Report - kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php

Report Overview

Submitted URL
kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
IP
51.222.78.194
ASN
#16276 OVH SAS
Submitted
2022-11-08 02:59:03
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
76

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	1.5 kB	136 kB	216.58.207.195
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.0 kB	2.4 kB	93.184.220.29
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
kingstonconnections.ca	unknown	2016-11-21T14:46:29Z	2023-02-22T11:15:12Z	29 kB	419 kB	51.222.78.194
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	34.213.92.18
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	2.1 kB	4.2 kB	142.250.74.3
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	972 B	2.5 kB	142.250.74.10
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	69 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.0 kB	5.3 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-08	medium	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/plugins/ait-item-extension/design/css/frontend.css?ver=6.0.3	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/colorbox/colorbox.min.css?ver=1.4.27	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/ait/element-placeholder.css?ver=4.0.26.1626200761	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/jquery.selectbox.css?ver=6.0.3	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/font-awesome.css?ver=6.0.3	Phishing
2022-11-08	medium	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/leaflet.css?ver=6.0.3	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/elements/search-form/design/css/base-style.css?ver=6.0.3	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/jquery-ui-css/jquery-ui.css?ver=1.8.24	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/uploads/cache/directory2-child/preloading-4.0.26.1626200761.css?ver=4.0.26.1626200761	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/uploads/cache/directory2-child/base-4.0.26.1626200761.css?ver=4.0.26.1626200761	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/uploads/cache/directory2-child/typography-4.0.26.1626200761-en_US.css?ver=4.0.26.1626200761	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-includes/js/underscore.min.js?ver=1.13.3	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/plugins/popslide/assets/js/front.js	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/leaflet-gesture-handling.min.css?ver=6.0.3	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/ait/ait.js?ver=4.0.26.1626200761	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/colorbox/jquery.colorbox.min.js?ver=1.4.27	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/plugins/popslide/assets/js/jquery.cookie.min.js	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.selectbox-0.2.js?ver=6.0.3	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.raty-2.5.2.js?ver=6.0.3	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.markercluster.js?ver=6.0.3	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/bxslider/jquery.bxslider.min.js?ver=4.1.2	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet-gesture-handling.min.js?ver=6.0.3	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/modernizr/modernizr.touch.js?ver=2.6.2	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/themes/directory2/design/js/portfolio-item.js?ver=6.0.3	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.3	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/themes/directory2/design/js/menu.js?ver=6.0.3	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/plugins/ait-shortcodes/assets/js/rule-btn.js?ver=6.0.3	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.js?ver=6.0.3	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.select2-3.5.1.js?ver=6.0.3	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.3	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16	Phishing
2022-11-08	medium	kingstonconnections.ca/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.3	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (40)

	URL	Size	First Seen	Last Seen
	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	2.2 kB	2023-03-11	2023-03-11
Pretty URL kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:49:05 Last Seen2023-03-11 08:49:05 Times Seen1 Hash 3e74bf745abceb3e9e4e59830f81b152 2457f60ae856658422fa756deedb3dc16791173f 6d90bd0d1a7f1ca11941cb32d113c9b34a4b1b93d39f2768a3bc449285516ae6 Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 02:39:30 Times Seen37109223 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/portfolio-item.js?ver=6.0.3	2.3 kB	2023-03-07	2024-01-19
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/portfolio-item.js?ver=6.0.3 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:08 Last Seen2024-01-19 09:20:44 Times Seen19 Hash 28a4bc0ae5fe8da9b7383ca288b0a987 7f84819089ec5aa57e1a4e7d7ad1b949420e7922 f5bedabb3139c2c46464822c3bfcf87223976ebb03d711686f26b68e436d7a0c Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/mobile.js?ver=6.0.3	1.1 kB	2023-03-07	2024-01-19
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/mobile.js?ver=6.0.3 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:08 Last Seen2024-01-19 09:20:44 Times Seen21 Hash 6a40175a3c0bc944ca99e97111807e65 2bdb08ee1d9b3c5316e683567618b867f79a8e26 d309655a18b2fa5a0082de544c5575aad2e11cac6bcfeeff147359373105358b Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/menu.js?ver=6.0.3	11 kB	2023-03-07	2023-10-30
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/menu.js?ver=6.0.3 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:09 Last Seen2023-10-30 11:29:52 Times Seen5 Hash b0b6eb07b99d1717bc1985e97740f221 7e9e9bd40ff0e34548cee7826b17a70ca9c4ffd3 ef530a5ba42a80824db6f9505e43f9d148585cc5d71597d3bfb8afc567db725e Loading...

	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	576 B	2023-03-09	2023-03-11
Pretty URL kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:38:29 Last Seen2023-03-11 23:19:21 Times Seen1 Hash b782b468430b5da38c501fcd0e0db292 34b92bdc90d81fc70908f11426ed8057c237154a c4f3d6ad71887417fa13432b8fc981f66cadfc0d6d5aff7f583359a6caa21d52 Loading...

	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	1.2 kB	2023-03-09	2024-01-19
Pretty URL kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:38:29 Last Seen2024-01-19 09:20:44 Times Seen2 Hash f8bab23bceec17542162123706f0e651 e27f1712049d0022f761bc961bddf02f0f32205c 03a2979fc00b697ba8e1ae0761a8d75f1f6635f2ab927d14b47bdcf75e51959f Loading...

	kingstonconnections.ca/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.3	906 B	2023-03-07	2024-04-25
Pretty URL kingstonconnections.ca/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.3 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:59 Last Seen2024-04-25 21:53:59 Times Seen3873 Hash 2c6d3b562a48e0df5474999dd47e58fb 945220e990eb176c14e53cc663fb01e04e31b59f 3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550 Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.selectbox-0.2.js?ver=6.0.3	15 kB	2023-03-07	2024-01-19
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.selectbox-0.2.js?ver=6.0.3 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:08 Last Seen2024-01-19 09:20:48 Times Seen13 Hash ac612ddbd4731218b897b01146794002 762f897f3f4560b151353f1249c701a33c45c4bf 1d6c7588c86ec580b63280ead63e38acf15181a78c7ffbc1424fd348a1b2d821 Loading...

	kingstonconnections.ca/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.3	275 kB	2023-03-07	2024-04-01
Pretty URL kingstonconnections.ca/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.3 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:48 Last Seen2024-04-01 21:12:36 Times Seen333 Hash 4891279c976efd2964f817256246b343 50e65807afeba6c6fd89a7717c32905b2079c63b 0a82dfaab47369bce7febf1abcbe9ae1622d4504ce047798478db9ab446361b9 Loading...

	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	397 B	2023-03-11	2023-03-11
Pretty URL kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:49:06 Last Seen2023-03-11 08:49:06 Times Seen1 Hash 4b44bb26191349d8414f4c3b4cad91b5 da1a4c5953057e85c3b00238919ae0ab993ab311 9ec1f00f552d0f7f27394bdc2c91fb7848fd1a582711143e90917e3f2193e0b2 Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.select2-3.5.1.js?ver=6.0.3	147 kB	2023-03-07	2024-04-25
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.select2-3.5.1.js?ver=6.0.3 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:08 Last Seen2024-04-25 16:07:23 Times Seen57 Hash 99bfacbacaa00bc5b64f40b857badbe6 0085b77bdd3af4a517f8fc5021753d84d5c67e27 5c2cca59a5673dab740e7a6a4e2707636f39b02a5e3a5539891ed2e53fa3c4a8 Loading...

