r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c7a8ba48383a0e56baca8c8c41b81a04
b04c1f1e730a71f17ff639c9db697c532d4e5421
7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7860552382285E6EDDDDC5226C6F6400CAA3F6FC3CB4B8A2D550C6FC653F78BB"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4592
Expires: Tue, 08 Nov 2022 04:15:23 GMT
Date: Tue, 08 Nov 2022 02:58:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9fd081ea88e8b8563986b3e558496d21
60700393dce5eb42c0db0d5feef340f4832e3c65
d92555957857423ed02f0d0435739bcd40a996591c73f40315564b372f6e2395
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3550
Cache-Control: max-age=117096
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:58:51 GMT
Etag: "6368de76-1d7"
Expires: Wed, 09 Nov 2022 11:30:27 GMT
Last-Modified: Mon, 07 Nov 2022 10:31:18 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9fd081ea88e8b8563986b3e558496d21
60700393dce5eb42c0db0d5feef340f4832e3c65
d92555957857423ed02f0d0435739bcd40a996591c73f40315564b372f6e2395
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2873
Cache-Control: max-age=116420
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:58:51 GMT
Etag: "6368de76-1d7"
Expires: Wed, 09 Nov 2022 11:19:11 GMT
Last-Modified: Mon, 07 Nov 2022 10:31:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d8c32b2fb818533a5b3fe5c69157bde9
93594fd3fc50d9d444c28660eabba1edbe4f0588
df8b8ce7a83d11fbe075c8780103c509654f288b5d757d64b696d861a11f3c7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF8B8CE7A83D11FBE075C8780103C509654F288B5D757D64B696D861A11F3C7F"
Last-Modified: Sun, 06 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10681
Expires: Tue, 08 Nov 2022 05:56:52 GMT
Date: Tue, 08 Nov 2022 02:58:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: XLYbX9FQAIutUQGanAQcN1ugOmiTGiXPMzN5ATkboGNduCWD4mWKTtiUQS49bkm2t2rTlGzF6ZY=
x-amz-request-id: DGGNAA15GCQBF8ZA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 08 Nov 2022 02:11:07 GMT
age: 2864
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 02:58:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6f4643306be10417c47176a6e67306f
940a13818904add9e1cacd12610f37ba1efd7bc5
67e51095b5da59b3eeda8a28c81789e69064a0a19a93347c2fcb05fd4b21e6d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6367
Cache-Control: max-age=114841
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:58:52 GMT
Etag: "6368caa6-1d7"
Expires: Wed, 09 Nov 2022 10:52:53 GMT
Last-Modified: Mon, 07 Nov 2022 09:06:46 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
51.222.78.194301 Moved Permanently 707 B URL HTTP/1.1 kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
IP 51.222.78.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET /ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Tue, 08 Nov 2022 02:58:52 GMT
server: LiteSpeed
location: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
push.services.mozilla.com/
34.213.92.18101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.92.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4uGaPq0WpD6HG0BryA5PaQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0/bQLOgIPP6YJv90uhqLDy80/Lc=
kingstonconnections.ca/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
51.222.78.194200 OK 11 kB URL HTTP/2 kingstonconnections.ca/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 51.222.78.194:0
File type ASCII text, with very long lines (43771)
Hash d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 04:23:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10946
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/plugins/ait-item-extension/design/css/frontend.css?ver=6.0.3
51.222.78.194200 OK 469 B URL HTTP/2 kingstonconnections.ca/wp-content/plugins/ait-item-extension/design/css/frontend.css?ver=6.0.3
IP 51.222.78.194:0
File type ASCII text, with CRLF line terminators
Hash abb72daafd06412efbaceeb36118b962
8c4a495fb293235df932a359a707c7953dc2fa21
4a06056ff568c779f88d5f35ed582255a5602dd602c64754ea91cc171ecf815b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ait-item-extension/design/css/frontend.css?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Thu, 17 Sep 2020 14:16:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 469
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 96791bd486db22c41012d25318835bdf
b32c813f16b84a6b2660bd527843da5e368af8eb
61a4589c35910af9f8d20ff0c7eca296a77a336ab00730573fe9ce7cf2cc72c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:58:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 96791bd486db22c41012d25318835bdf
b32c813f16b84a6b2660bd527843da5e368af8eb
61a4589c35910af9f8d20ff0c7eca296a77a336ab00730573fe9ce7cf2cc72c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:58:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8489
Expires: Tue, 08 Nov 2022 05:20:22 GMT
Date: Tue, 08 Nov 2022 02:58:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8489
Expires: Tue, 08 Nov 2022 05:20:22 GMT
Date: Tue, 08 Nov 2022 02:58:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8489
Expires: Tue, 08 Nov 2022 05:20:22 GMT
Date: Tue, 08 Nov 2022 02:58:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8489
Expires: Tue, 08 Nov 2022 05:20:22 GMT
