
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/js/jquery.waypoints.min.js?ver=2.5.3.1

185.217.168.250

200 OK

2.5 kB

URL HTTP/2
maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/js/jquery.waypoints.min.js?ver=2.5.3.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
Unicode text, UTF-8 text, with very long lines (8668)
Size
2.5 kB (2540 bytes)
Hash
8b4fa51676b888b9690b0a569df29b46
964d5ab97da06207502b98ee7843fd89892eb45c
eb319f1642b22c8345126fe8fc6c680b4f1388cce434df5079051751f44fa320

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/beaver-builder-lite-version/js/jquery.waypoints.min.js?ver=2.5.3.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Thu, 19 May 2022 19:02:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2540
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/uploads/bb-plugin/cache/802-layout.js?ver=e7f0c3d8fb2b39f359beac61be6a5794

185.217.168.250

200 OK

7.9 kB

URL HTTP/2
maidaenterprises.com/wp-content/uploads/bb-plugin/cache/802-layout.js?ver=e7f0c3d8fb2b39f359beac61be6a5794
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (894)
Size
7.9 kB (7887 bytes)
Hash
be22af8ea07fb7a512d240c26631f700
53379f56f454ec28e1469a01274b92d7567d1563
0c1ddb2b3500ce90c58c85dc677ff1aba8f261fe1b2d8b2c88159356a435c98f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/bb-plugin/cache/802-layout.js?ver=e7f0c3d8fb2b39f359beac61be6a5794 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Sat, 13 Aug 2022 17:13:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7887
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

185.217.168.250

200 OK

2.4 kB

URL HTTP/2
maidaenterprises.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (6475), with no line terminators
Size
2.4 kB (2354 bytes)
Hash
4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Wed, 25 May 2022 05:32:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2354
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

185.217.168.250

200 OK

6.3 kB

URL HTTP/2
maidaenterprises.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Size
6.3 kB (6335 bytes)
Hash
fecbc00e8af71d8cfb678cd811c7cb2e
44e5dd77f62cb5c67271442b75cdff10d45f2f8d
d6f03fb4728d0c23251451df8d66b5107d3c87458dc624aacfbad437e99d01f1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Thu, 15 Dec 2022 14:11:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6335
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1

185.217.168.250

200 OK

6.2 kB

URL HTTP/2
maidaenterprises.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (21904), with no line terminators
Size
6.2 kB (6238 bytes)
Hash
68439ced69fdf8292fe943cd083300d3
efbd001868e39caf4996154fc8505ccd84ff5fb0
3a3c570475bcc4a48a63637afbfa35033665881be0560a7cb0146fd23969ab40

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Sun, 07 Aug 2022 18:24:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6238
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.5.1

185.217.168.250

200 OK

3.2 kB

URL HTTP/2
maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.5.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (9139)
Size
3.2 kB (3245 bytes)
Hash
2289a47b9cb9b09edb011970c0c2d4f5
1845b95796da67d0024f04f8aa419e065b3bf0de
c58f03d19efbce8043e675d39f3f7e30f6f999a9e1f7ae46b01058d31451a233

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.5.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Thu, 19 May 2022 19:02:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3245
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.5.1

185.217.168.250

200 OK

970 B

URL HTTP/2
maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.5.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
HTML document, ASCII text, with very long lines (3037), with no line terminators
Size
970 B (970 bytes)
Hash
155d874ef60217f790dedec58e83d832
42a2698adec25b2000046cf7e3818e6478951fc3
c6801f4d5dcdd86ba3e33dc35a8765c03fd55e9f621443dd0fb7cd8c8e6707da

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.5.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Thu, 19 May 2022 19:02:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 970
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.5.1

185.217.168.250

200 OK

899 B

URL HTTP/2
maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.5.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (1668)
Size
899 B (899 bytes)
Hash
22d65ba38528349e705d912ce26bf8ac
c89ba006009043d93b88ff155b4fec8797330550
6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.5.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Thu, 19 May 2022 19:02:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 899
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.5.1

185.217.168.250

200 OK

677 B

URL HTTP/2
maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.5.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (2139), with no line terminators
Size
677 B (677 bytes)
Hash
a43fc0dde8fdd69656ad0957e62849c7
4b07cf702ac8a770c8cbffc22b9a788b6e5389ba
1ce3d0493424870c81deec0ec41de0592d2af9f91cd8081cd40a1d7ea89b614f

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.5.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Thu, 19 May 2022 19:02:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 677
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.5.1