	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	1.5 kB	2023-03-07	2024-04-26
Pretty URL kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-04-26 10:14:38 Times Seen691 Hash 0f34278c49ba25db1ef359dd2641dc9a 916c0b1bc083867813188c84bb055cfce331c44c 44134cbf94a69a4a21b2805d17b869ad1d5ce8ad563f96b6cd218e71fab9d07e Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/script.js?ver=6.0.3	3.9 kB	2023-03-07	2023-07-08
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/script.js?ver=6.0.3 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:09 Last Seen2023-07-08 16:28:01 Times Seen3 Hash 2d002b38f29525c1458cf352b7dfe2c9 1aab33c35619a46d8295326f8d2d628bbab5c3e6 e9537e3f727a1931129ca2e1145549e099141c52273415796169b2e81f692c62 Loading...

	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/modernizr/modernizr.touch.js?ver=2.6.2	3.3 kB	2023-03-07	2024-04-25
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/modernizr/modernizr.touch.js?ver=2.6.2 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:09 Last Seen2024-04-25 16:07:24 Times Seen23 Hash 99129dcc4b8a9a6a2869ba51750a7ec7 301fccf75c5f5f83a030392448d0f9e1bf54b96d 75fc336aaa3038fca70ef5f682d2575bff0dda12eccd9dc0c1c7645d638d01ae Loading...

	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	149 B	2023-03-07	2024-04-26
Pretty URL kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-04-26 05:47:43 Times Seen2862 Hash 931deb2e7bef82d78d1c1b0a3fe4fe32 2a468d77a19124c4bcd1745b7f51eff01b269ade afb2b21f29cd5d7fc5b63a8ea02ece9649603b9e63a2afa55927c508345e1ee7 Loading...

	kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3	9.7 kB	2023-03-07	2024-04-26
Pretty URL kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:47 Last Seen2024-04-26 15:37:45 Times Seen1724 Hash 490c29d6776fc430c23403fd845b34b0 817129906b7fef1011895a76f047c7693a852e21 29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4 Loading...

	kingstonconnections.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-27
Pretty URL kingstonconnections.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-27 02:39:29 Times Seen68686 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.markercluster.js?ver=6.0.3	34 kB	2023-03-07	2024-04-26
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.markercluster.js?ver=6.0.3 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:57 Last Seen2024-04-26 10:12:51 Times Seen442 Hash ee8d78836d0d718b2b6d39ef60e03181 9e22ebf6b48ac0839d8a7dd5c0795c0dd541fdf4 58be871df61f6c512464e15db0941e63b9491bf1396a2ae3bea6f39e0854cd1c Loading...

	kingstonconnections.ca/wp-content/plugins/popslide/assets/js/jquery.cookie.min.js	1.3 kB	2023-03-09	2024-01-03
Pretty URL kingstonconnections.ca/wp-content/plugins/popslide/assets/js/jquery.cookie.min.js IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:38:28 Last Seen2024-01-03 14:25:12 Times Seen15 Hash c9eef727053e5fa5f4da1a259b68b019 2890d34d2e16bd9a3b22f52063502d2a20d36312 2948bdabb34333fb333a64321b1a1a29d3aea5eefae9033c8ec37a7a561f5b7f Loading...

	kingstonconnections.ca/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3	19 kB	2023-03-07	2024-04-26
Pretty URL kingstonconnections.ca/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 23:19:42 Times Seen38071 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3	12 kB	2023-03-07	2024-04-26
Pretty URL kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:48 Last Seen2024-04-26 15:37:46 Times Seen2057 Hash 3f3fc23f477a3849aa5677c585b2a2b4 ccf0865ebd37f76c450c7a377a86ff2448288db3 985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51 Loading...

	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	149 B	2023-03-09	2023-03-11
Pretty URL kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:38:29 Last Seen2023-03-11 23:19:21 Times Seen1 Hash e5b9d1b0489f70156934a05269ec3897 f68a8bc2af5fb5b8aebf072d613d02a02f41c225 62e632569c0695380fb7f9602cf4b1a6535f1ef651439247fd70a590fa8220f6 Loading...

	kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.3	1.2 kB	2023-03-07	2024-04-26
Pretty URL kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.3 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:59 Last Seen2024-04-26 13:53:02 Times Seen9206 Hash 51300497928562f8c86c7aaba99237cd e5826832b85c6afc6502b74cbb8ac5394b04c363 6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f Loading...

	kingstonconnections.ca/wp-includes/js/underscore.min.js?ver=1.13.3	19 kB	2023-03-07	2024-04-24
Pretty URL kingstonconnections.ca/wp-includes/js/underscore.min.js?ver=1.13.3 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2024-04-24 13:45:07 Times Seen2359 Hash 42aa17e1f850a414638ee4a32a3aa807 2e42d03a5e042701191650c041eae1cfb2d6c7b9 0da4791b446818516f710c51707081aec7b23a7c5212fc0b2629c973210136a4 Loading...

	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/bxslider/jquery.bxslider.min.js?ver=4.1.2	19 kB	2023-03-07	2024-04-26
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/bxslider/jquery.bxslider.min.js?ver=4.1.2 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:11 Last Seen2024-04-26 17:17:53 Times Seen4417 Hash 697d69a48e5356f7106e38c09f7f19e0 b57160771fa597a5b56c5b12756c693e4829be07 bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e Loading...

	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/ait/ait.js?ver=4.0.26.1626200761	3.7 kB	2023-03-07	2024-04-25
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/ait/ait.js?ver=4.0.26.1626200761 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:09 Last Seen2024-04-25 16:07:24 Times Seen35 Hash 8e6446daabdad87bf25e5dc67ada4768 793c55d7f66c44820a2f6809f5fa10c7f5269ff3 4b52e1de111fbeb4a545d0846e07738c6e1a7f49222fe4ceba3868622e4f8b62 Loading...

	kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16	158 kB	2023-03-07	2024-04-25
Pretty URL kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:59 Last Seen2024-04-25 12:50:40 Times Seen2404 Hash 6de31d697a1b1b2b0e2a3b29b1fb458b c9b6c996a66918f7c4d49c9b60134ce282c47143 443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008 Loading...

	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	11 kB	2023-03-09	2023-03-17
Pretty URL kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:38:28 Last Seen2023-03-17 10:34:43 Times Seen1 Hash cabe6642e6aa25d6ad41c16e37f6a916 296dc77f37b60f09c445bb0a789026ef967be0ed dee80caf0f0d9049a4582f10d03222c19ccba67a4a21ce769c755768bef598e9 Loading...

	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	2.4 kB	2023-03-07	2024-04-25
Pretty URL kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:59 Last Seen2024-04-25 21:53:57 Times Seen3807 Hash 49f89aeeb8e861051ed61fc00d636b9b 9077f9d9ebc3b661bb3a81161c6a4e2de2531231 4190f2c4f25f9a34cbbfdb92f91a25359570d773ef7cff97c924e224ad877759 Loading...

	kingstonconnections.ca/wp-content/plugins/ait-shortcodes/assets/js/rule-btn.js?ver=6.0.3	149 B	2023-03-07	2024-04-25
Pretty URL kingstonconnections.ca/wp-content/plugins/ait-shortcodes/assets/js/rule-btn.js?ver=6.0.3 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:09 Last Seen2024-04-25 16:07:24 Times Seen35 Hash d59f6a8bcae31d209e5e8c4ce55c67f6 a3bf29f507f7015a58e51300b5d2765641c215ad 321454ada53b9c4f599dac5a6752ce9d1a7bbf1658f2d144f12b9462f02c34c4 Loading...

	kingstonconnections.ca/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1	21 kB	2023-03-07	2024-04-25
Pretty URL kingstonconnections.ca/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 18:37:12 Times Seen3655 Hash 6aaf0a4e8eac131defea126f5b1b5fbf 24da0326af36303e5a1e9799a3c26f7a1077928c 240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5 Loading...

	kingstonconnections.ca/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1	8.8 kB	2023-03-07	2024-04-25
Pretty URL kingstonconnections.ca/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:06 Last Seen2024-04-25 18:37:12 Times Seen296 Hash 98f09b434a4910c56d74bcabc23ac05b c52a1a8e6e5823f859ed4123a00d730237c39893 73e77da1e0317a722f4c849f2f40227d33eecbdb930b04df897a78d993180b16 Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.infieldlabel-0.1.4.js?ver=6.0.3	5.8 kB	2023-03-07	2024-04-25
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.infieldlabel-0.1.4.js?ver=6.0.3 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:09 Last Seen2024-04-25 16:07:24 Times Seen34 Hash 372710f222244f8137edb8dafe56bee8 ddae6ea80bbc991ec1b157e465b989607a1167e9 bcabd3859644437d47fe098f85b398c21d0b9881d59a0b7476976d2d4a2e21a9 Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/custom.js?ver=6.0.3	8.0 kB	2023-03-07	2023-10-30
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/custom.js?ver=6.0.3 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:09 Last Seen2023-10-30 11:29:52 Times Seen5 Hash c6c651ee20509c469ef745125d43223e 7a9a029d6c289509b7afe3ada192862f65e62355 8f222bb9558651840a99c3e22fee4a5046f1e0b35ce710a4d771209cb9c88cf4 Loading...

	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	4.0 kB	2023-03-11	2023-03-11
Pretty URL kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:49:06 Last Seen2023-03-11 08:49:06 Times Seen1 Hash 5967195db11547aa45cb0dfdb82ea798 7a5a18bc35269e6d4c3ac660fc70a25e3cda1816 c36e0432ec0db3ee71cc92d96be581d3f02b6df5f5d46e55064fa3e000d4ac0e Loading...

	kingstonconnections.ca/wp-content/plugins/popslide/assets/js/front.js	2.7 kB	2023-03-09	2024-01-03
Pretty URL kingstonconnections.ca/wp-content/plugins/popslide/assets/js/front.js IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:38:28 Last Seen2024-01-03 14:25:13 Times Seen15 Hash 3ff927be3c0ffb476485dc19873ea4da 63238214c21e46b890f1d5948ccdc0be39cc2528 014cb59a604de951cce7f410857e5eef80b2b2cf2a9dbcfacce5c0f2bea7157b Loading...

	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/colorbox/jquery.colorbox.min.js?ver=1.4.27	12 kB	2023-03-07	2024-04-27
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/colorbox/jquery.colorbox.min.js?ver=1.4.27 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:22 Last Seen2024-04-27 01:51:14 Times Seen3648 Hash 663dd01c8e3859c4aa97cf088c49a64e 4181716dabb9a951a17bfa6e3a03f48ad17e016f 41bc4d4fe88139d6ee89abfcb2abac71e1430d85dbffc0be7c8f6bd36f4ced7e Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.js?ver=6.0.3	143 kB	2023-03-07	2024-04-16
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.js?ver=6.0.3 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:45 Last Seen2024-04-16 08:11:10 Times Seen74 Hash 3d572837c18a377367dbcf67427f6fc5 ed42c792a635e57d5d3da311bc2be43be59dc58a 24e9ec66cdbc367cdf424561c6d266a9d6a562417f7a39985970fffef1738160 Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet-gesture-handling.min.js?ver=6.0.3	18 kB	2023-03-07	2024-03-03
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet-gesture-handling.min.js?ver=6.0.3 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:08 Last Seen2024-03-03 12:42:14 Times Seen20 Hash 8221a2669a9608431f9a6000cc529481 ebcfd67b1f3bb1b0e24984b73769788b99dc6c8c e3b8c8f6c16d2cae4c13eb8907a4a7fb396ecd70104269deb719ca90b3c74126 Loading...

HTTP Transactions (83)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c7a8ba48383a0e56baca8c8c41b81a04
b04c1f1e730a71f17ff639c9db697c532d4e5421
7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7860552382285E6EDDDDC5226C6F6400CAA3F6FC3CB4B8A2D550C6FC653F78BB"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4592
Expires: Tue, 08 Nov 2022 04:15:23 GMT
Date: Tue, 08 Nov 2022 02:58:51 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9fd081ea88e8b8563986b3e558496d21
60700393dce5eb42c0db0d5feef340f4832e3c65
d92555957857423ed02f0d0435739bcd40a996591c73f40315564b372f6e2395

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3550
Cache-Control: max-age=117096
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:58:51 GMT
Etag: "6368de76-1d7"
Expires: Wed, 09 Nov 2022 11:30:27 GMT
Last-Modified: Mon, 07 Nov 2022 10:31:18 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9fd081ea88e8b8563986b3e558496d21
60700393dce5eb42c0db0d5feef340f4832e3c65
d92555957857423ed02f0d0435739bcd40a996591c73f40315564b372f6e2395

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2873
Cache-Control: max-age=116420
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:58:51 GMT
Etag: "6368de76-1d7"
Expires: Wed, 09 Nov 2022 11:19:11 GMT
Last-Modified: Mon, 07 Nov 2022 10:31:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d8c32b2fb818533a5b3fe5c69157bde9
93594fd3fc50d9d444c28660eabba1edbe4f0588
df8b8ce7a83d11fbe075c8780103c509654f288b5d757d64b696d861a11f3c7f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF8B8CE7A83D11FBE075C8780103C509654F288B5D757D64B696D861A11F3C7F"
Last-Modified: Sun, 06 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10681
Expires: Tue, 08 Nov 2022 05:56:52 GMT
Date: Tue, 08 Nov 2022 02:58:51 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: XLYbX9FQAIutUQGanAQcN1ugOmiTGiXPMzN5ATkboGNduCWD4mWKTtiUQS49bkm2t2rTlGzF6ZY=
x-amz-request-id: DGGNAA15GCQBF8ZA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 08 Nov 2022 02:11:07 GMT
age: 2864
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 02:58:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e6f4643306be10417c47176a6e67306f
940a13818904add9e1cacd12610f37ba1efd7bc5
67e51095b5da59b3eeda8a28c81789e69064a0a19a93347c2fcb05fd4b21e6d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6367
Cache-Control: max-age=114841
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:58:52 GMT
Etag: "6368caa6-1d7"
Expires: Wed, 09 Nov 2022 10:52:53 GMT
Last-Modified: Mon, 07 Nov 2022 09:06:46 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php

51.222.78.194

301 Moved Permanently

707 B

URL HTTP/1.1
kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Tue, 08 Nov 2022 02:58:52 GMT
server: LiteSpeed
location: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php

push.services.mozilla.com/

34.213.92.18

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.213.92.18:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4uGaPq0WpD6HG0BryA5PaQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0/bQLOgIPP6YJv90uhqLDy80/Lc=

kingstonconnections.ca/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3

51.222.78.194

200 OK

11 kB

URL HTTP/2
kingstonconnections.ca/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (43771)
Size
11 kB (10946 bytes)
Hash
d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 04:23:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10946
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/plugins/ait-item-extension/design/css/frontend.css?ver=6.0.3

51.222.78.194

200 OK

469 B

URL HTTP/2
kingstonconnections.ca/wp-content/plugins/ait-item-extension/design/css/frontend.css?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
469 B (469 bytes)
Hash
abb72daafd06412efbaceeb36118b962
8c4a495fb293235df932a359a707c7953dc2fa21
4a06056ff568c779f88d5f35ed582255a5602dd602c64754ea91cc171ecf815b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/ait-item-extension/design/css/frontend.css?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Thu, 17 Sep 2020 14:16:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 469
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
96791bd486db22c41012d25318835bdf
b32c813f16b84a6b2660bd527843da5e368af8eb
61a4589c35910af9f8d20ff0c7eca296a77a336ab00730573fe9ce7cf2cc72c5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:58:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
96791bd486db22c41012d25318835bdf
b32c813f16b84a6b2660bd527843da5e368af8eb
61a4589c35910af9f8d20ff0c7eca296a77a336ab00730573fe9ce7cf2cc72c5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:58:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8489
Expires: Tue, 08 Nov 2022 05:20:22 GMT
Date: Tue, 08 Nov 2022 02:58:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8489
Expires: Tue, 08 Nov 2022 05:20:22 GMT
Date: Tue, 08 Nov 2022 02:58:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8489
Expires: Tue, 08 Nov 2022 05:20:22 GMT
Date: Tue, 08 Nov 2022 02:58:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8489
Expires: Tue, 08 Nov 2022 05:20:22 GMT
Date: Tue, 08 Nov 2022 02:58:53 GMT
Connection: keep-alive

fonts.googleapis.com/css?family=PT+Sans+Narrow%3Aregular%2C700&subset=cyrillic-ext%2Clatin-ext%2Ccyrillic%2Clatin&ver=6.0.3

142.250.74.10

200 OK

1.0 kB

URL HTTP/2
fonts.googleapis.com/css?family=PT+Sans+Narrow%3Aregular%2C700&subset=cyrillic-ext%2Clatin-ext%2Ccyrillic%2Clatin&ver=6.0.3
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.0 kB (1005 bytes)
Hash
4572af50a00f0b799f659eb7437695e1
e8885128ece18e5ee0e975a4d205dbbd60100f0c
e4ae9d10f64905c39d86019b9bcb1c2e0339ea2ddc7611ed69f376bbda7089ab

HTTP Headers

GET /css?family=PT+Sans+Narrow%3Aregular%2C700&subset=cyrillic-ext%2Clatin-ext%2Ccyrillic%2Clatin&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 08 Nov 2022 02:58:53 GMT
date: Tue, 08 Nov 2022 02:58:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10462 bytes)
Hash
4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Q0yZmbExDP4tH0n1n2qj_NR2Mv_y_dsO0LJ1RKZoS6Me-NLbhpUWqw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 09:11:38 GMT
age: 64035
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3

51.222.78.194

200 OK

848 B

URL HTTP/2
kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
848 B (848 bytes)
Hash
c962ba8e7d42ff9da18392b41dad5151
7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 15:01:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 848
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-includes/css/dashicons.min.css?ver=6.0.3

51.222.78.194

200 OK

35 kB

URL HTTP/2
kingstonconnections.ca/wp-includes/css/dashicons.min.css?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (58981)
Size
35 kB (35110 bytes)
Hash
54c5bfb8a890d87139d9abfe01662c83
f9eddf5b8a3269e6d6fa40b4f13083705e6267c6
9685e5cabe4efc8c85e986725af8009b306416aad3ecc9086ca5bb12b84ce4ef

HTTP Headers

GET /wp-includes/css/dashicons.min.css?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Fri, 16 Apr 2021 01:28:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 35110
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a2842fe-964c-4b53-b4d3-d27d8e27debf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12542 bytes)
Hash
520aa96c85cf1ae2eb884b3b5e477e30
333347eaa268453c1dfe9dce8b22c4ad193afbc5
df63dc2c0b4f0beeb0f3c9853ad55c25b044121c905e9224ce3243ed24fc44bc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a2842fe-964c-4b53-b4d3-d27d8e27debf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12542
x-amzn-requestid: fb3cb1c6-3c15-48ad-9d4c-e3bc6623789b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQA1RE-uoAMFfjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b54-64996d5d788a2fbd3e9350f3;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8OEi5KX_Y37Ac32N61OQCytR389Hd2E6Mf6i29ilENj3I98s6W3IsQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 22:12:03 GMT
age: 17210
etag: "333347eaa268453c1dfe9dce8b22c4ad193afbc5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.3

51.222.78.194

200 OK

12 kB

URL HTTP/2
kingstonconnections.ca/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Size
12 kB (11522 bytes)
Hash
89c01460d72cb1ceb3a46b26a5ca1f76
ac2c983903467ac06692603836da52c269d34745
88fe06f32160927f89011be425a89c7bd71b305cbbb14145f9829509f2805897

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Tue, 28 Jan 2020 19:39:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11522
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f82801-6f26-493e-9038-7e48dff62c0b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12525 bytes)
Hash
a141cbda515c166225f5b3b8314dcd03
26f7bacb597a67119bb763d1d03a81a5222a2c91
b375f0cf094cd89cbd52ab013df87f76181a8023715f1ed8b1fe4a20d44f5579

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f82801-6f26-493e-9038-7e48dff62c0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12525
x-amzn-requestid: 0b15f964-6154-44ce-a537-4c8402e387c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bHRLCFBpoAMFsMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365fbe0-177041f7562907be268f5a10;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 06:00:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bWLlArevalY-MpKc8DlT38lwNyHhY8omPAbeGu7kys1QjBwMe-t2IQ==
via: 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 22:13:35 GMT
age: 17118
etag: "26f7bacb597a67119bb763d1d03a81a5222a2c91"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/colorbox/colorbox.min.css?ver=1.4.27

51.222.78.194

200 OK

579 B

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/colorbox/colorbox.min.css?ver=1.4.27
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (2026)
Size
579 B (579 bytes)
Hash
3fa815f8b4d329936554aab60b74950f
b9c42a52f4849fcdbd1f914c5ccfbed59c7783d6
16ab0fbe01ebbb4096f7dedd182d3fc6de7bd87cd7bf2570d2dc848da1ef6194

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/ait-theme/assets/colorbox/colorbox.min.css?ver=1.4.27 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 579
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10781 bytes)
Hash
4ff4c1be0934222258267f7595f2ecde
5d51855ed7cc6f8cac53eef1730212eb70b28036
49ce70117f2b108ebcff7f8e0ac14b2583eaf6b36a10baff097b35b728ba44d9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10781
x-amzn-requestid: c5063271-8b84-41d7-899c-958c135541c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAwTF2cIAMF0DQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b34-6b6018d826efae3e3738a7d9;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tL667rmWZPwJrD76JI5jBbUa3oEwaLZc-A5omJ8WyQMzsxDgIXsQhg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 22:11:08 GMT
etag: "5d51855ed7cc6f8cac53eef1730212eb70b28036"
content-type: image/jpeg
age: 17265
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/ait/element-placeholder.css?ver=4.0.26.1626200761

51.222.78.194

200 OK

691 B

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/ait/element-placeholder.css?ver=4.0.26.1626200761
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
691 B (691 bytes)
Hash
dc99ade6b7e7b26dff8f4626e6da377a
4a701e3dc636e0ec2b0e67f43d6bdb11bba7b9b2
ce25e81bfbe7e02968361c63df00326fd1668cb3498df766cb08eb1a2342aa98

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/ait-theme/assets/ait/element-placeholder.css?ver=4.0.26.1626200761 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 691
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/jquery.selectbox.css?ver=6.0.3

51.222.78.194

200 OK

549 B

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/jquery.selectbox.css?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
549 B (549 bytes)
Hash
d3b3a6bbbe22fa4d9a985e157f4fa421
f63407b315b312eeab49c137d55b8ab487da2371
ad7759b1bce3252b3bfae6f71e0961b99c4346915de6d5a11faf7a8357459c57

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/css/libs/jquery.selectbox.css?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 549
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/jquery.select2-3.5.1.css?ver=6.0.3

51.222.78.194

200 OK

3.1 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/jquery.select2-3.5.1.css?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
3.1 kB (3124 bytes)
Hash
0a1f5bd82e1d9fdc7dbeacd1a150d28c
02c1d8bfe6e419613f05f950c6f42ed05d4b87ad
c03895b6fe0faf7645510d3e2a13fcbb920bfd025a9d208c08881bf0b196b2f6

HTTP Headers

GET /wp-content/themes/directory2/design/css/libs/jquery.select2-3.5.1.css?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3124
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
96791bd486db22c41012d25318835bdf
b32c813f16b84a6b2660bd527843da5e368af8eb
61a4589c35910af9f8d20ff0c7eca296a77a336ab00730573fe9ce7cf2cc72c5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:58:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f590111-905a-44a3-861d-b8905ff72231.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10719 bytes)
Hash
b8c1ed79376a3bf9dfc9713189c36039
26ef76be8b675a4eeaf5ee428ee56d1a1181c6af
45f6891db04614dd3309e7951b90fafdac07e57e1932ebda66c852d6f9b65e5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f590111-905a-44a3-861d-b8905ff72231.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10719
x-amzn-requestid: 04634220-90c5-403b-a531-c0a984379b33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAKNGK0IAMFxrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a41-543f03665ed83c4e63c47c7b;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:36:01 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: v9dIZZFcHMehw8L-snVwpsfBR6LTznNnMduphX2ddvZ1mQIHqWTjqQ==
via: 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:40:30 GMT
age: 19103
etag: "26ef76be8b675a4eeaf5ee428ee56d1a1181c6af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/font-awesome.css?ver=6.0.3

51.222.78.194

200 OK

7.0 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/font-awesome.css?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
troff or preprocessor input, ASCII text, with very long lines (427)
Size
7.0 kB (7008 bytes)
Hash
40cd109595d6850ecd5db53cec3394c1
bc319f6e8245b4e9304d2ee2eedb4559966a4347
74d649dbc17be479d1777dd51c832bd51d4cc307b016ab64fb19f929e02c4a10

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/css/libs/font-awesome.css?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7008
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53771fc6-60e5-4f18-8cc7-e8411e2b99d5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5325 bytes)
Hash
bcff76df653cc2141d328013181ada9e
9343a49b3846f73e34d32a6bc7569a1c67e89894
affab8aead0d38958a7232bb8a866fffdb85b243174968f6b1bea220ae0152d5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53771fc6-60e5-4f18-8cc7-e8411e2b99d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5325
x-amzn-requestid: 6fe63702-6974-4a3d-82ba-9636858f1f7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQA1cHPxoAMFjCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b55-593b06387844528377de364d;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: T5totlLjxjd4OgFCxpIYsyz3u5vgI-vJH0qvw7wQ96X_sr8PfMDbbw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:56:33 GMT
etag: "9343a49b3846f73e34d32a6bc7569a1c67e89894"
content-type: image/jpeg
age: 18140
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/MarkerCluster.Default.css?ver=6.0.3

51.222.78.194

200 OK

331 B

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/MarkerCluster.Default.css?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
331 B (331 bytes)
Hash
41e54e32115609fac2215b71dd73bf24
7074a79b4418c48d9d17a915aaf43574567af450
6dfaf1394cfa3cfcca3a62c489d331cb98aa8aae5c29cd0d9da76ac86a42cedf

HTTP Headers

GET /wp-content/themes/directory2/design/css/libs/leaflet/MarkerCluster.Default.css?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 331
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php

51.222.78.194

404 Not Found

16 kB

URL HTTP/2
kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size
16 kB (15882 bytes)
Hash
f0fcca835ad37b328f9db6bc217812ef
eb2a7780e6c0a06c26b60bfa030dc3a8ec9382cc
91ffdfddc49e2dc34ba314fb5e1f19603091425872d7d53d27ec7a585843f1fc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://kingstonconnections.ca/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/leaflet.css?ver=6.0.3

51.222.78.194

200 OK

3.1 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/leaflet.css?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
3.1 kB (3062 bytes)
Hash
5507585fdfa3f48b9ba06acc9a3a6072
ff99dc58cc025345b8d59ff790fb983b36b167cc
9d561bf9d7a7935b8141f19e1bd7b6271ebd699667a6c80839e16a611b7926d9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/css/libs/leaflet/leaflet.css?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3062
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/ait-theme/elements/search-form/design/css/base-style.css?ver=6.0.3

51.222.78.194

200 OK

27 B

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/elements/search-form/design/css/base-style.css?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
27 B (27 bytes)
Hash
451a865ab7f4b7d884ba2297090e92f2
a400b61b6ba6387fa62842ae801339171c98bcba
16eb23976764966ef5f3d2d2b17ff8cfeb1892ed84edcbae61362d7fe36877e4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/ait-theme/elements/search-form/design/css/base-style.css?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-length: 27
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/jquery-ui-css/jquery-ui.css?ver=1.8.24

51.222.78.194

200 OK

5.5 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/jquery-ui-css/jquery-ui.css?ver=1.8.24
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (1399)
Size
5.5 kB (5498 bytes)
Hash
96121df13c6e35e4f8063ae6ce8ad8fe
9f63f124b7707cfc4d0f31d0cc30dcb19f4fabe5
2fa76f2ed3cc00fefe286ff0b0822025be03d4bd135a2affbea49bce44aabee1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/ait-theme/assets/jquery-ui-css/jquery-ui.css?ver=1.8.24 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5498
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3

51.222.78.194

200 OK

2.8 kB

URL HTTP/2
kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (9680), with no line terminators
Size
2.8 kB (2799 bytes)
Hash
8a91034fce0e4a2464d2170d38d31382
f00c20cfcbd136ee9aa20d07085c10f470548fe4
1a8f0bcd2b76caf977b08ed30bdd29eb77405ca4c1fe2315b41f8fe2542f1528

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 15:01:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2799
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/uploads/cache/directory2-child/preloading-4.0.26.1626200761.css?ver=4.0.26.1626200761

51.222.78.194

200 OK

6.0 kB

URL HTTP/2
kingstonconnections.ca/wp-content/uploads/cache/directory2-child/preloading-4.0.26.1626200761.css?ver=4.0.26.1626200761
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (65536), with no line terminators
Size
6.0 kB (5981 bytes)
Hash
cf02b5759aff578ad2d8c36696fb34cf
3b02b4acb35307aafbd821922881ff5f71c06e0a
fad8c331d45ff46845abfedf4d4397ff14f2d04663103d8bbef3adfed7e2dd8e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/cache/directory2-child/preloading-4.0.26.1626200761.css?ver=4.0.26.1626200761 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Tue, 20 Sep 2022 17:50:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5981
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/ait-theme/elements/header-map/design/css/base-style.css?ver=6.0.3

51.222.78.194

200 OK

167 B

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/elements/header-map/design/css/base-style.css?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
9bbbef55a46d98eba46962413ad4bf67
ce90377f42bfacb3a0020a227af26153619583b2
71b48802321a95504b37856b24f30228d0a878f9aa1eab09251aced06af2db4e

HTTP Headers

GET /wp-content/themes/directory2/ait-theme/elements/header-map/design/css/base-style.css?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-length: 167
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/uploads/cache/directory2-child/base-4.0.26.1626200761.css?ver=4.0.26.1626200761

51.222.78.194

200 OK

42 B

URL HTTP/2
kingstonconnections.ca/wp-content/uploads/cache/directory2-child/base-4.0.26.1626200761.css?ver=4.0.26.1626200761
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
42 B (42 bytes)
Hash
7b5c559e947c71c87e7aa0f2c25b1f3b
f4b49897b2c7d52599e0a4c1385ad53082a3531c
c9cc029c2488498fa7ed479fb67d4920b268b585545cdd856bd041c8649e4a04

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/cache/directory2-child/base-4.0.26.1626200761.css?ver=4.0.26.1626200761 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Tue, 20 Sep 2022 17:50:24 GMT
accept-ranges: bytes
content-length: 42
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/uploads/cache/directory2-child/typography-4.0.26.1626200761-en_US.css?ver=4.0.26.1626200761

51.222.78.194

200 OK

4.8 kB

URL HTTP/2
kingstonconnections.ca/wp-content/uploads/cache/directory2-child/typography-4.0.26.1626200761-en_US.css?ver=4.0.26.1626200761
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (50085), with no line terminators
Size
4.8 kB (4752 bytes)
Hash
23b15bce1c17122123d35e619b7c5980
c7a87988c9e0047ef5970bc53cab6bc044e5730b
0c1ad851bff330cc6150ca38245f2a71e7f4baf6feadec6fb038c952c0f2d96f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/cache/directory2-child/typography-4.0.26.1626200761-en_US.css?ver=4.0.26.1626200761 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Tue, 20 Sep 2022 17:50:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4752
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3

51.222.78.194

200 OK

3.7 kB

URL HTTP/2
kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (12211), with no line terminators
Size
3.7 kB (3689 bytes)
Hash
b3777786fbf0ac18aa59c687154a9db8
3f24b0cfae49dc3e70f149edaf203a661cd59c88
8e3993f3b5eb33611a7c40d80d1cb048b4329ebb9ad0d9e8eb583e48fda70bb5

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 15:01:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3689
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-includes/js/underscore.min.js?ver=1.13.3

51.222.78.194

200 OK

7.2 kB

URL HTTP/2
kingstonconnections.ca/wp-includes/js/underscore.min.js?ver=1.13.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (18876)
Size
7.2 kB (7176 bytes)
Hash
8f44fac7de7704cc9c42ca9cf95071b8
1fa95065580a736700586a6c6ba1e0c3304d301c
89d8fb5c9897186f5d8295777f8eecd5c9a8ec5a40b0e01b9afe3e6ff851a4a1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.13.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 18:09:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7176
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/plugins/popslide/assets/js/front.js

51.222.78.194

200 OK

792 B

URL HTTP/2
kingstonconnections.ca/wp-content/plugins/popslide/assets/js/front.js
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
792 B (792 bytes)
Hash
aaa06787ae4ea91535efa202e2932b35
9787b1808d5af3edcef268d8694b3e2292e83f8c
de945d8a217f77be3869a0c8f5d3533bf253708e40ff66cef6e85c204712116e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/popslide/assets/js/front.js HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Thu, 26 Mar 2020 13:48:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 792
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/leaflet-gesture-handling.min.css?ver=6.0.3

51.222.78.194

200 OK

320 B

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/leaflet-gesture-handling.min.css?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (1022), with no line terminators
Size
320 B (320 bytes)
Hash
7f6c29c6cdd42f98a89d9c137b0aac57
b2fecb4e878774d771c1907e4503197e8fc98cd9
2c8bbecaa816f5e5e0ff316fa6e0087f4611a1349bf6f6c14da1e1b2e23f8499

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/css/libs/leaflet/leaflet-gesture-handling.min.css?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 320
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/ait/ait.js?ver=4.0.26.1626200761

51.222.78.194

200 OK

1.3 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/ait/ait.js?ver=4.0.26.1626200761
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (396)
Size
1.3 kB (1301 bytes)
Hash
e98d38dbd6b1de4f531a020308ccc8f4
1b7abae2e9e24be4de21a8450c7316a457c8ae03
76e73a889d5aa4e92c03ff6946bd2802fe80678600f54394582a525c0f6fc12e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/ait-theme/assets/ait/ait.js?ver=4.0.26.1626200761 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1301
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/colorbox/jquery.colorbox.min.js?ver=1.4.27

51.222.78.194

200 OK

4.5 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/colorbox/jquery.colorbox.min.js?ver=1.4.27
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (11887)
Size
4.5 kB (4463 bytes)
Hash
65d669ec0b59ad7d2040d842c0b7a138
e5eb7828252dac354af8a3e21048b01a5e03fed7
adc999c096832cee4900be483e1aa5aa360994d89785f2ab9b123d90b716734e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/ait-theme/assets/colorbox/jquery.colorbox.min.js?ver=1.4.27 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4463
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/plugins/popslide/assets/js/jquery.cookie.min.js

51.222.78.194

200 OK

600 B

URL HTTP/2
kingstonconnections.ca/wp-content/plugins/popslide/assets/js/jquery.cookie.min.js
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (1285), with no line terminators
Size
600 B (600 bytes)
Hash
cf6db9095d99c3a903b9c45b33bfeba7
969effee72715014cad403163ef6e172a653224c
193da8104086306ee6ca5b44e03f54e5b0cd3d8230caf5bad05edbf306eebd5a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/popslide/assets/js/jquery.cookie.min.js HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Thu, 26 Mar 2020 13:48:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 600
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

51.222.78.194

200 OK

4.0 kB

URL HTTP/2
kingstonconnections.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (11126)
Size
4.0 kB (3995 bytes)
Hash
7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Tue, 15 Dec 2020 21:31:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.selectbox-0.2.js?ver=6.0.3

51.222.78.194

200 OK

3.7 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.selectbox-0.2.js?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
3.7 kB (3702 bytes)
Hash
fe20db7ff1d6f533a5279598b65f6d78
fa675d5759cfe2a5d946f5cd78a264c9567213d7
feec72f60b44f846064f7a3603cc51bea78c6d62dd770bae0b4a8a72af7775ca

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/js/libs/jquery.selectbox-0.2.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3702
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

51.222.78.194

200 OK

30 kB

URL HTTP/2
kingstonconnections.ca/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (65447)
Size
30 kB (30273 bytes)
Hash
34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 12:06:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0

51.222.78.194

200 OK

50 kB

URL HTTP/2
kingstonconnections.ca/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (32017), with CRLF line terminators
Size
50 kB (50040 bytes)
Hash
12ee1cc38870cd33b736f5a03a213de8
32e13b34e228e12ef6e3afcfcfa57cfb92d632ff
629c9a0ac8f73997327bfe37312e363e461ab8c1d8ac1c112b2d2f2eed814dee

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Tue, 28 Jan 2020 19:39:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 50040
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.raty-2.5.2.js?ver=6.0.3

51.222.78.194

200 OK

3.7 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.raty-2.5.2.js?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
3.7 kB (3711 bytes)
Hash
73e29207c75b19b267ca486d698dd720
43e7446c71b8e719d1bdbecbc70de0ac40068293
fbd3e58109517198c4ce2045f912780f7c9c23ab7629be54abc753eaba899c96

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/js/libs/jquery.raty-2.5.2.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3711
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery-waypoints-2.0.3.js?ver=6.0.3

51.222.78.194

200 OK

3.4 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery-waypoints-2.0.3.js?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
3.4 kB (3446 bytes)
Hash
3c1e9a8ee6422e73b156bbe79beedbc7
56d39626241423beb358d455c60a1da7a831a847
5e51cb02940d689e397ee51e1269cf7d58e980eda3cdb002c655a41ea0b78945

HTTP Headers

GET /wp-content/themes/directory2/design/js/libs/jquery-waypoints-2.0.3.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3446
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.markercluster.js?ver=6.0.3

51.222.78.194

200 OK

8.5 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.markercluster.js?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (32045)
Size
8.5 kB (8465 bytes)
Hash
c60b5e3a8d131299c4da83e4b367490d
2b215d63e3a933ee25d9551b68defcf9986d2497
0412440f0d70391630d734199065569329db8dd6c0d7b067287de4199e6546da

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/js/libs/leaflet/leaflet.markercluster.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8465
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1

51.222.78.194

200 OK

2.6 kB

URL HTTP/2
kingstonconnections.ca/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (8632)
Size
2.6 kB (2645 bytes)
Hash
d907b8e007d5ed72022815b9ccc95f11
e77303ded461745c207af9d76cf91c8b32a46e3e
a90b61a5e379b42615eebab01de76934200af87a50bd10c7f78690ee210d6c83

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 18:09:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2645
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/bxslider/jquery.bxslider.min.js?ver=4.1.2

51.222.78.194

200 OK

4.9 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/bxslider/jquery.bxslider.min.js?ver=4.1.2
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (19040)
Size
4.9 kB (4925 bytes)
Hash
d2c26da9ce67516d1c19f4896b5b9c41
1979bb8c67596d0edd349d2209cb65110beea664
deef64f20a8ad1238a721449bc80cfb2e1a41cfe0085e5fe23b3562a108c1d92

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/ait-theme/assets/bxslider/jquery.bxslider.min.js?ver=4.1.2 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4925
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet-gesture-handling.min.js?ver=6.0.3

51.222.78.194

200 OK

6.1 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet-gesture-handling.min.js?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
Unicode text, UTF-8 text, with very long lines (14650)
Size
6.1 kB (6097 bytes)
Hash
84fbf0f521f3b26eea0a5f3043016045
0876751eb39f1c178b8077d697afcbfa2ea9a4ae
5f4bcfd711a6aeaa175e610fd38462776391a1c9f87a62d9e097a4e8c3e21a38

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/js/libs/leaflet/leaflet-gesture-handling.min.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6097
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/mobile.js?ver=6.0.3

51.222.78.194

200 OK

430 B

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/mobile.js?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
430 B (430 bytes)
Hash
d5e50f7c323d8e0fe2149738098de3ec
ae3c8dc6ecbfed68f36004500fa96029a7c64015
4eccb16db8a3d83d171756528ddd1526231ef8fa680f5210e8f2a59559ca3401

HTTP Headers

GET /wp-content/themes/directory2/design/js/mobile.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 430
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/custom.js?ver=6.0.3

51.222.78.194

200 OK

2.1 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/custom.js?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
2.1 kB (2140 bytes)
Hash
65006712cde9e7d61282a256055462b6
82656441a8161d29a8509008fbafbf114e5c0b59
ab4b0e6ba7a8ab9e74669134308d39d76ba95026ee9ac6288fd0fb7ae3801849

HTTP Headers

GET /wp-content/themes/directory2/design/js/custom.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2140
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/script.js?ver=6.0.3

51.222.78.194

200 OK

1.4 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/script.js?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
1.4 kB (1409 bytes)
Hash
3260682397d5fe5c933668ba7cfdab43
0d0276585a1206e9cd06f8f944f9ae128ccf1919
9c0d35a40f8d44d32e97fb3995f4797640465d79e1bce7d670e32b4de9ba1ca7

HTTP Headers

GET /wp-content/themes/directory2/design/js/script.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1409
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/modernizr/modernizr.touch.js?ver=2.6.2

51.222.78.194

200 OK

1.4 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/modernizr/modernizr.touch.js?ver=2.6.2
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (3173)
Size
1.4 kB (1416 bytes)
Hash
25cf9696e54a12b10205980c6d9cfd26
d199bdb2e9a733a880ab07aa06d1a6c9c0acded9
e2f531fc851a3194d139898dc7d0e3ca00609a491ebd740b028ed9c30ba09c62

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/ait-theme/assets/modernizr/modernizr.touch.js?ver=2.6.2 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1416
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/portfolio-item.js?ver=6.0.3

51.222.78.194

200 OK

715 B

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/portfolio-item.js?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
715 B (715 bytes)
Hash
445f9be76c2f2ffdcb4356146ccfa06f
dca44440d94c86143629f94b3f13aa7162d30c29
e25ca8c246066bf9424ee935981838821e3c34a940337fe1cd7f358f45376c90

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/js/portfolio-item.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 715
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.infieldlabel-0.1.4.js?ver=6.0.3

51.222.78.194

200 OK

1.9 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.infieldlabel-0.1.4.js?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
1.9 kB (1862 bytes)
Hash
47112cf8265967d094a5ce5997495377
e2915f9ca6940057d72b324a26d0f8ab7f38dbda
f9921430b02661051ba14c9e08bfe481762d6d4dd583b96d9324ae0eb635301c

HTTP Headers

GET /wp-content/themes/directory2/design/js/libs/jquery.infieldlabel-0.1.4.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1862
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.3

51.222.78.194

200 OK

392 B

URL HTTP/2
kingstonconnections.ca/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (906), with no line terminators
Size
392 B (392 bytes)
Hash
200d0ec78a54a35bb97450e75bddfe52
25a0c90e7c2a7f49b4d5abf3165eb2d03849c2cb
9555fae27002a4036ca476b62143a67552e3870a1ff46c5869611b5edbe1deac

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Thu, 04 Feb 2021 01:24:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 392
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/menu.js?ver=6.0.3

51.222.78.194

200 OK

2.5 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/menu.js?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
2.5 kB (2470 bytes)
Hash
6ed61bacc4629f8000fa292c007b394f
aae08a186c61fcefafaa3c429d254391bb56a9a6
d42146f08f70d3acf7de452f9b84e8839265c5b81a05ced3545310b02fced9cd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/js/menu.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2470
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/plugins/ait-shortcodes/assets/js/rule-btn.js?ver=6.0.3

51.222.78.194

200 OK

149 B

URL HTTP/2
kingstonconnections.ca/wp-content/plugins/ait-shortcodes/assets/js/rule-btn.js?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
149 B (149 bytes)
Hash
d59f6a8bcae31d209e5e8c4ce55c67f6
a3bf29f507f7015a58e51300b5d2765641c215ad
321454ada53b9c4f599dac5a6752ce9d1a7bbf1658f2d144f12b9462f02c34c4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/ait-shortcodes/assets/js/rule-btn.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Thu, 17 Sep 2020 14:16:52 GMT
accept-ranges: bytes
content-length: 149
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.js?ver=6.0.3

51.222.78.194

200 OK

40 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.js?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (65325)
Size
40 kB (39939 bytes)
Hash
6d399babb4d84c222c3417d56ef3f961
07ac0e20c5c7fab1ef19ea5c47b6c109487ac8c1
43894d61d9472966ab5ae36c748623d136ed986f94ee30710711b94299daa21c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/js/libs/leaflet/leaflet.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 39939
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.select2-3.5.1.js?ver=6.0.3

51.222.78.194

200 OK

30 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.select2-3.5.1.js?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (11072)
Size
30 kB (30069 bytes)
Hash
1c3ca3aad6432ea5e6c8797f3c2aa339
f5d974f46a1f4775bb4cf8b7a6fa7a292d8d0cbe
891ea511d0b55150b41cf081c6e90242eb6ffe675ef1a5ec630c6d5d8faa77b8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/js/libs/jquery.select2-3.5.1.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30069
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.3

51.222.78.194

200 OK

479 B

URL HTTP/2
kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (1191), with no line terminators
Size
479 B (479 bytes)
Hash
62b3593ce258f7488f936d31b1ab1b6e
34c14a9bf90463e4456add8d8d039453b8bb8b8e
be4b9efdf77f14940f6b8aa22e7287411cf0377f99009d49276b5cfa47c4f3ad

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 18:09:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 479
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/uploads/2015/12/kc-logo.png

51.222.78.194

200 OK

70 kB

URL HTTP/2
kingstonconnections.ca/wp-content/uploads/2015/12/kc-logo.png
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
PNG image data, 475 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
70 kB (69789 bytes)
Hash
1389c607aa6f3627edde37f7b3b4e705
f6079669592d27afcd2c038fd44fcf3d3f10f55f
7685259684a90a73ef02063e3b610b805453afc56def03f9cb90c7a42318a448

HTTP Headers

GET /wp-content/uploads/2015/12/kc-logo.png HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: image/png
last-modified: Tue, 28 Jan 2020 19:40:06 GMT
accept-ranges: bytes
content-length: 69789
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:58:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:58:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

216.58.207.195

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Size
45 kB (45300 bytes)
Hash
5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

HTTP Headers

GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kingstonconnections.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:27:53 GMT
expires: Thu, 02 Nov 2023 19:27:53 GMT
cache-control: public, max-age=31536000
age: 459061
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ptsansnarrow/v17/BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2

216.58.207.195

200 OK

51 kB

URL HTTP/2
fonts.gstatic.com/s/ptsansnarrow/v17/BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 51132, version 1.0\012- data
Size
51 kB (51132 bytes)
Hash
ebf9aaf2e7ed2dc812dcd308b5b807e2
821884be5d80ad6e3310c47ec68a172f3aebfe32
f54e39446dc1a3407191e704a37aa5da2d12fbdeac8842b6c3a5648377f3e688

HTTP Headers

GET /s/ptsansnarrow/v17/BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kingstonconnections.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 51132
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:43:46 GMT
expires: Thu, 02 Nov 2023 19:43:46 GMT
cache-control: public, max-age=31536000
age: 458108
last-modified: Wed, 27 Apr 2022 16:09:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ptsansnarrow/v17/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2

216.58.207.195

200 OK

36 kB

URL HTTP/2
fonts.gstatic.com/s/ptsansnarrow/v17/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 36220, version 1.0\012- data
Size
36 kB (36220 bytes)
Hash
703384eb990fa92cab3b11662e55234f
825232b537f04761e3f866599f3abb7c14d32d60
38ba9bd69a8f6114511656eed8cf0f4e3d45d9e2c9aa0a22fb978d5da5ac250b

HTTP Headers

GET /s/ptsansnarrow/v17/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kingstonconnections.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 36220
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 01:25:09 GMT
expires: Wed, 08 Nov 2023 01:25:09 GMT
cache-control: public, max-age=31536000
age: 5625
last-modified: Wed, 27 Apr 2022 17:03:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:58:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

kingstonconnections.ca/wp-content/uploads/cache/directory2-child/style-4.0.26.1626200761.css?ver=4.0.26.1626200761

51.222.78.194

200 OK

0 B

URL HTTP/2
kingstonconnections.ca/wp-content/uploads/cache/directory2-child/style-4.0.26.1626200761.css?ver=4.0.26.1626200761
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/cache/directory2-child/style-4.0.26.1626200761.css?ver=4.0.26.1626200761 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Tue, 20 Sep 2022 17:50:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 99295
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16

51.222.78.194

200 OK

0 B

URL HTTP/2
kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Tue, 15 Dec 2020 21:31:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 36311
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=PT+Sans%3Aregular%2Citalic%2C700%2C700italic&subset=cyrillic-ext%2Clatin-ext%2Ccyrillic%2Clatin&ver=6.0.3

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=PT+Sans%3Aregular%2Citalic%2C700%2C700italic&subset=cyrillic-ext%2Clatin-ext%2Ccyrillic%2Clatin&ver=6.0.3
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=PT+Sans%3Aregular%2Citalic%2C700%2C700italic&subset=cyrillic-ext%2Clatin-ext%2Ccyrillic%2Clatin&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 08 Nov 2022 02:58:53 GMT
date: Tue, 08 Nov 2022 02:58:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.3

51.222.78.194

200 OK

0 B

URL HTTP/2
kingstonconnections.ca/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Tue, 28 Jan 2020 19:39:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 66776
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (40)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP