r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9567
Expires: Wed, 23 Nov 2022 07:22:24 GMT
Date: Wed, 23 Nov 2022 04:42:57 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4610
Cache-Control: max-age=111908
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:42:57 GMT
Etag: "637ca4f3-1d7"
Expires: Thu, 24 Nov 2022 11:48:05 GMT
Last-Modified: Tue, 22 Nov 2022 10:31:15 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14671
Expires: Wed, 23 Nov 2022 08:47:28 GMT
Date: Wed, 23 Nov 2022 04:42:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 04:09:22 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2015
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: NDAPedabQDr62FxAKsnJpEIj9h8QWDXED5iRxNFdZgwlQnFAOrCwbuKUQCS2AHYl2g7e7uqGo7c=
x-amz-request-id: 7XXY2MT5C3NWMTJE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 04:42:51 GMT
age: 6
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/
301 Moved Permanently 707 B URL HTTP/1.1 maureenteenmomsfoundation.org/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 23 Nov 2022 04:42:57 GMT
server: LiteSpeed
location: https://maureenteenmomsfoundation.org/
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:42:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 04:08:53 GMT
cache-control: public,max-age=3600
age: 2044
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 8a181d95550cfdf3b1fc4deb71631e40
37866f7293c41fbfb817e321754cae5c5bf59f93
6aa3d2763181cc48d2ad0ce7d227f3cb3324045c3f7858ccdbae675768dcec55
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6499
Cache-Control: max-age=108736
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:42:58 GMT
Etag: "637c912f-1d7"
Expires: Thu, 24 Nov 2022 10:55:14 GMT
Last-Modified: Tue, 22 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kR0Zu6V4zu7fjf2/gdIQow==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: av1zckZHPOAgOf8bdetqmiyWHeA=
ocsp.sectigo.com/
200 OK 472 B IP
Hash 86e1a013cfc6ed55b37947ca827d80bf
78d1e40f932c9ccd0a0a064d89900014dc5558c5
226cc99d251f103b104bb55e0703e26ce420fa003cdee67c3709aca6b5864bb3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:42:58 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 20 Nov 2022 06:54:11 GMT
Expires: Sun, 27 Nov 2022 06:54:10 GMT
Etag: "78d1e40f932c9ccd0a0a064d89900014dc5558c5"
Cache-Control: max-age=352871,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e73dc03f501c16-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14751
Expires: Wed, 23 Nov 2022 08:48:50 GMT
Date: Wed, 23 Nov 2022 04:42:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14751
Expires: Wed, 23 Nov 2022 08:48:50 GMT
Date: Wed, 23 Nov 2022 04:42:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14751
Expires: Wed, 23 Nov 2022 08:48:50 GMT
Date: Wed, 23 Nov 2022 04:42:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14751
Expires: Wed, 23 Nov 2022 08:48:50 GMT
Date: Wed, 23 Nov 2022 04:42:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14751
Expires: Wed, 23 Nov 2022 08:48:50 GMT
Date: Wed, 23 Nov 2022 04:42:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2fba7b0-566a-4154-a555-caf6ef55283e.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2fba7b0-566a-4154-a555-caf6ef55283e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f90eaacb028f41ae23d5ae0bb5bb1c60
adabb8e73c60950b2161b973db1150a2e6484d3f
8e45a3b3966392447e2b426e912e8151e087cfbf9f4ff2af47d81d20d5a19f25
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2fba7b0-566a-4154-a555-caf6ef55283e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10678
x-amzn-requestid: 9180d893-71d8-460c-92b7-2bb406940975
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: byQ65Fr6oAMFzjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63772eab-1741d1f27534c13e43e3cec0;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 07:05:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K2Shuq-IX_VACYEEJzuubHKr01H_Oq_NntRt9WlJuAMsBG61kaFhjg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 19:31:13 GMT
age: 33106
etag: "adabb8e73c60950b2161b973db1150a2e6484d3f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: _j5ykGwKHIQEFLyuJK_OMvs-CsCvkUQhZc_YD8gAtbyOECQ894zvjw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 05:19:29 GMT
age: 84210
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F719df867-6e3b-42ad-bb29-bacd6908c756.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F719df867-6e3b-42ad-bb29-bacd6908c756.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 858121146f13af8b53e7bfb9d143490c
2a0aa4d6e3d648b23e15db38559fa9be9ca2cdd8
5c79f7d9479cdaca6fca1abc2af768f8dbe2e7df70959a6620c676a4a4060b9e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F719df867-6e3b-42ad-bb29-bacd6908c756.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5721
x-amzn-requestid: d6a84920-e8e5-4160-aea1-ccabce26d36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bvCq5EH4IAMFlSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375e4ab-7835c4341c7b2fb700784aa2;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 07:37:15 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: uHxRMxqxRzA8EdKR4GXNTGnjYcS2u1qLVmU6AZPSol1EXyHWkvmTzw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 05:08:07 GMT
age: 84892
etag: "2a0aa4d6e3d648b23e15db38559fa9be9ca2cdd8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19004cd2-76fa-499a-9749-67f2994dc084.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19004cd2-76fa-499a-9749-67f2994dc084.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a539a7b4a38c495d8d7efd7b95fec6de
8f8bdba45b4fdf16783758eb6e53f957e53987bc
2d209c13af43c4237e36291cb24140e4993361311489ad27943b1209262592e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19004cd2-76fa-499a-9749-67f2994dc084.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11839
x-amzn-requestid: b0429c36-a8c3-49e7-b25a-1ecdfc6e7648
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: btVS7Hp2oAMF32g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637535ac-097bd45a569a4cff672486de;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 19:10:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: omaSeWY89Yj_x-18NptKJzjBTZXpKGcUVWYdr05K0YwqGhSjQ3ohaQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:09:30 GMT
age: 23609
etag: "8f8bdba45b4fdf16783758eb6e53f957e53987bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c6380f73d47906bd63b9c48137e4df61
94e053461d2db89e9d08321f26a2555ebcd7e0b9
84144e3c3e7acc7339fd1da9b373f18582734b6f4d235b2aef8c90616ed1c8a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5914
x-amzn-requestid: 8dea187e-ee61-4691-aff7-59202f978565
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b2P4MF0UIAMFWBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6378c69a-011430f86689624a29d71215;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 12:05:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: c2w_q7fYc60JSQ4GcAlmUFyp7csfflgG8GvCXJuy_wWlvf9mIG0u9g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:38:55 GMT
age: 21844
etag: "94e053461d2db89e9d08321f26a2555ebcd7e0b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 309227dc1b5f9193c6be8f5a010fa348
dff12e88a784a954012f257d3689862c52251d01
2d52b83ff0a58c41bf2e38abf8fce13eb87b5ecfce144ff0edc1bfadd254b452
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8081
x-amzn-requestid: cafd3337-7bb8-4e2d-91d4-a33439a32b80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAMEwgoAMFl-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4067-6074dcae15d9194513916d48;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0qleUIXFjvOqr3SeTpnFnVnhacI-ps0Fc33zsWp3eynFDhYOasUpPw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:48 GMT
age: 24371
etag: "dff12e88a784a954012f257d3689862c52251d01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 065495ec7a963a205abd9c8dbc75cb5d
ea416d0df4f6706150bda5da2077174f5cdd986b
1b2a2afee887651b23a849f14ace89b330329f6bf61c331545a3f6d12037aee5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:43:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maureenteenmomsfoundation.org/wp-content/plugins/bdthemes-element-pack/assets/css/ep-helper.css?ver=6.5.0
200 OK 5.0 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/bdthemes-element-pack/assets/css/ep-helper.css?ver=6.5.0
IP
File type ASCII text, with very long lines (33597), with no line terminators
Hash 478c7eeb75b94cc7787c3c672fc30157
6b9650ae8e317284e016ac27ec8944d2aecedf70
4e55727961b244a4277b3daa6167a4c3b3cebb6bd55ee459695cfdd2f1a34dea
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bdthemes-element-pack/assets/css/ep-helper.css?ver=6.5.0 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:26:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4976
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAtma%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CIBM+Plex+Serif%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
200 OK 2.8 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAtma%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CIBM+Plex+Serif%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP
Hash e16c1fe090f31f367b8bb311328de97e
941dd2974df96624a164092b94d7cba041008aed
71b4ecadd6a107aa59dfc7c17fdd57d7aaea985e871071ed02239646509f2598
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAtma%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CIBM+Plex+Serif%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maureenteenmomsfoundation.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Nov 2022 04:43:01 GMT
date: Wed, 23 Nov 2022 04:43:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/bdthemes-element-pack/assets/css/bdt-uikit.css?ver=3.15.1
200 OK 14 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/bdthemes-element-pack/assets/css/bdt-uikit.css?ver=3.15.1
IP
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash cc385a7987a03505c2006085d77e09e6
2eaea5142dd3782bf9289e23e1d93fe499d8249f
52c836040eb4fe06682aa69db6a476a6cc1580f0e90d0da42da298dfc2b2889c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bdthemes-element-pack/assets/css/bdt-uikit.css?ver=3.15.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:26:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14261
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/sina-morphing.min.css?ver=2.0.2
200 OK 206 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/sina-morphing.min.css?ver=2.0.2
IP
File type ASCII text, with very long lines (587), with no line terminators
Hash ecf37aa9d4351c34d8d01b70bc065b44
b93af633a2f22a70de3d0cbcc974d153ee051ce9
83b5c9c72b5b76bee30f46769426692b4a74fe16092b947837b4f333964312d0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/sina-morphing.min.css?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 206
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-scroll-animation.css?ver=2.0.2
200 OK 147 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-scroll-animation.css?ver=2.0.2
IP
Hash 3425f05ce389f728d266369903e2dfda
9066447d42729a9f96df4df967d8f06a1d704671
a1e266b6120509e5e5dc1672a878c33ced52263395799680e20d08d70463fdc3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-scroll-animation.css?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-length: 147
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-reveal-animation.css?ver=2.0.2
200 OK 457 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-reveal-animation.css?ver=2.0.2
IP
Hash f6dc0e6812cf0dc8b0612dcb7cf13205
d4cd15e7402d3528cb5f1f6a9a437529a62ac3af
e4a5906d7ad4eecec3b194dba435058991dc5be79fabe7f5e01198d9f9270b91
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-reveal-animation.css?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 457
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/decolines.css?ver=2.0.2
200 OK 237 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/decolines.css?ver=2.0.2
IP
Hash 41ee6db1f183a9fd611271ffc1f20210
83fe0d9850975053d6196a878b639dd2dd03259c
1b9274a7b61345a0943a6a18a9077e2815eba46df71413d2c30266e5a447b050
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/decolines.css?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-length: 237
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/revealer.css?ver=2.0.2
200 OK 152 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/revealer.css?ver=2.0.2
IP
Hash 394852062d5421e67ec88e6f49769d1f
b60f4d95da6bdf868431e0392e1653aedeccda3d
25e8981376e88d1ae6909476af878a7486be890373b9333ce2a8af7bd895c816
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/revealer.css?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-length: 152
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-reveal-curtain-animation.css?ver=2.0.2
200 OK 487 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-reveal-curtain-animation.css?ver=2.0.2
IP
Hash 1eb6dc54f6a6617740accaab88b869e9
1aec7395446745f77a311a48f598c093c3183923
1dfdc5214ce37e61799c6b29e011e9ed5c04ee6e564548aedc308950e34422e1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de-reveal-curtain-animation.css?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 487
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/
200 OK 30 kB URL HTTP/2 maureenteenmomsfoundation.org/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9381), with CRLF, LF line terminators
Hash 7b9c6e270f5bbc62a773d6b24ff39c4c
bf554b4fcffa84d450808178de54d6673d2a3d01
b4ac8b6a69d9cfd23789239df6f85098e0ea1e4b565b5a49cec014ad44a6851b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
link: <https://maureenteenmomsfoundation.org/wp-json/>; rel="https://api.w.org/", <https://maureenteenmomsfoundation.org/wp-json/wp/v2/pages/18>; rel="alternate"; type="application/json", <https://maureenteenmomsfoundation.org/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: b64_HTTP.200,b64_front,b64_URL.6666cd76f96956469e7be39d750cc7d9,b64_F,b64_Po.18,b64_PGS,b64_
etag: "2644-1669178580;br"
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Wed, 23 Nov 2022 04:43:00 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/lettereffect.css?ver=2.0.2
200 OK 112 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/lettereffect.css?ver=2.0.2
IP
Hash c6902b5d9311c1b49183a9da09d965e4
8614486eeaa8b31285dd3f7475e54b202d7cab2d
fe90c257d39d76298fdcdb241e7def8e4b14801b8f5cface438afb26573ac59d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/lettereffect.css?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 112
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/js/jquery-migrate-1.4.1-wp.js?ver=6.1.1
200 OK 7.6 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/js/jquery-migrate-1.4.1-wp.js?ver=6.1.1
IP
Hash 40a552264650ae1fd039094c79c171c3
4c622676b94add83ec05aa15e5067e6cbf825587
c7766cd38169afecbe6f3bbbb6b938bc61733e09af6bf4c7f72e0bafd0289ff1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/js/jquery-migrate-1.4.1-wp.js?ver=6.1.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7563
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/js/de_loop/ecs_ajax_pagination.js?ver=2.0.2
200 OK 1.1 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/js/de_loop/ecs_ajax_pagination.js?ver=2.0.2
IP
Hash 06aeda9297316a0f1c556fa7283ba248
99d725b1eab4c3fdb1fc6ac413dd26d3cb7bf28f
f0ce55e063f2a712dea2b03ee86dedadd1b7c45644a3a2f5b3a239b0c0a6b049
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/js/de_loop/ecs_ajax_pagination.js?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1094
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/js/de_loop/ecs.js?ver=2.0.2
200 OK 284 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/js/de_loop/ecs.js?ver=2.0.2
IP
Hash 447712f49ef92d24eda0381882e5f00b
b041299af91182f0d7a997769cd20e3a2f7ebef4
566d4c5dfefc9c4d867e6bef080917a4273b4228731a8700e81f1763eae3d861
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/js/de_loop/ecs.js?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-length: 284
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/js/jquery-1.12.4-wp.js?ver=6.1.1
200 OK 33 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/js/jquery-1.12.4-wp.js?ver=6.1.1
IP
File type ASCII text, with very long lines (31997)
Hash 75260f7e667f09fac3c4b4bb2c392d02
8e56ede8d9a186dadfc7426e5de3881ce38d10a5
62211511907724f3d8840e93cad3d2fc637a601dedb22be83b697a72b859c413
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/js/jquery-1.12.4-wp.js?ver=6.1.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32851
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
200 OK 953 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
IP
File type ASCII text, with very long lines (3164), with no line terminators
Hash 4a7d773f90facef221a9cfa11bdb2973
5ecb3100b641b2af7f7d56533a14b23fcaf15787
0fe42ed1de09f98dd0cc32f562d016a8d9cc13fcd0a0d407a11a66714c999fca
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:24:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 953
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
200 OK 8.6 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
IP
File type ASCII text, with very long lines (25115)
Hash 6369572b1e813b5bffa2fcfdfc562dfe
02e246dd700b936d04b340d1438f9237ef11b66f
13fc4473ecbd49a88182fe12c882271c1b7af1b100de36af4b4f994cb01851a1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:25:57 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 8614
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/js/lib/sticky-sidebar/sticky-sidebar.min.js?ver=3.3.1
200 OK 3.3 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/js/lib/sticky-sidebar/sticky-sidebar.min.js?ver=3.3.1
IP
File type ASCII text, with very long lines (11677)
Hash 282e93cc6f70605701f688502dd1deaf
35f8f552522229a15bda84def6cc886e59871255
e32c4eb4c9b7e629bab467be5c3a1fcb41dfa221b475bc3002c17612e8821f02
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/js/lib/sticky-sidebar/sticky-sidebar.min.js?ver=3.3.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3273
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/js/lib/jsticky/jquery.jsticky.js?ver=1.1.0
200 OK 1.3 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/js/lib/jsticky/jquery.jsticky.js?ver=1.1.0
IP
Hash 8a2581703509528c98fe2929a4112ae0
1c6fffac8dd29366b86aa02c9d08fe54b475be84
fc5ef8235d211576f96e824dc5798345a74c18b2a722ba062d9467e466a9f195
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/js/lib/jsticky/jquery.jsticky.js?ver=1.1.0 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1258
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
200 OK 2.0 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
IP
File type ASCII text, with very long lines (4918)
Hash 918938b0ee6977d6506f2e0fa248bd66
292ba27818bec580f76945b53fee4ff6cddcb2c2
a1da723cfdb1f8ea57aa7278637d07a83f39ff410dfbba24d8205882a110444e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2044
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
200 OK 10 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
IP
File type Unicode text, UTF-8 text, with very long lines (32907)
Hash 72fd7d7a61961996172a081cb3eed6cb
7f6d4dc14ef08153606c57d374fd50b685ba383d
757fe1355fa4c3eed3c286520c6af9d344ab9d15a78d8d54a17e7573f866b9be
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10425
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
200 OK 2.9 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
File type ASCII text, with very long lines (12198), with no line terminators
Hash 869caa171b68cbec9fee5abbfb944ee8
f237e485e41f88b77384cfdb880f9d5a8f46eac8
25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Wed, 11 Jan 2017 21:35:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2867
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
200 OK 2.4 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
File type ASCII text, with very long lines (6475), with no line terminators
Hash 4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2354
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
200 OK 6.3 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash fecbc00e8af71d8cfb678cd811c7cb2e
44e5dd77f62cb5c67271442b75cdff10d45f2f8d
d6f03fb4728d0c23251451df8d66b5107d3c87458dc624aacfbad437e99d01f1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 01:13:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6335
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
200 OK 1.6 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP
File type ASCII text, with very long lines (4875)
Hash 06a8ac0e71976bc143cfa7861a31169d
def6031fe13259bf17752661832d815e37068bf2
e6f42d97e7299522bbb002364128fdf72cd22263ca72c5edc41dcd8f4672cd33
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1575
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
200 OK 3.7 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP
Hash f7acc55c5b34188d3e66c5f2ecf3ba80
802270f7a221e406af63d622d364b119d912c15b
826c4e13764f5bf1bd0a17f2e693d943f8605df1024815f67f43694f4338b713
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sat, 24 Sep 2022 05:25:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3717
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.5
200 OK 5.5 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.5
IP
File type ASCII text, with very long lines (21374)
Hash 823eb1a5283dc1bddc0a093e835c5211
3411dc902cbc27d1293bf2fb3665c22fbab4f54d
c7a08617843a7329b7f6bc0f360cc4acadceaf2e8c576952c08df5461a57bb0a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.5 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5506
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.5
200 OK 6.4 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.5
IP
File type ASCII text, with very long lines (24339)
Hash 9ab38a2c48a454c5f882a234f1f18a2f
da3f9b1c100f008c6d81cf94a7d197bd359c9eb4
0a00aa701e58b3533ce97e42e6c8865994befaa7de8d0051b0130482c16c090f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.5 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:25:57 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 6374
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/anime.min.js?ver=6.1.1
200 OK 7.0 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/anime.min.js?ver=6.1.1
IP
File type ASCII text, with very long lines (17638)
Hash 8235314cc23cb3b9cdffad5e255d7706
3ce44a556f14a8f37f553a19dee06c51a580a6a1
c1041070b9c81f673c25de194e03f491d5c678c3251014350f801ae50d7f8623
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/anime.min.js?ver=6.1.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6960
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/scrollMonitor.js?ver=6.1.1
200 OK 2.4 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/scrollMonitor.js?ver=6.1.1
IP
File type ASCII text, with very long lines (8765)
Hash d6aab6cf0aae0ef64db2aa23af7170aa
36d7590451a888764cbac6101f525d1b0bb9cba5
f9d6554daeba75926df449ffc1a05e35afcb5b03624b4f39b7fb4294ff067623
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/scrollMonitor.js?ver=6.1.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2425
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
200 OK 12 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 00:32:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de_staggering/animate.css?ver=2.0.2
200 OK 5.6 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de_staggering/animate.css?ver=2.0.2
IP
Hash 49b3007abf37126ff5fa04b295d4e63d
8437e74336c44eb376f61f25dd66b4230f9c318e
9968d6419c4e99859c4559fd6b93b55b3028ab5d540b14cd3a2a4a686800fb75
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de_staggering/animate.css?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5601
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/pater.css?ver=2.0.2
200 OK 638 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/pater.css?ver=2.0.2
IP
Hash c16ea9075932d54a1b602363185d449e
e419c2e703fcdeba219c04b24de684e5fe0d71ce
5b855026dfd1b3eb4348de93f80798bbdb93889e99bd582384a859a82542dd8e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/letter/pater.css?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 638
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-includes/css/classic-themes.min.css?ver=1
200 OK 217 B URL HTTP/2 maureenteenmomsfoundation.org/wp-includes/css/classic-themes.min.css?ver=1
IP
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 23:15:16 GMT
accept-ranges: bytes
content-length: 217
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/elementor/css/post-500.css?ver=1663746670
200 OK 366 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/elementor/css/post-500.css?ver=1663746670
IP
File type ASCII text, with very long lines (1264), with no line terminators
Hash 08b1035013524abd274c9ddbea8a1671
23330416034ad813bab9246eb24a948ec91e4e4b
769cd98b73f0df5fb31eb95b71196467ceffbcfe93204c8231bc49b268390fd3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-500.css?ver=1663746670 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Wed, 21 Sep 2022 07:51:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 366
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1
200 OK 12 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1
IP
File type ASCII text, with very long lines (65497)
Hash eae4534b9e0b15aaf7ad9f3111688549
4bde4256711207e4a95c1376f0b453cd660a63d8
b9adb98eaf24ecee30ef9b280527781e217f6e3829b8e22e5a42f7f14819cfec
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12400
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
200 OK 3.6 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP
File type ASCII text, with very long lines (19233)
Hash af3bdf44d09914e8adb51fec560d8816
84bb225e096bab405868dd504e62133ba75cf1c1
4325dab21d3eb9efb8e285a0926be743f27e46446ccf5f9be65bb4b60c024152
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Mon, 01 Aug 2022 04:11:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3629
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13
200 OK 259 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13
IP
Hash 49736e2d926fb2846e2df8fc0a1b69f8
0c415addd3603df8843209de4fc448ef5c443761
be091ce2d9948f24a59c9d1578557cd92e8180e2318dc0a21308ca180071f8d0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:28:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 259
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.5
200 OK 1.5 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.5
IP
File type ASCII text, with very long lines (11487)
Hash f46bf4b37c916ff3c3b4fe30de12500b
d1d94d65e494933d4d751be5f0c85ec49f955874
8ab5bb9e5f2270b365b7010b56307f005b86fedd43d11b7dd831898074552274
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.5 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:25:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1533
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de_staggering/de-staggering.css?ver=2.0.2
200 OK 1.8 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de_staggering/de-staggering.css?ver=2.0.2
IP
Hash e2fd013fc857a6117bfc8b9f149ea59d
0d6981e994ee7a264a0081f858aa5f5ae412a24e
072af67c9f9e9ee60dda12cf1728ee3f49ec0e92823db39dc47c3752b2765436
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/css/de_staggering/de-staggering.css?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1789
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/css/de-sticky-frontend.css?ver=2.0.2
200 OK 153 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/css/de-sticky-frontend.css?ver=2.0.2
IP
Hash e0de9859ada027378d637d7097483c33
7dbbd8fc412239432f159abc2d7e2d4562547edf
29271c346459876e4c098f65853e88685fb1953c07e04975b7522976592f00b9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/css/de-sticky-frontend.css?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 153
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/css/de-product-display.css?ver=2.0.2
200 OK 909 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/css/de-product-display.css?ver=2.0.2
IP
Hash d16b37efb8133448e0d3f06a6a56ab0f
5a7c7736965cf35da09d840a858d44fdb2d05174
30e5d152d454d3db3f07c20aca7ed50646f3cdd6a16d7cbd7ff3f8868ca6db21
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/css/de-product-display.css?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 909
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/elementor/css/global.css?ver=1663746674
200 OK 3.5 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/elementor/css/global.css?ver=1663746674
IP
File type ASCII text, with very long lines (12684)
Hash 455d4f2fd0769225352edd04b3a04b58
fcdd6f7122752f1ee1a3837d1889ccebfaffd467
601e60979fd73300d9b0a0a5c94e54604f8ed0045dc23c283985467fcf74a95d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/global.css?ver=1663746674 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Wed, 21 Sep 2022 07:51:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3514
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/elementor/css/post-18.css?ver=1667996516
200 OK 6.9 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/elementor/css/post-18.css?ver=1667996516
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5c924368254ec5981c70c98dd5f0f5d2
ebb90c1f6ad8e98758c429edda477f9ce823004c
609eea98b918cddb911d7ef64db6248068a5ed3ee36014ba1064baa1197a4692
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-18.css?ver=1667996516 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Wed, 09 Nov 2022 12:21:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6903
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/elementor/css/post-498.css?ver=1667990040
200 OK 1.7 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/elementor/css/post-498.css?ver=1667990040
IP
File type ASCII text, with very long lines (10355)
Hash 8fe1f4a6855eed8ce0dab8bffc411ec0
9417da5e00e65126d8b9b830f42f4b5d474da8ea
819088389af0de17a0cde92f2c02bddf81b7629ea2def8485f94b8ff306f5f69
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-498.css?ver=1667990040 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Wed, 09 Nov 2022 10:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1737
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.13
200 OK 7.4 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.13
IP
File type Unicode text, UTF-8 text, with very long lines (1646)
Hash 806afc62d640eb03fccbd5fe46ed8666
31259bb9e403fbe379125ea0c562ac11d76dc4d7
f7ceb3661377e98e71ccebe4d91336ac77e4e62a84bff79a1e6f865f3d00c26f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.13 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:28:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7374
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/elementor/css/post-504.css?ver=1667990184
200 OK 1.1 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/elementor/css/post-504.css?ver=1667990184
IP
File type ASCII text, with very long lines (9252), with no line terminators
Hash 5065bed142e03ebe2dd42432e7e6a268
ab96537e6ccf5b5416c767929966ecffaac4d57d
3ed6fc72433ca9d8ed76d6cf4f0e7b149ebd996f0edf50453349b9c71243d54b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-504.css?ver=1667990184 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Wed, 09 Nov 2022 10:36:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1099
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
200 OK 2.4 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
IP
File type ASCII text, with very long lines (15672), with no line terminators
Hash 0c53a727a9801d2d872125ab96be97df
40616b12b4a9f2e4533f9adc6f965ca2b44581e0
8a69f47fdb908591cba1faa64f3807cbb3b82e12f0fe099c6bcbd31213f3bea9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:24:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2418
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
200 OK 1.7 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
IP
File type ASCII text, with very long lines (6051), with no line terminators
Hash cfe4870b943b2ade39a643e3a3d6d809
f1f4e04c908b19fa0a5a5b09de5b6b1dfc113f05
00f239a7fb673f1d8ab2db67b74e0bae64d103e520ee209c18e21b5bff3fb509
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/hello-elementor/style.min.css?ver=2.6.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:24:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1711
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/css/simple-line-icons.css?ver=2.0.2
200 OK 1.9 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/css/simple-line-icons.css?ver=2.0.2
IP
File type ASCII text, with very long lines (360)
Hash 48d1e5ab0597152d3e71c48cb6470255
0fe86085d37c7d5d0c7dc0ea7d5512c92f9412ad
a758def725a541227e77d9854a4fcedce0ea2c96bd76012725c05371130cc9ce
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/css/simple-line-icons.css?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1855
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/css/htflexboxgrid.css?ver=2.0.2
200 OK 1.6 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/css/htflexboxgrid.css?ver=2.0.2
IP
Hash e23d143f3c5063516c4c6960cc0c5459
81d472a7b524f4b3c6c1c945b55ad26e3afc4a04
88675745109b545aa0d3998489e3dbf389967b67dcdf5fec098f78eb353dda8a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/css/htflexboxgrid.css?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1643
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/css/dethemekit-widgets.css?ver=2.0.2
200 OK 13 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/css/dethemekit-widgets.css?ver=2.0.2
IP
File type Unicode text, UTF-8 text, with very long lines (347)
Hash 4a4a916352c51a1a660419e92187cde1
bda6d01cd54a0874fbb2e47b7692d20c687eecdb
b910add2d33da25dd58c802588a81d3241348603393a8641836898101f22e637
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/css/dethemekit-widgets.css?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13439
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/css/slick.css?ver=2.0.2
200 OK 473 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/css/slick.css?ver=2.0.2
IP
Hash 17265c4988f4c1c4a9873fd06cf8687c
8eae27c19a7d9a1a763420e2312106d687f4a97c
e4fc89bbfbf516423de7ffa2cfb1127dd0ebea632596423ad43cff5873267545
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/css/slick.css?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 473
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/css/dethemekit-de-carousel.css?ver=2.0.2
200 OK 250 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/css/dethemekit-de-carousel.css?ver=2.0.2
IP
Hash 6adf0c719023dd3b74484fd4c19f906b
55740a1dc902842371352ee44e9a728aac58b481
929373f31fb10dbdae47b9e35b087ed3de164eaf9a101aca6ba5a5791e75e414
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/css/dethemekit-de-carousel.css?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 250
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
200 OK 6.7 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP
File type ASCII text, with very long lines (30837)
Hash 5dbbe85d6a3308dceb97d91b740b0f11
3f70abf9963371962665167f98ba52365481496d
751d4fdd16bd33cc9c93bcaadcd316922ca9bbd74cb6a9e1705c8bef4330dabf
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Thu, 27 Jun 2019 15:54:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6657
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/css/de_loop/ecs-style.css?ver=2.0.2
200 OK 1.6 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/css/de_loop/ecs-style.css?ver=2.0.2
IP
Hash aa6bedc95241dbc195311b2d46063c66
51726e27abf011c8ac216c7c727ca53f8e34cfb0
d5759513eea1370d829addaedd3aef6a3c8473649f1a6c123794e262271d29c9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/css/de_loop/ecs-style.css?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1619
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
200 OK 12 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP
File type ASCII text, with very long lines (57726)
Hash f463afd8661ddc733305df1f0cbdaff2
77262f0209e75e340eb7014aba9cd8d69966032f
c4b6541be58a0ca61549cd4562850315077880c459c019f01e835cf2d7b764de
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12133
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
200 OK 286 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP
File type ASCII text, with very long lines (483)
Hash 8828fa3c5bdcfa66615714a2b8c9d807
4f556d0b005ac7754af607418df445f8cf98e8b1
16950dcce60bc3ee2613b60439c99e7ed74d10245f59fe6f68346b7e72dd95e7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 286
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/css/widget-animated-headline.min.css
200 OK 1.9 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/css/widget-animated-headline.min.css
IP
File type ASCII text, with very long lines (19239)
Hash 071db5358836cf29e7a40618431e3ada
9cb0557720270272ffcd30633c2f9202acef54d4
c49b274afb8733c69ad98e37aabe81bb3282d94d633acf792990f2210be90ee8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/widget-animated-headline.min.css HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1915
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
200 OK 906 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
IP
File type ASCII text, with very long lines (11736)
Hash dfa4e3add9f185eaf959509b12a3f2f2
e9fcec09acb8cb18203b3c9c4133ab808576df38
060ede880f21b0bfe96d2e2b5f36606cef794e7e8814d1baf877c4868eca8a43
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 906
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
200 OK 284 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP
File type ASCII text, with very long lines (489)
Hash dc279c928e2924b07a4a7575f8070ee8
0196756cacdb61ef40483af7ea982b699b0933de
80b6d9e3f0304f4199350c6015fd96084646c2a0121332bcb5a46d3956b7df5c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 284
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
200 OK 283 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
IP
File type ASCII text, with very long lines (491)
Hash 453a93dc816be89f942ebb253ff199fb
01563d6019803e3ff2a94c5397e7e771ee6f440d
36beebcd3778e04c8973faa581d07c7e7dc0bac2a77f637379e7d110383ab5d7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 283
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/css/widget-icon-box.min.css
200 OK 755 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/css/widget-icon-box.min.css
IP
File type ASCII text, with very long lines (12953)
Hash 06f8182eaed70ee34f2eb64a5a2cb622
6778128d838f10f7aceb856516ea7064fcf9a082
8581e0bfb9d213aba6a15eb2d4937ac1c34a4e35a6f5cf7254b97db713f33b1a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/widget-icon-box.min.css HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 755
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css
200 OK 3.3 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css
IP
File type Unicode text, UTF-8 text, with very long lines (29357)
Hash 867294a27fe772ecb2a172eac0b52b58
269942fd15a57d663011c1974970e3923b2f18db
78687b10bb133dff1943e242750a3d1af7ca77b329cc627bb05ba4169909a64b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3343
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/modules/controls/assets/css/dticon.css?ver=5.9.0
200 OK 3.0 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/modules/controls/assets/css/dticon.css?ver=5.9.0
IP
Hash d8643d248b93d0f780d72efd8c62179d
854ed42307f7077b8bebd425eae3018995887aeb
f19057f87e45f89aa1f8073f381cce76b3321504d708de82b437a56a43b26ca5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/modules/controls/assets/css/dticon.css?ver=5.9.0 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2982
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/css/widget-call-to-action.min.css
200 OK 1.3 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/css/widget-call-to-action.min.css
IP
File type ASCII text, with very long lines (11352)
Hash e07d16f9e9b6d4e1ecc5c4557c4b8ee4
6938b2702466d1aeb611d1495bc9dc3c468d1573
4da8ec2eb115d017ead7092250228a3866a4075b3a00e9d03176299752155815
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/widget-call-to-action.min.css HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1306
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/css/widget-carousel.min.css
200 OK 3.4 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/css/widget-carousel.min.css
IP
File type ASCII text, with very long lines (36838)
Hash 45fba095b78683d72aa276fd675119d2
66147a585aec23a69c75d7732c81dc2b28765fdf
f5eae036be13821c889aece38e07b84482f1149838394a6ada288322ab2e904e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/widget-carousel.min.css HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 08:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3375
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/elementor/css/post-462.css?ver=1663746677
200 OK 791 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/elementor/css/post-462.css?ver=1663746677
IP
File type ASCII text, with very long lines (4576), with no line terminators
Hash ea4487a3b8f78356e4e607cdd88ac574
76ddc654ca449ba2604b1ccc5dd512e48a4b9e33
ac08b81803e22613edc1e9693bcf9688ba69cbb7ab2b6357b29020283b1f2d6c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-462.css?ver=1663746677 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Wed, 21 Sep 2022 07:51:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 791
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1
200 OK 677 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1
IP
File type ASCII text, with very long lines (1801), with no line terminators
Hash db051acb4889a24419e22987f52524e0
9203ad9b9d24b786801743b1e007e52980d5bed1
09a2aeba1874512f5c34d52f523ac86bebb479dbc02f0875e7e1ba1d63783908
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2016 21:32:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 677
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1
200 OK 2.4 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1
IP
File type ASCII text, with very long lines (10019)
Hash d2db71c82a8f672aea59a3e050cd8cd7
af626566f94b3164e4310288cfb142431e8349a6
bcd2c9c2ba22a48a8fabf9fbe5e947deb6404367e4be24f48326e302aead1180
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Tue, 13 Mar 2018 15:48:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2442
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-includes/js/imagesloaded.min.js?ver=4.1.4
200 OK 1.7 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP
File type ASCII text, with very long lines (5477)
Hash fa921f07ecc438baf227765de450e215
1fdd49d8bb681cb118ea8d67d4fc61b0ad46cc95
b2cc68637048b04952a2f33163f64571145dbe0817a14c68fe6f1661bd81091f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 14 Jun 2020 04:23:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1733
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/js/lib/ResizeSensor.min.js?ver=1.7.0
200 OK 817 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/js/lib/ResizeSensor.min.js?ver=1.7.0
IP
File type ASCII text, with very long lines (2233)
Hash d3104cf8468ca00176920b7c4e2c554b
eb859020885dfd7b032415e2bbe745638dd6f49c
7c35268da02ab9086033602e9377e028cf826173328ca1a20426a20f1874e36c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/js/lib/ResizeSensor.min.js?ver=1.7.0 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 817
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/flatpickr/flatpickr.min.css?ver=4.1.4
200 OK 2.8 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/flatpickr/flatpickr.min.css?ver=4.1.4
IP
File type ASCII text, with very long lines (13854)
Hash cb9fce51a4520ec85fd5cd954f2483bd
d0d2821677915b6c1e71331d870ff00d169f6789
5a3a040e0f10e4f5f3ee31b0b87376203a92f9fa8187eb58b77a9a68f2cd8a26
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/flatpickr/flatpickr.min.css?ver=4.1.4 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: text/css
last-modified: Thu, 04 Jan 2018 20:08:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2760
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
200 OK 12 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
IP
File type ASCII text, with very long lines (40474)
Hash cf45d3e8044770ba8eabf3833e30fdbe
90f787b69fa2f83b87c28f3caa67985b04b333bd
c83321c916d9ca392150cf727108c0927ce9394be70e9b08920cff666f823fb4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11702
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:43:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:43:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maureenteenmomsfoundation.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:34:08 GMT
expires: Thu, 16 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 551334
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:43:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/atma/v15/uK_z4rqWc-Eoo5pyGjA3Pw.woff2
200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/atma/v15/uK_z4rqWc-Eoo5pyGjA3Pw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 22672, version 1.0\012- data
Hash bbba732a2bc516c71091c40696ca9d1a
4fb96b602e27b975eda4376282d35242c96d33d5
7b8e563b0734c6266d383b08388c20cc4c6553b21d7990ca774ae902e0caab33
GET /s/atma/v15/uK_z4rqWc-Eoo5pyGjA3Pw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maureenteenmomsfoundation.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22672
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 08:37:48 GMT
expires: Thu, 16 Nov 2023 08:37:48 GMT
cache-control: public, max-age=31536000
age: 590714
last-modified: Tue, 19 Apr 2022 19:50:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:43:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:43:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 17336, version 1.0\012- data
Hash eec8dbfc49267c4d33cf31b49661bf37
0f49d4563cf9e22e3af6907d0785b9a6facadbf0
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maureenteenmomsfoundation.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:48:16 GMT
expires: Thu, 16 Nov 2023 19:48:16 GMT
cache-control: public, max-age=31536000
age: 550486
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 17032, version 1.0\012- data
Hash 05a47f9e469d408c629f931cd33ff8b2
823f21f7b1d456db889c3afea393f0d2b9581c38
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maureenteenmomsfoundation.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17032
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:51:10 GMT
expires: Thu, 16 Nov 2023 19:51:10 GMT
cache-control: public, max-age=31536000
age: 550312
last-modified: Wed, 11 May 2022 19:24:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maureenteenmomsfoundation.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 18:56:18 GMT
expires: Thu, 16 Nov 2023 18:56:18 GMT
cache-control: public, max-age=31536000
age: 553604
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maureenteenmomsfoundation.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 18:53:49 GMT
expires: Thu, 16 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 553753
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maureenteenmomsfoundation.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 14:07:32 GMT
expires: Thu, 16 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 570930
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/atma/v15/uK_z4rqWc-Eoo7Z1GjA3Pw.woff2
200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/atma/v15/uK_z4rqWc-Eoo7Z1GjA3Pw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 22888, version 1.0\012- data
Hash 90a5dde0dbd52dcaf6d7551736cb5f45
4e7c39265662c24e3c3a3d040b0217937b3dd846
7b390b54a0de9f01d2ee70c7db09e03df6879fe13980c72e4e4800c97e6ef366
GET /s/atma/v15/uK_z4rqWc-Eoo7Z1GjA3Pw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maureenteenmomsfoundation.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22888
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 17:24:00 GMT
expires: Fri, 17 Nov 2023 17:24:00 GMT
cache-control: public, max-age=31536000
age: 472742
last-modified: Tue, 19 Apr 2022 19:52:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/atma/v15/uK_z4rqWc-Eoo9J0GjA3Pw.woff2
200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/atma/v15/uK_z4rqWc-Eoo9J0GjA3Pw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 21896, version 1.0\012- data
Hash dea06f7eaebe180c839f95fd697ec17e
673dd132b9450890e918fa634e5640b713513e0c
b95ceae1d01d5bc1dc6de561ec60dba52b96e0d70a7923bf2c0324dc21882d14
GET /s/atma/v15/uK_z4rqWc-Eoo9J0GjA3Pw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maureenteenmomsfoundation.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21896
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 13:28:12 GMT
expires: Thu, 16 Nov 2023 13:28:12 GMT
cache-control: public, max-age=31536000
age: 573290
last-modified: Tue, 19 Apr 2022 19:13:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ibmplexserif/v15/jizAREVNn1dOx-zrZ2X3pZvkTi2k_iI0q1s.woff2
200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/ibmplexserif/v15/jizAREVNn1dOx-zrZ2X3pZvkTi2k_iI0q1s.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 19000, version 1.0\012- data
Hash 39934c3633b0756b4cb020a50ce22dab
8e2bd56c34c35c87316e2630d24d7fd9ee832497
0785c4cd06f62b2602c900e69fc97e4ec8ab66af221a21cdc47fb00b2c73b9f7
GET /s/ibmplexserif/v15/jizAREVNn1dOx-zrZ2X3pZvkTi2k_iI0q1s.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maureenteenmomsfoundation.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 21:51:03 GMT
expires: Thu, 16 Nov 2023 21:51:03 GMT
cache-control: public, max-age=31536000
age: 543119
last-modified: Tue, 26 Apr 2022 15:46:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/flatpickr/flatpickr.min.js?ver=4.1.4
200 OK 12 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/flatpickr/flatpickr.min.js?ver=4.1.4
IP
File type ASCII text, with very long lines (43546)
Hash a9dee9b19d05e645aa8525c7ff661748
f480a7f3871223f441ab4d97de5c3dc8ae2dddc4
c17a109e2032c687883da822ece8998ca38c73e2e1b790c36f99d9dad5387634
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/flatpickr/flatpickr.min.js?ver=4.1.4 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Thu, 04 Jan 2018 20:08:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11707
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/bdthemes-element-pack/assets/js/common/helper.min.js?ver=6.5.0
200 OK 171 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/bdthemes-element-pack/assets/js/common/helper.min.js?ver=6.5.0
IP
File type ASCII text, with no line terminators
Hash f6557f77704f2228893447994e264e47
3b78ec86f4b6d4623fe196f44d873126cfd84935
67c1138bb5d4c86e74840e9d1efb9e383de860ce91d2205380c7e64897e2a6fb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bdthemes-element-pack/assets/js/common/helper.min.js?ver=6.5.0 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:26:49 GMT
accept-ranges: bytes
content-length: 171
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
200 OK 6.8 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 3d0ff0f6731d9cef860af9a5a0e3ce62
13aed444304d782039e261475c8b4450b83e743e
e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sat, 24 Sep 2022 05:25:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6800
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/js/de-active-icon-box.js?ver=2.0.2
200 OK 691 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/js/de-active-icon-box.js?ver=2.0.2
IP
Hash 6faca95ebbbcbf558d9dac40d3f935e6
8f025302b750fa577a3b981382d8d286867b9a20
9bde2004fa9858be56263bd5a71f6437abc1f9c3b228784a84c92ebd441fc6c2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/js/de-active-icon-box.js?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 691
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.5
200 OK 2.2 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.5
IP
File type ASCII text, with very long lines (5141)
Hash f7e0a37c94bffceac208735a7425094e
9e6d03e9ce6da26f4966c57e817bb0662347f752
ef6316f8babaf5c952916e9e232257e298742d9d1c576fb28dcf83c5b3b85678
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.5 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2188
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/js/de-active-column.js?ver=2.0.2
200 OK 731 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/js/de-active-column.js?ver=2.0.2
IP
Hash 015a38e97d01849fc9abd473c717882d
e98e13bf38427f6d0570908c40f0d6da5c0778ad
ac561c51525fb2bf712ea5c4b9dadecca74535f9d03bfa9c4e126b6fec93d2ee
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/js/de-active-column.js?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 731
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/js/de-sticky-frontend.js?ver=2.0.2
200 OK 2.0 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/assets/js/de-sticky-frontend.js?ver=2.0.2
IP
Hash e07a115a9719cc1323ff57f630b8ea4e
53b3e651fe9b779b19324f6529ffcec2c7db1d41
fb25e0169ae0f29eeba8cf14927914894bb681fcddd2c9d35e13bca610ac5502
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/assets/js/de-sticky-frontend.js?ver=2.0.2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1959
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.5
200 OK 1.5 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.5
IP
File type ASCII text, with very long lines (3703)
Hash 7a67ac94b6ebafd94c82dfa591065fdc
5190d1ef32403a4ad195ece088c0fba145562f13
2bd8dfe375603969948af382eb62f2957f2c51bfe8fd1db0c2f64af284cb0107
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.5 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1477
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_scroll_animation.preview.js?ver=6.1.1
200 OK 2.8 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_scroll_animation.preview.js?ver=6.1.1
IP
Hash 92091342b248582a5a7edab373728b94
c0eceb9bb872daee2b12fc55e42637d8617e6221
67759cd9fb3b0a2fe7e276fe2d42cad267bcfd12c936d27f19114ff9b0ca087a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_scroll_animation.preview.js?ver=6.1.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2820
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:43:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/intersectionobserver.js?ver=6.1.1
200 OK 6.2 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/intersectionobserver.js?ver=6.1.1
IP
Hash a5a4277d316ae18d6d6b6287a1e53431
eddf87e23725c0a3858363fd507eba099318c4a0
e0081f9b1c4cc16d52dd3b13e5a3acac11f4c903cf4986ee843342f2a8103544
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/intersectionobserver.js?ver=6.1.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6226
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/charming.min.js?ver=6.1.1
200 OK 300 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/charming.min.js?ver=6.1.1
IP
File type ASCII text, with very long lines (527), with no line terminators
Hash 86d202b1478e54c9803075674b9a6571
5960323a335f598bf3f7e2000f43c2237e1f2ddd
4502336054f32e9ee9500e8d54f9ab1886c25d4a6b06c1a80c8822147c90e95c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/charming.min.js?ver=6.1.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 300
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/lineMaker.js?ver=6.1.1
200 OK 2.9 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/lineMaker.js?ver=6.1.1
IP
Hash 4409c5774b9912caca56a9cd5a5bcf57
d40e9820b48e2d40695c8adc4eda46b055b8fc40
89432e3ae84152f88057285e7516ec93221c4cd18e59cfe5851ea69dc6d9252d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/lineMaker.js?ver=6.1.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2934
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_staggering/de_staggering.js?ver=6.1.1
200 OK 2.5 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_staggering/de_staggering.js?ver=6.1.1
IP
Hash 3aae69a032a218084edbfacad3f2c4f4
8f43b971d9198cefd2fb8fa5a0fdecef08be1f4e
ef698836100a1a6adedf59039a472ee5af560ea6a3a5e7590611bc00197ca69d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_staggering/de_staggering.js?ver=6.1.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2456
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/main.js?ver=6.1.1
200 OK 2.0 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/main.js?ver=6.1.1
IP
Hash 7e682df7fadb342a282e400bf0f62229
fc8696106c068618a5e3a77de1cab78f4febfe67
5b76829395ed3ca7a6d550e6c7b7e2279da6da4c9080e7ea3cf8e22e69a90274
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/main.js?ver=6.1.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1992
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
200 OK 4.6 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/textfx.js?ver=6.1.1
200 OK 2.2 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/textfx.js?ver=6.1.1
IP
Hash 3f75026f50e426d6c82a190a79dc565b
ede0fa597f667f6ca58c8391c10740113f8b5cd6
3999e9614fae0928a8ac9b1e169b0ad53a1e868cb4eaf3aa29570e500df785c5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/textfx.js?ver=6.1.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2231
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_reveal_animation.preview.js?ver=6.1.1
200 OK 5.9 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_reveal_animation.preview.js?ver=6.1.1
IP
File type ASCII text, with very long lines (409)
Hash 4d234452dcd6728bfc51dcdb7c69df36
61cf1201b800e9e3668372ba7309c3ca5372bcd4
42839a70cd5137b51b4eef795f3c00fd99d60e4cd374dcc3582f2b2de17a2495
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/de_reveal_animation.preview.js?ver=6.1.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5909
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/imagesloaded.pkgd.min.js?ver=6.1.1
200 OK 1.7 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/imagesloaded.pkgd.min.js?ver=6.1.1
IP
File type ASCII text, with very long lines (5324)
Hash 588e9ee684a11118093c1ddc3cf47755
013006ecb44acc83a334d7302530ea3cc4c0bbaa
92e7e770163ed3964bdbd8e8ecc3c0d7441efd4fdb11646cbd769f3598701e2f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/includes/ext/sina/assets/js/letter/imagesloaded.pkgd.min.js?ver=6.1.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1670
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/elementor/thumbs/visit-mother-with-baby-in-hospital-talking-pediat-2022-05-19-17-14-05-utc-min-scaled-pxgg8g4ilegieb7b4vt7dqyc804zw3ymy4cwtlwsis.jpg
200 OK 60 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/elementor/thumbs/visit-mother-with-baby-in-hospital-talking-pediat-2022-05-19-17-14-05-utc-min-scaled-pxgg8g4ilegieb7b4vt7dqyc804zw3ymy4cwtlwsis.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 800x650, components 3\012- data
Hash 9c18da224fc8a67d7e21785cec2bc9c8
4a0bc0710d9c2965818076b555b98c0f61a39cbd
8f85d04a9261664a6857150ac0398e2cb2b13688283e17e5f3a7c5c0a0a691c3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/visit-mother-with-baby-in-hospital-talking-pediat-2022-05-19-17-14-05-utc-min-scaled-pxgg8g4ilegieb7b4vt7dqyc804zw3ymy4cwtlwsis.jpg HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: image/jpeg
last-modified: Wed, 09 Nov 2022 11:30:32 GMT
accept-ranges: bytes
content-length: 60270
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/elementor/thumbs/loving-african-american-husband-with-pregnant-wife-2022-02-02-03-58-08-utc-min-scaled-pxghr0n4xfl7fmaetold6dfzvjyz2y5sndeajlb0qw.jpg
200 OK 34 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/elementor/thumbs/loving-african-american-husband-with-pregnant-wife-2022-02-02-03-58-08-utc-min-scaled-pxghr0n4xfl7fmaetold6dfzvjyz2y5sndeajlb0qw.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x500, components 3\012- data
Hash 402c2870d8143260c62f374a6c3fb24f
c5856a396b76379c0a03dc34acb2a5b3a2cdd532
f2ef6380c1886e2f3ae4051d45f74bcfe5d63b9c50fe4bef45aefc9f1ea5cec3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/loving-african-american-husband-with-pregnant-wife-2022-02-02-03-58-08-utc-min-scaled-pxghr0n4xfl7fmaetold6dfzvjyz2y5sndeajlb0qw.jpg HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: image/jpeg
last-modified: Wed, 09 Nov 2022 12:05:26 GMT
accept-ranges: bytes
content-length: 34130
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/elementor/thumbs/sitting-on-the-yoga-mat-beautiful-pregnant-woman-2022-11-04-03-29-22-utc-min-scaled-pxghz17nna5o4ib06jqmp458pdc4bfe0g4cj7awksg.jpg
200 OK 71 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/elementor/thumbs/sitting-on-the-yoga-mat-beautiful-pregnant-woman-2022-11-04-03-29-22-utc-min-scaled-pxghz17nna5o4ib06jqmp458pdc4bfe0g4cj7awksg.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 800x800, components 3\012- data
Hash 0165f57f3687e95ced0bd3b42cd1c265
f7e8bb2fc568de7b472bba6536bb0f7baac61bb4
3094af22c7c462f97e403ad35f5f4eed01f53744d8f4b6292ed4e32070c56f17
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/sitting-on-the-yoga-mat-beautiful-pregnant-woman-2022-11-04-03-29-22-utc-min-scaled-pxghz17nna5o4ib06jqmp458pdc4bfe0g4cj7awksg.jpg HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: image/jpeg
last-modified: Wed, 09 Nov 2022 12:10:39 GMT
accept-ranges: bytes
content-length: 70789
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/elementor/thumbs/girl-with-canadian-flag-2022-11-07-05-56-03-utc-min-scaled-pxggp7kwh1fg4uv6r8odn6fa656y2mh35bfdyoui4g.jpg
200 OK 71 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/elementor/thumbs/girl-with-canadian-flag-2022-11-07-05-56-03-utc-min-scaled-pxggp7kwh1fg4uv6r8odn6fa656y2mh35bfdyoui4g.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 800x800, components 3\012- data
Hash 5657e2d96ecacaeee534f3d7e4694dc2
4a85cdb53a06675916bbc03221f135bec15222da
8ec1c6405f81b60519b2c7ec3794eda188093fd20a96874577c86cc273498628
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/girl-with-canadian-flag-2022-11-07-05-56-03-utc-min-scaled-pxggp7kwh1fg4uv6r8odn6fa656y2mh35bfdyoui4g.jpg HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: image/jpeg
last-modified: Wed, 09 Nov 2022 11:41:56 GMT
accept-ranges: bytes
content-length: 70988
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/elementor/thumbs/woman-with-a-pregnancy-test-2022-09-16-09-25-35-utc-min-scaled-pxgi7wss6yb5rxescdvs8vhyodkx0imr025mddqq0w.jpg
200 OK 101 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/elementor/thumbs/woman-with-a-pregnancy-test-2022-09-16-09-25-35-utc-min-scaled-pxgi7wss6yb5rxescdvs8vhyodkx0imr025mddqq0w.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 800x800, components 3\012- data
Size 101 kB (100829 bytes)
Hash 100f35a99829599e117290b3bdfb173b
ba1496ef3cb4760cb68dbecf885daacb3620948b
07abc957ba6551d5d94ece62a5d092518dc2679cdbe7b463368681813b36b50b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/woman-with-a-pregnancy-test-2022-09-16-09-25-35-utc-min-scaled-pxgi7wss6yb5rxescdvs8vhyodkx0imr025mddqq0w.jpg HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: image/jpeg
last-modified: Wed, 09 Nov 2022 12:16:23 GMT
accept-ranges: bytes
content-length: 100829
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets//mask-shapes/circle.svg
200 OK 128 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets//mask-shapes/circle.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash e662e6d5164fa486edced00fabc1f639
05ee616825a8c7d53c149e9ab45cf8be1c97b400
25b6e61c5526b58e2739ec03b54702de8668ed9da146c1fed844a5ad177151df
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets//mask-shapes/circle.svg HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/wp-content/uploads/elementor/css/post-18.css?ver=1667996516
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: image/svg+xml
last-modified: Sun, 21 Mar 2021 17:05:58 GMT
accept-ranges: bytes
content-length: 128
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/2022/11/african-american-lady-feeding-her-child-from-baby-2022-10-07-02-13-34-utc-min-1024x683.jpg
200 OK 56 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/2022/11/african-american-lady-feeding-her-child-from-baby-2022-10-07-02-13-34-utc-min-1024x683.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x683, components 3\012- data
Hash 8861d14dfa4fa3260dc0992c97f08a03
2355bb862d250f23420f3c561e91b1eecd980d54
be8903ee4f1e172167e11b42462e94c63bb5392e3d019c5e975d15099feb4f8e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/african-american-lady-feeding-her-child-from-baby-2022-10-07-02-13-34-utc-min-1024x683.jpg HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: image/jpeg
last-modified: Wed, 09 Nov 2022 12:00:01 GMT
accept-ranges: bytes
content-length: 56222
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/2022/11/a-female-doctor-explains-the-physical-characterist-2022-10-06-04-28-48-utc-min-1024x576.jpg
200 OK 62 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/2022/11/a-female-doctor-explains-the-physical-characterist-2022-10-06-04-28-48-utc-min-1024x576.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x576, components 3\012- data
Hash 769e26940fbcc38163d7b118b1113044
fb0445b2167a542cf03f61a24707664106e181af
6211cd681c4d7c2a2c37001613751b51cc39d922b94a9eb84ec388abf49a6692
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/a-female-doctor-explains-the-physical-characterist-2022-10-06-04-28-48-utc-min-1024x576.jpg HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: image/jpeg
last-modified: Wed, 09 Nov 2022 11:54:41 GMT
accept-ranges: bytes
content-length: 62083
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
200 OK 13 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Hash f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: font/woff2
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-length: 13276
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/2022/11/black-teen-and-young-adult-brother-and-sisters-smi-2021-08-26-16-15-05-utc-min-1024x683.jpg
200 OK 114 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/2022/11/black-teen-and-young-adult-brother-and-sisters-smi-2021-08-26-16-15-05-utc-min-1024x683.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x683, components 3\012- data
Size 114 kB (114053 bytes)
Hash 39227f5506378d5c941c44bf80782df3
07ea2578156d902435129cf7d4e8803cf3a9a712
7ff76e03c85c57480441c9bb3adee7bed697cb7ced997d0a97d9433e24feaed4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/black-teen-and-young-adult-brother-and-sisters-smi-2021-08-26-16-15-05-utc-min-1024x683.jpg HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: image/jpeg
last-modified: Wed, 09 Nov 2022 11:50:15 GMT
accept-ranges: bytes
content-length: 114053
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
200 OK 77 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: font/woff2
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-length: 76764
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
200 OK 78 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: font/woff2
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-length: 78196
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
200 OK 93 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
IP
File type Web Open Font Format (Version 2), TrueType, length 93372, version 1.0\012- data
Hash aab0bb3379e0eb7ebc26071db61fbd57
711c8d350c4192c2f1aa7f73551445b89fb4b161
691fa7d17effc7d303eda0ad7e4a1d91b2f375506cfc8a774480cc2b55f156ea
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: font/woff2
last-modified: Mon, 01 Aug 2022 04:11:38 GMT
accept-ranges: bytes
content-length: 93372
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/js/lightbox.2d166d71ba2a6a9e66fd.bundle.min.js
200 OK 9.0 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/js/lightbox.2d166d71ba2a6a9e66fd.bundle.min.js
IP
File type ASCII text, with very long lines (28962)
Hash 7d4a0b8db6ee8793d080670cb6eadff7
7ab5bbfc75a28ec1bd06ae3bae5a9046271d84a5
474af6b21466003fc36a4ba2c057549a26de343778b082ae88d3dc4c2be6f63c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/lightbox.2d166d71ba2a6a9e66fd.bundle.min.js HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9020
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.1
200 OK 1.0 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.1
IP
File type ASCII text, with very long lines (2620), with no line terminators
Hash 906c4decdcd32482c1cf583b07925d30
30e726b9febb4b651544266df656a21251f0e8e3
53f86e9641d0e35772d6b54294cc6dd685fb9a376a1baad151da120fef609423
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.1 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: application/javascript
last-modified: Mon, 01 Aug 2022 04:11:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1047
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
200 OK 3.3 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP
File type ASCII text, with very long lines (10544)
Hash 3821415a39954c48c7927e661467c6b8
dfe1116a0efc9898cb6caf094213880da83d6990
5f7f5b28f47c366a0bb70435dc3b2253278222c92429f013084f71fd7d29a32e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: application/javascript
last-modified: Wed, 17 Nov 2021 13:27:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3268
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js
200 OK 1.2 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js
IP
File type ASCII text, with very long lines (3262)
Hash c06631bb5e6d799d2742f4cbc95236b9
e107d3546f0f2964d20dbdc3b220ad2142406ad4
c2ada3f1cc19c1aad721f896b2522fbeb832d2391d5e2ef54d11a691ad5901e2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1173
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
200 OK 599 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP
File type ASCII text, with very long lines (1320)
Hash b59e163b50b8e62a7e08b4ce88241b48
4f45b1e9e0270133c35c43a1a33d5b2d292b8693
73ba293d6c6c5c89f37eb310eead199d2a7268ada96c881f41ec8ca5b7f693bb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 599
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/js/animated-headline.ffb4bb4ce1b16b11446d.bundle.min.js
200 OK 2.6 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/js/animated-headline.ffb4bb4ce1b16b11446d.bundle.min.js
IP
File type ASCII text, with very long lines (7828)
Hash edc038adac6186b5a743c04e818b692e
a1352aac53fb62cfb088b3ee2e02208ff7ef415a
eed68dd41a9715f9302da7603527b24df0e252c30a5ab61d6ba2b8dc37354657
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/animated-headline.ffb4bb4ce1b16b11446d.bundle.min.js HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2611
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/js/counter.02cef29c589e742d4c8c.bundle.min.js
200 OK 424 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/js/counter.02cef29c589e742d4c8c.bundle.min.js
IP
File type ASCII text, with very long lines (872)
Hash 993adcee886f6c3eab8be6023f084b32
59f4e9624926f1097d541424dee66da1934bfa64
e00ed907447d0adf3f32d7fc9a3b975499dbe37ac08939a06c5880c1066b4f15
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/counter.02cef29c589e742d4c8c.bundle.min.js HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 424
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/js/form.72b77b99d67b130634d2.bundle.min.js
200 OK 4.8 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/js/form.72b77b99d67b130634d2.bundle.min.js
IP
File type ASCII text, with very long lines (19201)
Hash 3d772440e5c1e8c5759c499fe271e95d
c2a2877c51c45f208ad9967b58f596e7cfb35f01
ab9878752e9ed35fae69bcdb31bf818ad590158dec0f421c8cd5116602f9966d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/form.72b77b99d67b130634d2.bundle.min.js HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4777
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/js/popup.483b906ddaa1af17ff14.bundle.min.js
200 OK 399 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor-pro/assets/js/popup.483b906ddaa1af17ff14.bundle.min.js
IP
File type ASCII text, with very long lines (715)
Hash a002c9b9244a3472fce629d026f9af11
2fef23ddd3a80409a816e2157f9200f99b9dabb6
32a747971486bc59983de06e0579fb52946fea9717e57bf3858b7fa582dedfc9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/popup.483b906ddaa1af17ff14.bundle.min.js HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 08:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 399
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/js/video.fab0f05f6306583e8ff8.bundle.min.js
200 OK 1.3 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/js/video.fab0f05f6306583e8ff8.bundle.min.js
IP
File type ASCII text, with very long lines (3469)
Hash 8d9e4623d7266915d4c74811ed19e7b2
96a1616e048268968172c670f7fe931c6e198198
adbbfe46c6a1fd145ce2997cd8f8ae3072bf27055892a39a9c5383c24e2d1fa4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/video.fab0f05f6306583e8ff8.bundle.min.js HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:03 GMT
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1285
date: Wed, 23 Nov 2022 04:43:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
fonts.gstatic.com/s/atma/v15/uK_84rqWc-Eoq2lRDw.woff2
200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/atma/v15/uK_84rqWc-Eoq2lRDw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 22456, version 1.0\012- data
Hash 5a6d27699548fb61e561064497b41556
11548f38384c941148c20f2f549b834b9c1443c8
2b11964ce29f4f618cc8f6a42d26e5a25e8f4a6e0efa0dcf4655a17899b5c24c
GET /s/atma/v15/uK_84rqWc-Eoq2lRDw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maureenteenmomsfoundation.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22456
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 18:30:37 GMT
expires: Thu, 16 Nov 2023 18:30:37 GMT
cache-control: public, max-age=31536000
age: 555147
last-modified: Tue, 19 Apr 2022 19:32:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/elementor/thumbs/12-pub34cfqsgcwl2jj0nab9iyfojvgs9vkfrrfo6n7u8.png
200 OK 517 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/elementor/thumbs/12-pub34cfqsgcwl2jj0nab9iyfojvgs9vkfrrfo6n7u8.png
IP
File type PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size 517 kB (516774 bytes)
Hash 33892b548672d269ed8b530e45e42fd3
36d0698a7a416a79c5ab381edd4b320679175aa8
9cc6b711b848871c1221833ea2f4db4934c049d56529567baa1cf18eba34523f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/12-pub34cfqsgcwl2jj0nab9iyfojvgs9vkfrrfo6n7u8.png HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: image/png
last-modified: Mon, 05 Sep 2022 08:34:03 GMT
accept-ranges: bytes
content-length: 516774
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
200 OK 34 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP
File type ASCII text, with very long lines (65280)
Hash 83a90323ac82b98062b4b2c8ac8c5051
d7d376677e3546b756b4fec6219be72b85c4f8f5
7fd68e9ea0ebd35958da46d7373113d1a3646a671217cf2cf471c65c3d710613
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: application/javascript
last-modified: Mon, 01 Jun 2020 20:47:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 34004
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/modules/controls/assets/fonts/dticon.ttf?7luiwh
200 OK 155 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/modules/controls/assets/fonts/dticon.ttf?7luiwh
IP
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, dticon \012- data
Size 155 kB (155004 bytes)
Hash 75512730552dada3cd201a395b0ed587
3acbdcbcd361e2bea90d249700b0bad44e9f1cd7
ab5ebb4cf8839121e4ca9c4086786ef4c4e7779982f1f9e6749b6270e9eb3820
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dethemekit-for-elementor/modules/controls/assets/fonts/dticon.ttf?7luiwh HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/wp-content/plugins/dethemekit-for-elementor/modules/controls/assets/css/dticon.css?ver=5.9.0
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: font/ttf
last-modified: Sun, 04 Sep 2022 08:27:53 GMT
accept-ranges: bytes
content-length: 155004
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/js/toggle.933918840481dcc64242.bundle.min.js
200 OK 1.3 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/plugins/elementor/assets/js/toggle.933918840481dcc64242.bundle.min.js
IP
File type ASCII text, with very long lines (3740)
Hash 98de647583561c04b74ceaa762955e35
835f56da0e4fb6e93f34a650c4f21c7e925ba19c
23b29b25cb3f690769f93855d94e88b249fcc3609199b4516d2627f5f06cb038
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/toggle.933918840481dcc64242.bundle.min.js HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:03 GMT
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1302
date: Wed, 23 Nov 2022 04:43:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/2022/09/female-psychiatrist-and-patient-shaking-hands-in-office.jpg
404 Not Found 17 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/2022/09/female-psychiatrist-and-patient-shaking-hands-in-office.jpg
IP
Hash aada68f45d0f280133e1b7897deb8324
29a6990c4e587a428d962176a7a7246fb15a074d
c27888360b14ff8f01766fa1e46c4b29a53a657283e6b8c0997157f3407a6fb9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/female-psychiatrist-and-patient-shaking-hands-in-office.jpg HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://maureenteenmomsfoundation.org/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: b64_HTTP.404,b64_404,b64_URL.4e4ba49056e52ddd49ab02c234534ab1,b64_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/elementor/thumbs/11-pub34y215n6i03o4iemqcvi1cewwpb9e6qrlpjr5v4.png
200 OK 598 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/elementor/thumbs/11-pub34y215n6i03o4iemqcvi1cewwpb9e6qrlpjr5v4.png
IP
File type PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size 598 kB (597648 bytes)
Hash 1f9c6914121c8e52e20917b651b3d3f4
f13d7e376aba06ab8c3d0b8cebb59ed76c5c220f
fee7da5ee9636acb0e0557c9fcc6ef98700af29a59a1760f8d74cbbcf8f02456
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/11-pub34y215n6i03o4iemqcvi1cewwpb9e6qrlpjr5v4.png HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:01 GMT
content-type: image/png
last-modified: Mon, 05 Sep 2022 08:28:13 GMT
accept-ranges: bytes
content-length: 597648
date: Wed, 23 Nov 2022 04:43:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/2022/09/9.png
200 OK 703 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/2022/09/9.png
IP
File type PNG image data, 1000 x 563, 8-bit/color RGBA, non-interlaced\012- data
Size 703 kB (703319 bytes)
Hash 28a063601dd6664ea93bac1defa1610f
f4b1de3bbf7ea958886ebcda93c23a947fc9f7b8
9ace0160cead800797a0f95d3ba70e7b9b05c17ebd3e0adfb237e54145d33ce8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/9.png HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: image/png
last-modified: Mon, 05 Sep 2022 08:03:58 GMT
accept-ranges: bytes
content-length: 703319
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/2022/09/22.png
200 OK 997 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/2022/09/22.png
IP
File type PNG image data, 1000 x 563, 8-bit/color RGBA, non-interlaced\012- data
Size 997 kB (997110 bytes)
Hash cd8606f7127aaab037aecfd16f4a57e4
1e237cc12f0b6b751796a4524525737649cd51cd
ab127c14b129f53a3987a73d729c60f256d269307f4c90134d3e02093c1936c2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/22.png HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/wp-content/uploads/elementor/css/post-18.css?ver=1667996516
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: image/png
last-modified: Mon, 05 Sep 2022 17:43:07 GMT
accept-ranges: bytes
content-length: 997110
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/2022/09/cropped-favicon-32x32.png
200 OK 2.0 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/2022/09/cropped-favicon-32x32.png
IP
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e8957be4783eb766d646b896f5e28907
96923d0dc6841e90d1d8685dbc63e154027e59a7
f98b508074c4767466a1027849f43e2343a2601c7b2f039abcf05c7923d1b9e3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/cropped-favicon-32x32.png HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:05 GMT
content-type: image/png
last-modified: Mon, 05 Sep 2022 05:04:56 GMT
accept-ranges: bytes
content-length: 2015
date: Wed, 23 Nov 2022 04:43:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/2022/11/the-boy-holds-stickers-with-a-question-mark-on-the-2022-08-24-23-20-39-utc-min-scaled.jpg
200 OK 37 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/2022/11/the-boy-holds-stickers-with-a-question-mark-on-the-2022-08-24-23-20-39-utc-min-scaled.jpg
IP
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 192c3f5bfd1aef08c59162d8250a03e5
d93f338851873d6373583cf3a399ef71640ca5a0
354a7fdbcc64bd01aaa38b806bcbdee6d24a728673b7d32225f752cd49d76715
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/the-boy-holds-stickers-with-a-question-mark-on-the-2022-08-24-23-20-39-utc-min-scaled.jpg HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/wp-content/uploads/elementor/css/post-18.css?ver=1667996516
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: image/jpeg
last-modified: Wed, 09 Nov 2022 12:20:23 GMT
accept-ranges: bytes
content-length: 254021
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/2022/09/7.png
200 OK 814 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/2022/09/7.png
IP
File type PNG image data, 1000 x 563, 8-bit/color RGBA, non-interlaced\012- data
Size 814 kB (814504 bytes)
Hash 8bf0b4803f201f4c0bb7b3de751244eb
375f75e4c5ead2639b30501a07acf13b575034c7
c80d96864af5e36f91e690566a93c6137d32246218a4d4b020a43cbc85fb169e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/7.png HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: image/png
last-modified: Mon, 05 Sep 2022 08:03:57 GMT
accept-ranges: bytes
content-length: 814504
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/2022/09/10.png
200 OK 888 kB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/2022/09/10.png
IP
File type PNG image data, 1000 x 667, 8-bit/color RGBA, non-interlaced\012- data
Size 888 kB (888312 bytes)
Hash e04905f8482c46d5c9375b41b0f3127c
b956de6e18418458a7f8e58d87690fae4680022f
ceae8094f897b8acb5d09fcd5f9e05a06c346e8ddae082de5fbf615005347d4a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/10.png HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: image/png
last-modified: Mon, 05 Sep 2022 08:03:59 GMT
accept-ranges: bytes
content-length: 888312
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/2022/09/17.png
200 OK 1.3 MB URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/2022/09/17.png
IP
File type PNG image data, 802 x 803, 8-bit/color RGB, non-interlaced\012- data
Size 1.3 MB (1281715 bytes)
Hash 157b825f16274380a0aacdaaa5148c4c
06781b3167c7c28bb344f679f7aca2a35c535fd1
3845284982b878376e864ae6adc1c5044eda03a1924365851dae6b5f8ec22aae
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/17.png HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/wp-content/uploads/elementor/css/post-18.css?ver=1667996516
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: image/png
last-modified: Mon, 05 Sep 2022 13:28:36 GMT
accept-ranges: bytes
content-length: 1281715
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/2022/09/female-psychiatrist-and-patient-shaking-hands-in-office.jpg
404 Not Found 0 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/2022/09/female-psychiatrist-and-patient-shaking-hands-in-office.jpg
IP
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/female-psychiatrist-and-patient-shaking-hands-in-office.jpg HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://maureenteenmomsfoundation.org/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: b64_HTTP.404,b64_404,b64_URL.4e4ba49056e52ddd49ab02c234534ab1,b64_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Wed, 23 Nov 2022 04:43:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
maureenteenmomsfoundation.org/wp-content/uploads/2022/11/cropped-Teensmom-removebg-preview.png
200 OK 0 B URL HTTP/2 maureenteenmomsfoundation.org/wp-content/uploads/2022/11/cropped-Teensmom-removebg-preview.png
IP
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/cropped-Teensmom-removebg-preview.png HTTP/1.1
Host: maureenteenmomsfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maureenteenmomsfoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:43:02 GMT
content-type: image/png
last-modified: Wed, 09 Nov 2022 10:31:18 GMT
accept-ranges: bytes
content-length: 151338
date: Wed, 23 Nov 2022 04:43:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
162.0.209.246
104.18.32.68
23.36.76.226
93.184.220.29