Date: Tue, 08 Nov 2022 02:58:53 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=PT+Sans+Narrow%3Aregular%2C700&subset=cyrillic-ext%2Clatin-ext%2Ccyrillic%2Clatin&ver=6.0.3
142.250.74.10200 OK 1.0 kB URL HTTP/2 fonts.googleapis.com/css?family=PT+Sans+Narrow%3Aregular%2C700&subset=cyrillic-ext%2Clatin-ext%2Ccyrillic%2Clatin&ver=6.0.3
IP 142.250.74.10:0
Hash 4572af50a00f0b799f659eb7437695e1
e8885128ece18e5ee0e975a4d205dbbd60100f0c
e4ae9d10f64905c39d86019b9bcb1c2e0339ea2ddc7611ed69f376bbda7089ab
GET /css?family=PT+Sans+Narrow%3Aregular%2C700&subset=cyrillic-ext%2Clatin-ext%2Ccyrillic%2Clatin&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 08 Nov 2022 02:58:53 GMT
date: Tue, 08 Nov 2022 02:58:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Q0yZmbExDP4tH0n1n2qj_NR2Mv_y_dsO0LJ1RKZoS6Me-NLbhpUWqw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 09:11:38 GMT
age: 64035
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
51.222.78.194200 OK 848 B URL HTTP/2 kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 51.222.78.194:0
Hash c962ba8e7d42ff9da18392b41dad5151
7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 15:01:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 848
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-includes/css/dashicons.min.css?ver=6.0.3
51.222.78.194200 OK 35 kB URL HTTP/2 kingstonconnections.ca/wp-includes/css/dashicons.min.css?ver=6.0.3
IP 51.222.78.194:0
File type ASCII text, with very long lines (58981)
Hash 54c5bfb8a890d87139d9abfe01662c83
f9eddf5b8a3269e6d6fa40b4f13083705e6267c6
9685e5cabe4efc8c85e986725af8009b306416aad3ecc9086ca5bb12b84ce4ef
GET /wp-includes/css/dashicons.min.css?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Fri, 16 Apr 2021 01:28:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 35110
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a2842fe-964c-4b53-b4d3-d27d8e27debf.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a2842fe-964c-4b53-b4d3-d27d8e27debf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 520aa96c85cf1ae2eb884b3b5e477e30
333347eaa268453c1dfe9dce8b22c4ad193afbc5
df63dc2c0b4f0beeb0f3c9853ad55c25b044121c905e9224ce3243ed24fc44bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a2842fe-964c-4b53-b4d3-d27d8e27debf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12542
x-amzn-requestid: fb3cb1c6-3c15-48ad-9d4c-e3bc6623789b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQA1RE-uoAMFfjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b54-64996d5d788a2fbd3e9350f3;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8OEi5KX_Y37Ac32N61OQCytR389Hd2E6Mf6i29ilENj3I98s6W3IsQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 22:12:03 GMT
age: 17210
etag: "333347eaa268453c1dfe9dce8b22c4ad193afbc5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.3
51.222.78.194200 OK 12 kB URL HTTP/2 kingstonconnections.ca/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.3
IP 51.222.78.194:0
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 89c01460d72cb1ceb3a46b26a5ca1f76
ac2c983903467ac06692603836da52c269d34745
88fe06f32160927f89011be425a89c7bd71b305cbbb14145f9829509f2805897
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Tue, 28 Jan 2020 19:39:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11522
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f82801-6f26-493e-9038-7e48dff62c0b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f82801-6f26-493e-9038-7e48dff62c0b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a141cbda515c166225f5b3b8314dcd03
26f7bacb597a67119bb763d1d03a81a5222a2c91
b375f0cf094cd89cbd52ab013df87f76181a8023715f1ed8b1fe4a20d44f5579
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f82801-6f26-493e-9038-7e48dff62c0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12525
x-amzn-requestid: 0b15f964-6154-44ce-a537-4c8402e387c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bHRLCFBpoAMFsMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365fbe0-177041f7562907be268f5a10;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 06:00:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bWLlArevalY-MpKc8DlT38lwNyHhY8omPAbeGu7kys1QjBwMe-t2IQ==
via: 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 22:13:35 GMT
age: 17118
etag: "26f7bacb597a67119bb763d1d03a81a5222a2c91"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/colorbox/colorbox.min.css?ver=1.4.27
51.222.78.194200 OK 579 B URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/colorbox/colorbox.min.css?ver=1.4.27
IP 51.222.78.194:0
File type ASCII text, with very long lines (2026)
Hash 3fa815f8b4d329936554aab60b74950f
b9c42a52f4849fcdbd1f914c5ccfbed59c7783d6
16ab0fbe01ebbb4096f7dedd182d3fc6de7bd87cd7bf2570d2dc848da1ef6194
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/directory2/ait-theme/assets/colorbox/colorbox.min.css?ver=1.4.27 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 579
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ff4c1be0934222258267f7595f2ecde
5d51855ed7cc6f8cac53eef1730212eb70b28036
49ce70117f2b108ebcff7f8e0ac14b2583eaf6b36a10baff097b35b728ba44d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10781
x-amzn-requestid: c5063271-8b84-41d7-899c-958c135541c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAwTF2cIAMF0DQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b34-6b6018d826efae3e3738a7d9;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tL667rmWZPwJrD76JI5jBbUa3oEwaLZc-A5omJ8WyQMzsxDgIXsQhg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 22:11:08 GMT
etag: "5d51855ed7cc6f8cac53eef1730212eb70b28036"
content-type: image/jpeg
age: 17265
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/ait/element-placeholder.css?ver=4.0.26.1626200761
51.222.78.194200 OK 691 B URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/ait/element-placeholder.css?ver=4.0.26.1626200761
IP 51.222.78.194:0
File type ASCII text, with CRLF line terminators
Hash dc99ade6b7e7b26dff8f4626e6da377a
4a701e3dc636e0ec2b0e67f43d6bdb11bba7b9b2
ce25e81bfbe7e02968361c63df00326fd1668cb3498df766cb08eb1a2342aa98
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/directory2/ait-theme/assets/ait/element-placeholder.css?ver=4.0.26.1626200761 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 691
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/jquery.selectbox.css?ver=6.0.3
51.222.78.194200 OK 549 B URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/jquery.selectbox.css?ver=6.0.3
IP 51.222.78.194:0
File type ASCII text, with CRLF line terminators
Hash d3b3a6bbbe22fa4d9a985e157f4fa421
f63407b315b312eeab49c137d55b8ab487da2371
ad7759b1bce3252b3bfae6f71e0961b99c4346915de6d5a11faf7a8357459c57
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/directory2/design/css/libs/jquery.selectbox.css?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 549
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/jquery.select2-3.5.1.css?ver=6.0.3
51.222.78.194200 OK 3.1 kB URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/jquery.select2-3.5.1.css?ver=6.0.3
IP 51.222.78.194:0
Hash 0a1f5bd82e1d9fdc7dbeacd1a150d28c
02c1d8bfe6e419613f05f950c6f42ed05d4b87ad
c03895b6fe0faf7645510d3e2a13fcbb920bfd025a9d208c08881bf0b196b2f6
GET /wp-content/themes/directory2/design/css/libs/jquery.select2-3.5.1.css?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3124
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 96791bd486db22c41012d25318835bdf
b32c813f16b84a6b2660bd527843da5e368af8eb
61a4589c35910af9f8d20ff0c7eca296a77a336ab00730573fe9ce7cf2cc72c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:58:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f590111-905a-44a3-861d-b8905ff72231.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f590111-905a-44a3-861d-b8905ff72231.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8c1ed79376a3bf9dfc9713189c36039
26ef76be8b675a4eeaf5ee428ee56d1a1181c6af
45f6891db04614dd3309e7951b90fafdac07e57e1932ebda66c852d6f9b65e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f590111-905a-44a3-861d-b8905ff72231.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10719
x-amzn-requestid: 04634220-90c5-403b-a531-c0a984379b33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAKNGK0IAMFxrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a41-543f03665ed83c4e63c47c7b;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:36:01 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: v9dIZZFcHMehw8L-snVwpsfBR6LTznNnMduphX2ddvZ1mQIHqWTjqQ==
via: 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:40:30 GMT
age: 19103
etag: "26ef76be8b675a4eeaf5ee428ee56d1a1181c6af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/font-awesome.css?ver=6.0.3
51.222.78.194200 OK 7.0 kB URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/font-awesome.css?ver=6.0.3
IP 51.222.78.194:0
File type troff or preprocessor input, ASCII text, with very long lines (427)
Hash 40cd109595d6850ecd5db53cec3394c1
bc319f6e8245b4e9304d2ee2eedb4559966a4347
74d649dbc17be479d1777dd51c832bd51d4cc307b016ab64fb19f929e02c4a10
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/directory2/design/css/libs/font-awesome.css?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7008
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53771fc6-60e5-4f18-8cc7-e8411e2b99d5.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53771fc6-60e5-4f18-8cc7-e8411e2b99d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bcff76df653cc2141d328013181ada9e
9343a49b3846f73e34d32a6bc7569a1c67e89894
affab8aead0d38958a7232bb8a866fffdb85b243174968f6b1bea220ae0152d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53771fc6-60e5-4f18-8cc7-e8411e2b99d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5325
x-amzn-requestid: 6fe63702-6974-4a3d-82ba-9636858f1f7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQA1cHPxoAMFjCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b55-593b06387844528377de364d;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: T5totlLjxjd4OgFCxpIYsyz3u5vgI-vJH0qvw7wQ96X_sr8PfMDbbw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:56:33 GMT
etag: "9343a49b3846f73e34d32a6bc7569a1c67e89894"
content-type: image/jpeg
age: 18140
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/MarkerCluster.Default.css?ver=6.0.3
51.222.78.194200 OK 331 B URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/MarkerCluster.Default.css?ver=6.0.3
IP 51.222.78.194:0
Hash 41e54e32115609fac2215b71dd73bf24
7074a79b4418c48d9d17a915aaf43574567af450
6dfaf1394cfa3cfcca3a62c489d331cb98aa8aae5c29cd0d9da76ac86a42cedf
GET /wp-content/themes/directory2/design/css/libs/leaflet/MarkerCluster.Default.css?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 331
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
51.222.78.194404 Not Found 16 kB URL HTTP/2 kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
IP 51.222.78.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash f0fcca835ad37b328f9db6bc217812ef
eb2a7780e6c0a06c26b60bfa030dc3a8ec9382cc
91ffdfddc49e2dc34ba314fb5e1f19603091425872d7d53d27ec7a585843f1fc
Analyzer Verdict Alert fortinet Phishing
GET /ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://kingstonconnections.ca/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/leaflet.css?ver=6.0.3
51.222.78.194200 OK 3.1 kB URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/leaflet.css?ver=6.0.3
IP 51.222.78.194:0
File type ASCII text, with CRLF line terminators
Hash 5507585fdfa3f48b9ba06acc9a3a6072
ff99dc58cc025345b8d59ff790fb983b36b167cc
9d561bf9d7a7935b8141f19e1bd7b6271ebd699667a6c80839e16a611b7926d9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/directory2/design/css/libs/leaflet/leaflet.css?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3062
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/elements/search-form/design/css/base-style.css?ver=6.0.3
51.222.78.194200 OK 27 B URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/ait-theme/elements/search-form/design/css/base-style.css?ver=6.0.3
IP 51.222.78.194:0
File type ASCII text, with CRLF line terminators
Hash 451a865ab7f4b7d884ba2297090e92f2
a400b61b6ba6387fa62842ae801339171c98bcba
16eb23976764966ef5f3d2d2b17ff8cfeb1892ed84edcbae61362d7fe36877e4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/directory2/ait-theme/elements/search-form/design/css/base-style.css?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-length: 27
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/jquery-ui-css/jquery-ui.css?ver=1.8.24
51.222.78.194200 OK 5.5 kB URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/jquery-ui-css/jquery-ui.css?ver=1.8.24
IP 51.222.78.194:0
File type ASCII text, with very long lines (1399)
Hash 96121df13c6e35e4f8063ae6ce8ad8fe
9f63f124b7707cfc4d0f31d0cc30dcb19f4fabe5
2fa76f2ed3cc00fefe286ff0b0822025be03d4bd135a2affbea49bce44aabee1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/directory2/ait-theme/assets/jquery-ui-css/jquery-ui.css?ver=1.8.24 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5498
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
51.222.78.194200 OK 2.8 kB URL HTTP/2 kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP 51.222.78.194:0
File type ASCII text, with very long lines (9680), with no line terminators
Hash 8a91034fce0e4a2464d2170d38d31382
f00c20cfcbd136ee9aa20d07085c10f470548fe4
1a8f0bcd2b76caf977b08ed30bdd29eb77405ca4c1fe2315b41f8fe2542f1528
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 15:01:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2799
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/uploads/cache/directory2-child/preloading-4.0.26.1626200761.css?ver=4.0.26.1626200761
51.222.78.194200 OK 6.0 kB URL HTTP/2 kingstonconnections.ca/wp-content/uploads/cache/directory2-child/preloading-4.0.26.1626200761.css?ver=4.0.26.1626200761
IP 51.222.78.194:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash cf02b5759aff578ad2d8c36696fb34cf
3b02b4acb35307aafbd821922881ff5f71c06e0a
fad8c331d45ff46845abfedf4d4397ff14f2d04663103d8bbef3adfed7e2dd8e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/cache/directory2-child/preloading-4.0.26.1626200761.css?ver=4.0.26.1626200761 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Tue, 20 Sep 2022 17:50:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5981
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/elements/header-map/design/css/base-style.css?ver=6.0.3
51.222.78.194200 OK 167 B URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/ait-theme/elements/header-map/design/css/base-style.css?ver=6.0.3
IP 51.222.78.194:0
File type ASCII text, with CRLF line terminators
Hash 9bbbef55a46d98eba46962413ad4bf67
ce90377f42bfacb3a0020a227af26153619583b2
71b48802321a95504b37856b24f30228d0a878f9aa1eab09251aced06af2db4e
GET /wp-content/themes/directory2/ait-theme/elements/header-map/design/css/base-style.css?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-length: 167
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/uploads/cache/directory2-child/base-4.0.26.1626200761.css?ver=4.0.26.1626200761
51.222.78.194200 OK 42 B URL HTTP/2 kingstonconnections.ca/wp-content/uploads/cache/directory2-child/base-4.0.26.1626200761.css?ver=4.0.26.1626200761
IP 51.222.78.194:0
File type ASCII text, with no line terminators
Hash 7b5c559e947c71c87e7aa0f2c25b1f3b
f4b49897b2c7d52599e0a4c1385ad53082a3531c
c9cc029c2488498fa7ed479fb67d4920b268b585545cdd856bd041c8649e4a04
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/cache/directory2-child/base-4.0.26.1626200761.css?ver=4.0.26.1626200761 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Tue, 20 Sep 2022 17:50:24 GMT
accept-ranges: bytes
content-length: 42
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/uploads/cache/directory2-child/typography-4.0.26.1626200761-en_US.css?ver=4.0.26.1626200761
51.222.78.194200 OK 4.8 kB URL HTTP/2 kingstonconnections.ca/wp-content/uploads/cache/directory2-child/typography-4.0.26.1626200761-en_US.css?ver=4.0.26.1626200761
IP 51.222.78.194:0
File type ASCII text, with very long lines (50085), with no line terminators
Hash 23b15bce1c17122123d35e619b7c5980
c7a87988c9e0047ef5970bc53cab6bc044e5730b
0c1ad851bff330cc6150ca38245f2a71e7f4baf6feadec6fb038c952c0f2d96f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/cache/directory2-child/typography-4.0.26.1626200761-en_US.css?ver=4.0.26.1626200761 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Tue, 20 Sep 2022 17:50:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4752
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
51.222.78.194200 OK 3.7 kB URL HTTP/2 kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 51.222.78.194:0
File type HTML document, ASCII text, with very long lines (12211), with no line terminators
Hash b3777786fbf0ac18aa59c687154a9db8
3f24b0cfae49dc3e70f149edaf203a661cd59c88
8e3993f3b5eb33611a7c40d80d1cb048b4329ebb9ad0d9e8eb583e48fda70bb5
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 15:01:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3689
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-includes/js/underscore.min.js?ver=1.13.3
51.222.78.194200 OK 7.2 kB URL HTTP/2 kingstonconnections.ca/wp-includes/js/underscore.min.js?ver=1.13.3
IP 51.222.78.194:0
File type ASCII text, with very long lines (18876)
Hash 8f44fac7de7704cc9c42ca9cf95071b8
1fa95065580a736700586a6c6ba1e0c3304d301c
89d8fb5c9897186f5d8295777f8eecd5c9a8ec5a40b0e01b9afe3e6ff851a4a1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/underscore.min.js?ver=1.13.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 18:09:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7176
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/plugins/popslide/assets/js/front.js
51.222.78.194200 OK 792 B URL HTTP/2 kingstonconnections.ca/wp-content/plugins/popslide/assets/js/front.js
IP 51.222.78.194:0
File type ASCII text, with CRLF line terminators
Hash aaa06787ae4ea91535efa202e2932b35
9787b1808d5af3edcef268d8694b3e2292e83f8c
de945d8a217f77be3869a0c8f5d3533bf253708e40ff66cef6e85c204712116e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/popslide/assets/js/front.js HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Thu, 26 Mar 2020 13:48:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 792
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/leaflet-gesture-handling.min.css?ver=6.0.3
51.222.78.194200 OK 320 B URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/leaflet-gesture-handling.min.css?ver=6.0.3
IP 51.222.78.194:0
File type ASCII text, with very long lines (1022), with no line terminators
Hash 7f6c29c6cdd42f98a89d9c137b0aac57
b2fecb4e878774d771c1907e4503197e8fc98cd9
2c8bbecaa816f5e5e0ff316fa6e0087f4611a1349bf6f6c14da1e1b2e23f8499
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/directory2/design/css/libs/leaflet/leaflet-gesture-handling.min.css?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 320
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/ait/ait.js?ver=4.0.26.1626200761
51.222.78.194200 OK 1.3 kB URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/ait/ait.js?ver=4.0.26.1626200761
IP 51.222.78.194:0
File type ASCII text, with very long lines (396)
Hash e98d38dbd6b1de4f531a020308ccc8f4
1b7abae2e9e24be4de21a8450c7316a457c8ae03
76e73a889d5aa4e92c03ff6946bd2802fe80678600f54394582a525c0f6fc12e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/directory2/ait-theme/assets/ait/ait.js?ver=4.0.26.1626200761 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1301
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/colorbox/jquery.colorbox.min.js?ver=1.4.27
51.222.78.194200 OK 4.5 kB URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/colorbox/jquery.colorbox.min.js?ver=1.4.27
IP 51.222.78.194:0
File type ASCII text, with very long lines (11887)
Hash 65d669ec0b59ad7d2040d842c0b7a138
e5eb7828252dac354af8a3e21048b01a5e03fed7
adc999c096832cee4900be483e1aa5aa360994d89785f2ab9b123d90b716734e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/directory2/ait-theme/assets/colorbox/jquery.colorbox.min.js?ver=1.4.27 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4463
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/plugins/popslide/assets/js/jquery.cookie.min.js
51.222.78.194200 OK 600 B URL HTTP/2 kingstonconnections.ca/wp-content/plugins/popslide/assets/js/jquery.cookie.min.js
IP 51.222.78.194:0
File type ASCII text, with very long lines (1285), with no line terminators
Hash cf6db9095d99c3a903b9c45b33bfeba7
969effee72715014cad403163ef6e172a653224c
193da8104086306ee6ca5b44e03f54e5b0cd3d8230caf5bad05edbf306eebd5a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/popslide/assets/js/jquery.cookie.min.js HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Thu, 26 Mar 2020 13:48:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 600
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
51.222.78.194200 OK 4.0 kB URL HTTP/2 kingstonconnections.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 51.222.78.194:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Tue, 15 Dec 2020 21:31:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.selectbox-0.2.js?ver=6.0.3
51.222.78.194200 OK 3.7 kB URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.selectbox-0.2.js?ver=6.0.3
IP 51.222.78.194:0
File type ASCII text, with CRLF line terminators
Hash fe20db7ff1d6f533a5279598b65f6d78
fa675d5759cfe2a5d946f5cd78a264c9567213d7
feec72f60b44f846064f7a3603cc51bea78c6d62dd770bae0b4a8a72af7775ca
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/directory2/design/js/libs/jquery.selectbox-0.2.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3702
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
51.222.78.194200 OK 30 kB URL HTTP/2 kingstonconnections.ca/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 51.222.78.194:0
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 12:06:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
51.222.78.194200 OK 50 kB URL HTTP/2 kingstonconnections.ca/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
IP 51.222.78.194:0
File type ASCII text, with very long lines (32017), with CRLF line terminators
Hash 12ee1cc38870cd33b736f5a03a213de8
32e13b34e228e12ef6e3afcfcfa57cfb92d632ff
629c9a0ac8f73997327bfe37312e363e461ab8c1d8ac1c112b2d2f2eed814dee
GET /wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Tue, 28 Jan 2020 19:39:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 50040
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.raty-2.5.2.js?ver=6.0.3
51.222.78.194200 OK 3.7 kB URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.raty-2.5.2.js?ver=6.0.3
IP 51.222.78.194:0
Hash 73e29207c75b19b267ca486d698dd720
43e7446c71b8e719d1bdbecbc70de0ac40068293
fbd3e58109517198c4ce2045f912780f7c9c23ab7629be54abc753eaba899c96
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/directory2/design/js/libs/jquery.raty-2.5.2.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3711
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery-waypoints-2.0.3.js?ver=6.0.3
51.222.78.194200 OK 3.4 kB URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery-waypoints-2.0.3.js?ver=6.0.3
IP 51.222.78.194:0
Hash 3c1e9a8ee6422e73b156bbe79beedbc7
56d39626241423beb358d455c60a1da7a831a847
5e51cb02940d689e397ee51e1269cf7d58e980eda3cdb002c655a41ea0b78945
GET /wp-content/themes/directory2/design/js/libs/jquery-waypoints-2.0.3.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3446
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.markercluster.js?ver=6.0.3
51.222.78.194200 OK 8.5 kB URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.markercluster.js?ver=6.0.3
IP 51.222.78.194:0
File type ASCII text, with very long lines (32045)
Hash c60b5e3a8d131299c4da83e4b367490d
2b215d63e3a933ee25d9551b68defcf9986d2497
0412440f0d70391630d734199065569329db8dd6c0d7b067287de4199e6546da
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/directory2/design/js/libs/leaflet/leaflet.markercluster.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8465
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1
51.222.78.194200 OK 2.6 kB URL HTTP/2 kingstonconnections.ca/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1
IP 51.222.78.194:0
File type ASCII text, with very long lines (8632)
Hash d907b8e007d5ed72022815b9ccc95f11
e77303ded461745c207af9d76cf91c8b32a46e3e
a90b61a5e379b42615eebab01de76934200af87a50bd10c7f78690ee210d6c83
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 18:09:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2645
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/bxslider/jquery.bxslider.min.js?ver=4.1.2
51.222.78.194200 OK 4.9 kB URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/bxslider/jquery.bxslider.min.js?ver=4.1.2
IP 51.222.78.194:0
File type ASCII text, with very long lines (19040)
Hash d2c26da9ce67516d1c19f4896b5b9c41
1979bb8c67596d0edd349d2209cb65110beea664
deef64f20a8ad1238a721449bc80cfb2e1a41cfe0085e5fe23b3562a108c1d92
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/directory2/ait-theme/assets/bxslider/jquery.bxslider.min.js?ver=4.1.2 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4925
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet-gesture-handling.min.js?ver=6.0.3
51.222.78.194200 OK 6.1 kB URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet-gesture-handling.min.js?ver=6.0.3
IP 51.222.78.194:0
File type Unicode text, UTF-8 text, with very long lines (14650)
Hash 84fbf0f521f3b26eea0a5f3043016045
0876751eb39f1c178b8077d697afcbfa2ea9a4ae
5f4bcfd711a6aeaa175e610fd38462776391a1c9f87a62d9e097a4e8c3e21a38
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/directory2/design/js/libs/leaflet/leaflet-gesture-handling.min.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6097
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/design/js/mobile.js?ver=6.0.3
51.222.78.194200 OK 430 B URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/design/js/mobile.js?ver=6.0.3
IP 51.222.78.194:0
Hash d5e50f7c323d8e0fe2149738098de3ec
ae3c8dc6ecbfed68f36004500fa96029a7c64015
4eccb16db8a3d83d171756528ddd1526231ef8fa680f5210e8f2a59559ca3401
GET /wp-content/themes/directory2/design/js/mobile.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 430
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/design/js/custom.js?ver=6.0.3
51.222.78.194200 OK 2.1 kB URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/design/js/custom.js?ver=6.0.3
IP 51.222.78.194:0
Hash 65006712cde9e7d61282a256055462b6
82656441a8161d29a8509008fbafbf114e5c0b59
ab4b0e6ba7a8ab9e74669134308d39d76ba95026ee9ac6288fd0fb7ae3801849
GET /wp-content/themes/directory2/design/js/custom.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2140
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/design/js/script.js?ver=6.0.3
51.222.78.194200 OK 1.4 kB URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/design/js/script.js?ver=6.0.3
IP 51.222.78.194:0
File type ASCII text, with CRLF line terminators
Hash 3260682397d5fe5c933668ba7cfdab43
0d0276585a1206e9cd06f8f944f9ae128ccf1919
9c0d35a40f8d44d32e97fb3995f4797640465d79e1bce7d670e32b4de9ba1ca7
GET /wp-content/themes/directory2/design/js/script.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1409
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/modernizr/modernizr.touch.js?ver=2.6.2
51.222.78.194200 OK 1.4 kB URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/modernizr/modernizr.touch.js?ver=2.6.2
IP 51.222.78.194:0
File type ASCII text, with very long lines (3173)
Hash 25cf9696e54a12b10205980c6d9cfd26
d199bdb2e9a733a880ab07aa06d1a6c9c0acded9
e2f531fc851a3194d139898dc7d0e3ca00609a491ebd740b028ed9c30ba09c62
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/directory2/ait-theme/assets/modernizr/modernizr.touch.js?ver=2.6.2 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1416
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/design/js/portfolio-item.js?ver=6.0.3
51.222.78.194200 OK 715 B URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/design/js/portfolio-item.js?ver=6.0.3
IP 51.222.78.194:0
Hash 445f9be76c2f2ffdcb4356146ccfa06f
dca44440d94c86143629f94b3f13aa7162d30c29
e25ca8c246066bf9424ee935981838821e3c34a940337fe1cd7f358f45376c90
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/directory2/design/js/portfolio-item.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 715
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.infieldlabel-0.1.4.js?ver=6.0.3
51.222.78.194200 OK 1.9 kB URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.infieldlabel-0.1.4.js?ver=6.0.3
IP 51.222.78.194:0
Hash 47112cf8265967d094a5ce5997495377
e2915f9ca6940057d72b324a26d0f8ab7f38dbda
f9921430b02661051ba14c9e08bfe481762d6d4dd583b96d9324ae0eb635301c
GET /wp-content/themes/directory2/design/js/libs/jquery.infieldlabel-0.1.4.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1862
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.3
51.222.78.194200 OK 392 B URL HTTP/2 kingstonconnections.ca/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.3
IP 51.222.78.194:0
File type HTML document, ASCII text, with very long lines (906), with no line terminators
Hash 200d0ec78a54a35bb97450e75bddfe52
25a0c90e7c2a7f49b4d5abf3165eb2d03849c2cb
9555fae27002a4036ca476b62143a67552e3870a1ff46c5869611b5edbe1deac
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Thu, 04 Feb 2021 01:24:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 392
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/design/js/menu.js?ver=6.0.3
51.222.78.194200 OK 2.5 kB URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/design/js/menu.js?ver=6.0.3
IP 51.222.78.194:0
Hash 6ed61bacc4629f8000fa292c007b394f
aae08a186c61fcefafaa3c429d254391bb56a9a6
d42146f08f70d3acf7de452f9b84e8839265c5b81a05ced3545310b02fced9cd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/directory2/design/js/menu.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2470
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/plugins/ait-shortcodes/assets/js/rule-btn.js?ver=6.0.3
51.222.78.194200 OK 149 B URL HTTP/2 kingstonconnections.ca/wp-content/plugins/ait-shortcodes/assets/js/rule-btn.js?ver=6.0.3
IP 51.222.78.194:0
Hash d59f6a8bcae31d209e5e8c4ce55c67f6
a3bf29f507f7015a58e51300b5d2765641c215ad
321454ada53b9c4f599dac5a6752ce9d1a7bbf1658f2d144f12b9462f02c34c4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ait-shortcodes/assets/js/rule-btn.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Thu, 17 Sep 2020 14:16:52 GMT
accept-ranges: bytes
content-length: 149
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.js?ver=6.0.3
51.222.78.194200 OK 40 kB URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.js?ver=6.0.3
IP 51.222.78.194:0
File type ASCII text, with very long lines (65325)
Hash 6d399babb4d84c222c3417d56ef3f961
07ac0e20c5c7fab1ef19ea5c47b6c109487ac8c1
43894d61d9472966ab5ae36c748623d136ed986f94ee30710711b94299daa21c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/directory2/design/js/libs/leaflet/leaflet.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 39939
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.select2-3.5.1.js?ver=6.0.3
51.222.78.194200 OK 30 kB URL HTTP/2 kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.select2-3.5.1.js?ver=6.0.3
IP 51.222.78.194:0
File type ASCII text, with very long lines (11072)
Hash 1c3ca3aad6432ea5e6c8797f3c2aa339
f5d974f46a1f4775bb4cf8b7a6fa7a292d8d0cbe
891ea511d0b55150b41cf081c6e90242eb6ffe675ef1a5ec630c6d5d8faa77b8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/directory2/design/js/libs/jquery.select2-3.5.1.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30069
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.3
51.222.78.194200 OK 479 B URL HTTP/2 kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.3
IP 51.222.78.194:0
File type ASCII text, with very long lines (1191), with no line terminators
Hash 62b3593ce258f7488f936d31b1ab1b6e
34c14a9bf90463e4456add8d8d039453b8bb8b8e
be4b9efdf77f14940f6b8aa22e7287411cf0377f99009d49276b5cfa47c4f3ad
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 18:09:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 479
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/uploads/2015/12/kc-logo.png
51.222.78.194200 OK 70 kB URL HTTP/2 kingstonconnections.ca/wp-content/uploads/2015/12/kc-logo.png
IP 51.222.78.194:0
File type PNG image data, 475 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 1389c607aa6f3627edde37f7b3b4e705
f6079669592d27afcd2c038fd44fcf3d3f10f55f
7685259684a90a73ef02063e3b610b805453afc56def03f9cb90c7a42318a448
GET /wp-content/uploads/2015/12/kc-logo.png HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: image/png
last-modified: Tue, 28 Jan 2020 19:40:06 GMT
accept-ranges: bytes
content-length: 69789
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:58:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:58:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Hash 5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kingstonconnections.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:27:53 GMT
expires: Thu, 02 Nov 2023 19:27:53 GMT
cache-control: public, max-age=31536000
age: 459061
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsansnarrow/v17/BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2
216.58.207.195200 OK 51 kB URL HTTP/2 fonts.gstatic.com/s/ptsansnarrow/v17/BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 51132, version 1.0\012- data
Hash ebf9aaf2e7ed2dc812dcd308b5b807e2
821884be5d80ad6e3310c47ec68a172f3aebfe32
f54e39446dc1a3407191e704a37aa5da2d12fbdeac8842b6c3a5648377f3e688
GET /s/ptsansnarrow/v17/BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kingstonconnections.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 51132
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:43:46 GMT
expires: Thu, 02 Nov 2023 19:43:46 GMT
cache-control: public, max-age=31536000
age: 458108
last-modified: Wed, 27 Apr 2022 16:09:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsansnarrow/v17/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2
216.58.207.195200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/ptsansnarrow/v17/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 36220, version 1.0\012- data
Hash 703384eb990fa92cab3b11662e55234f
825232b537f04761e3f866599f3abb7c14d32d60
38ba9bd69a8f6114511656eed8cf0f4e3d45d9e2c9aa0a22fb978d5da5ac250b
GET /s/ptsansnarrow/v17/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kingstonconnections.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 36220
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 01:25:09 GMT
expires: Wed, 08 Nov 2023 01:25:09 GMT
cache-control: public, max-age=31536000
age: 5625
last-modified: Wed, 27 Apr 2022 17:03:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:58:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kingstonconnections.ca/wp-content/uploads/cache/directory2-child/style-4.0.26.1626200761.css?ver=4.0.26.1626200761
51.222.78.194200 OK 0 B URL HTTP/2 kingstonconnections.ca/wp-content/uploads/cache/directory2-child/style-4.0.26.1626200761.css?ver=4.0.26.1626200761
IP 51.222.78.194:0
GET /wp-content/uploads/cache/directory2-child/style-4.0.26.1626200761.css?ver=4.0.26.1626200761 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: text/css
last-modified: Tue, 20 Sep 2022 17:50:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 99295
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
51.222.78.194200 OK 0 B URL HTTP/2 kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
IP 51.222.78.194:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Tue, 15 Dec 2020 21:31:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 36311
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=PT+Sans%3Aregular%2Citalic%2C700%2C700italic&subset=cyrillic-ext%2Clatin-ext%2Ccyrillic%2Clatin&ver=6.0.3
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=PT+Sans%3Aregular%2Citalic%2C700%2C700italic&subset=cyrillic-ext%2Clatin-ext%2Ccyrillic%2Clatin&ver=6.0.3
IP 142.250.74.10:0
GET /css?family=PT+Sans%3Aregular%2Citalic%2C700%2C700italic&subset=cyrillic-ext%2Clatin-ext%2Ccyrillic%2Clatin&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 08 Nov 2022 02:58:53 GMT
date: Tue, 08 Nov 2022 02:58:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kingstonconnections.ca/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.3
51.222.78.194200 OK 0 B URL HTTP/2 kingstonconnections.ca/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.3
IP 51.222.78.194:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:58:53 GMT
content-type: application/javascript
last-modified: Tue, 28 Jan 2020 19:39:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 66776
date: Tue, 08 Nov 2022 02:58:53 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2