185.217.168.250

200 OK

934 B

URL HTTP/2
maidaenterprises.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.5.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (2938), with no line terminators
Size
934 B (934 bytes)
Hash
cf25dd071a208312bdc07f34d2cee027
76119563119eaae392ecc8903c989d98d0b93002
8635ba2cad8f887e72779bd526f8738ff6343c74cba715caf2eddea383ba7ce6

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.5.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Thu, 19 May 2022 19:02:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 934
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=3.8.1

185.217.168.250

200 OK

820 B

URL HTTP/2
maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=3.8.1
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
ASCII text, with very long lines (5985), with no line terminators
Size
820 B (820 bytes)
Hash
3a408d8991f7ecad01d07ed951df7d39
75922587c1255452e85daec21697daf4e0073184
e83bcd35725b609cd59fad0580ff24e360d15d70e9c480830e937c1ef23d430c

HTTP Headers

GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=3.8.1 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: text/css
last-modified: Thu, 19 May 2022 17:49:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 820
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 18:15:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 18:15:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2

142.250.74.35

200 OK

14 kB

URL HTTP/2
fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 14060, version 1.0\012- data
Size
14 kB (14060 bytes)
Hash
aacf0f4f8b5d693087b4d8ac6c86d2ae
ad06f3ffd0db6034eb0a12f98aa8aa4dead430fb
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7

HTTP Headers

GET /s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maidaenterprises.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14060
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 10:04:36 GMT
expires: Tue, 23 Jan 2024 10:04:36 GMT
cache-control: public, max-age=31536000
age: 288663
last-modified: Mon, 18 Jul 2022 19:44:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

pixel.wp.com/g.gif?v=ext&j=1%3A11.2&blog=208546188&post=802&tz=0&srv=maidaenterprises.com&host=maidaenterprises.com&ref=&fcp=0&rand=0.8583316675452061

192.0.76.3

200 OK

50 B

URL HTTP/2
pixel.wp.com/g.gif?v=ext&j=1%3A11.2&blog=208546188&post=802&tz=0&srv=maidaenterprises.com&host=maidaenterprises.com&ref=&fcp=0&rand=0.8583316675452061
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type
GIF image data, version 89a, 6 x 5\012- data
Size
50 B (50 bytes)
Hash
e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

HTTP Headers

GET /g.gif?v=ext&j=1%3A11.2&blog=208546188&post=802&tz=0&srv=maidaenterprises.com&host=maidaenterprises.com&ref=&fcp=0&rand=0.8583316675452061 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:15:39 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 18:15:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2

142.250.74.35

200 OK

20 kB

URL HTTP/2
fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 19860, version 1.0\012- data
Size
20 kB (19860 bytes)
Hash
a95e391373ad634c3b7dbaf77de3f40e
ddc4638bc28c21a400fcd2df94448743f198a257
fa3d5a0422c9b413abb4c78f8ff80de8a8ed58766f7110c82febf5296e899b47

HTTP Headers

GET /s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maidaenterprises.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 15:34:19 GMT
expires: Fri, 26 Jan 2024 15:34:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:06:33 GMT
content-type: font/woff2
age: 9680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lemonada/v22/0QI-MXFD9oygTWy_R-FFlwV-bgfR7QJGeutGnv-d.woff2

142.250.74.35

200 OK

14 kB

URL HTTP/2
fonts.gstatic.com/s/lemonada/v22/0QI-MXFD9oygTWy_R-FFlwV-bgfR7QJGeutGnv-d.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 13672, version 1.0\012- data
Size
14 kB (13672 bytes)
Hash
10f476f994c7c03948647fd58e423318
84bccf6bcaa85b72587ee5c37e5940b326d87b12
ff2fd902cd3897dbcd1076cfbbaca4a1304e53de7364ce54e01a489316d733fd

HTTP Headers

GET /s/lemonada/v22/0QI-MXFD9oygTWy_R-FFlwV-bgfR7QJGeutGnv-d.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maidaenterprises.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13672
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:16:01 GMT
expires: Tue, 23 Jan 2024 18:16:01 GMT
cache-control: public, max-age=31536000
age: 259178
last-modified: Wed, 07 Dec 2022 18:31:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 18:15:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

maidaenterprises.com/wp-content/uploads/2022/07/parker-burchfield-tvG4WvjgsEY-unsplash-scaled.jpg

185.217.168.250

200 OK

280 kB

URL HTTP/2
maidaenterprises.com/wp-content/uploads/2022/07/parker-burchfield-tvG4WvjgsEY-unsplash-scaled.jpg
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 2560x1707, components 3\012- data
Size
280 kB (280132 bytes)
Hash
f8dbcc87b879c7cb9cf723e4c9677df8
994334139ce9d543c38e95339e8ce0113bd5fba2
dfac9ec34af650186de0db6b7e0992816c61bb911730f7bc5c8dd40dc9fcf066

HTTP Headers

GET /wp-content/uploads/2022/07/parker-burchfield-tvG4WvjgsEY-unsplash-scaled.jpg HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/wp-content/uploads/bb-plugin/cache/802-layout.css?ver=719e0b06772c52eaee33794ec3580fbd
Cookie: _eshoob=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: image/jpeg
last-modified: Sat, 02 Jul 2022 16:21:58 GMT
accept-ranges: bytes
content-length: 280132
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/uploads/2022/07/image505.png

185.217.168.250

200 OK

52 kB

URL HTTP/2
maidaenterprises.com/wp-content/uploads/2022/07/image505.png
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
PNG image data, 225 x 300, 8-bit/color RGB, non-interlaced\012- data
Size
52 kB (52186 bytes)
Hash
c0f3d433599ad14f94441de1b147d132
24aa6c98f02a10c15b11115b71b5da49cd274b7b
f77fcece39eb034e7fa46674f8b3c4df91454493a7bbab118d8b03a5048e66e7

HTTP Headers

GET /wp-content/uploads/2022/07/image505.png HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/wp-content/uploads/bb-plugin/cache/802-layout.css?ver=719e0b06772c52eaee33794ec3580fbd
Cookie: _eshoob=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: image/png
last-modified: Sun, 03 Jul 2022 09:24:26 GMT
accept-ranges: bytes
content-length: 52186
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/uploads/2022/07/image485.png

185.217.168.250

200 OK

63 kB

URL HTTP/2
maidaenterprises.com/wp-content/uploads/2022/07/image485.png
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
PNG image data, 225 x 300, 8-bit/color RGB, non-interlaced\012- data
Size
63 kB (63020 bytes)
Hash
ff508f33c891e8509b55bcf0884b50aa
b8e859b17b83cafd8958231a839b98c249d9900e
223b928c54349e0c6a28127f02c6f69dd2ed1069891e8a09da40fdbbfa12bebd

HTTP Headers

GET /wp-content/uploads/2022/07/image485.png HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/wp-content/uploads/bb-plugin/cache/802-layout.css?ver=719e0b06772c52eaee33794ec3580fbd
Cookie: _eshoob=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: image/png
last-modified: Sun, 03 Jul 2022 09:25:37 GMT
accept-ranges: bytes
content-length: 63020
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/uploads/2022/07/3.jpg

185.217.168.250

200 OK

30 kB

URL HTTP/2
maidaenterprises.com/wp-content/uploads/2022/07/3.jpg
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left], baseline, precision 8, 417x507, components 3\012- data
Size
30 kB (30445 bytes)
Hash
00bafeb6740465371c11be6fa7fc497b
a3c8d556d18cb8b8083d32b45c5c67ea8be47230
adf9e050dfd30eda42dd645aa8427b3a8984a3e575b7bc50215d157b45be2712

HTTP Headers

GET /wp-content/uploads/2022/07/3.jpg HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/wp-content/uploads/bb-plugin/cache/802-layout.css?ver=719e0b06772c52eaee33794ec3580fbd
Cookie: _eshoob=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: image/jpeg
last-modified: Wed, 06 Jul 2022 17:51:59 GMT
accept-ranges: bytes
content-length: 30445
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/themes/astra/assets/fonts/astra.woff

185.217.168.250

200 OK

3.3 kB

URL HTTP/2
maidaenterprises.com/wp-content/themes/astra/assets/fonts/astra.woff
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
Web Open Font Format, TrueType, length 3304, version 1.0\012- data
Size
3.3 kB (3304 bytes)
Hash
bfe0ed8503c926d68f58ed0408dfe0d0
0346d02d96ff7d2a0278bc10f4dfdf365c80eac3
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/astra/assets/fonts/astra.woff HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: font/woff
last-modified: Thu, 19 May 2022 17:49:20 GMT
accept-ranges: bytes
content-length: 3304
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/plugins/woocommerce/assets/fonts/star.woff

185.217.168.250

200 OK

1.3 kB

URL HTTP/2
maidaenterprises.com/wp-content/plugins/woocommerce/assets/fonts/star.woff
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
Web Open Font Format, CFF, length 1304, version 1.0\012- data
Size
1.3 kB (1304 bytes)
Hash
335cbf607c55aa32fd06809d1f9eb127
e70dd0cd93614997e251f26477ea815435981e19
d87af7a2528beb59a990e0414df87b4e4115f77f3a4a750f6616ff189b70345a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/fonts/star.woff HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://maidaenterprises.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.8.1
Cookie: _eshoob=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: font/woff
last-modified: Thu, 19 May 2022 19:02:53 GMT
accept-ranges: bytes
content-length: 1304
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2

185.217.168.250

200 OK

78 kB

URL HTTP/2
maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196\012- data
Size
78 kB (78268 bytes)
Hash
d824df7eb2e268626a2dd9a6a741ac4e
0ccb2c814a7e4ca12c4778821633809cb0361eaa
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://maidaenterprises.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.3.1
Cookie: _eshoob=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: font/woff2
last-modified: Thu, 19 May 2022 19:02:13 GMT
accept-ranges: bytes
content-length: 78268
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/uploads/2022/05/cropped-maida-logo-e1653642933941-1-192x192.png

185.217.168.250

200 OK

15 kB

URL HTTP/2
maidaenterprises.com/wp-content/uploads/2022/05/cropped-maida-logo-e1653642933941-1-192x192.png
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
data
Size
15 kB (15045 bytes)
Hash
0c520a96ddeac0aff3a9fd77496d0864
a64557ea3dfd49d45f1260de05c347a6c36543e4
5a9f6461d013a44ec53ff5c411e3534c25f5515878be4bca4780d235f1b518e0

HTTP Headers

GET /wp-content/uploads/2022/05/cropped-maida-logo-e1653642933941-1-192x192.png HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:40 GMT
content-type: image/png
last-modified: Fri, 27 May 2022 13:19:52 GMT
accept-ranges: bytes
content-length: 14835
date: Thu, 26 Jan 2023 18:15:40 GMT
X-Firefox-Spdy: h2

maidaenterprises.com/wp-content/uploads/2022/05/cropped-maida-logo-e1653642933941-1-32x32.png

185.217.168.250

200 OK

1.8 kB

URL HTTP/2
maidaenterprises.com/wp-content/uploads/2022/05/cropped-maida-logo-e1653642933941-1-32x32.png
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type
data
Size
1.8 kB (1772 bytes)
Hash
4b2f63276f0aa2bfa663aa4a5dddd324
1d3056aa030475f8109fc37b359cb1ea576e5740
82d0424b57ab8cd1235ebc00162c3f13a5eaa72b15299e2f48676f7331122f05

HTTP Headers

GET /wp-content/uploads/2022/05/cropped-maida-logo-e1653642933941-1-32x32.png HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:40 GMT
content-type: image/png
last-modified: Fri, 27 May 2022 13:19:52 GMT
accept-ranges: bytes
content-length: 1151
date: Thu, 26 Jan 2023 18:15:40 GMT
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Nunito%3A400%7CPlayfair+Display%3A400%7CMontserrat%3A700&display=fallback&ver=3.8.1

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Nunito%3A400%7CPlayfair+Display%3A400%7CMontserrat%3A700&display=fallback&ver=3.8.1
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Nunito%3A400%7CPlayfair+Display%3A400%7CMontserrat%3A700&display=fallback&ver=3.8.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 18:15:39 GMT
date: Thu, 26 Jan 2023 18:15:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lemonada%3A400&ver=6.1.1

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Lemonada%3A400&ver=6.1.1
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Lemonada%3A400&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 18:15:39 GMT
date: Thu, 26 Jan 2023 18:15:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

maidaenterprises.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

185.217.168.250

200 OK

0 B

URL HTTP/2
maidaenterprises.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
185.217.168.250:0
ASN
#35913 DEDIPATH-LLC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: maidaenterprises.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Cookie: _eshoob=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 02 Feb 2023 18:15:39 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Thu, 26 Jan 2023 18:15:39 GMT
X-Firefox-Spdy: h2

stats.wp.com/s-202304.js

192.0.76.3

200 OK

0 B

URL HTTP/2
stats.wp.com/s-202304.js
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /s-202304.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:15:39 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-2494"
content-encoding: br
expires: Mon, 22 Jan 2024 15:38:27 GMT
cache-control: max-age=31536000
x-nc: HIT arn
X-Firefox-Spdy: h2

static.addtoany.com/menu/page.js

172.67.39.148

200 OK

0 B

URL HTTP/2
static.addtoany.com/menu/page.js
IP
172.67.39.148:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maidaenterprises.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 26 Jan 2023 18:15:39 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-bgj: minify
access-control-allow-origin: *
age: 147586
etag: W/"c04-5f1f2ae2e431b"
last-modified: Wed, 11 Jan 2023 01:11:30 GMT
vary: Accept-Encoding
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78fb3c3579c6b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (38)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML