Report - kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php

Report Overview

Submitted URL
kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
IP
51.222.78.194
ASN
#16276 OVH SAS
Submitted
2022-12-15 03:03:05
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
78

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-09T06:38:59Z	1.5 kB	136 kB	216.58.207.227
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	2.0 kB	5.3 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T05:22:46Z	341 B	759 B	93.184.220.29
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-09T06:38:15Z	972 B	8.2 kB	142.250.74.106
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T05:09:25Z	2.7 kB	38 kB	34.120.237.76
kingstonconnections.ca	unknown	2016-11-21T14:46:29Z	2022-12-15T04:03:08Z	29 kB	559 kB	51.222.78.194
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	606 B	127 B	34.215.56.181
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	2.4 kB	4.9 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-15	medium	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	Phishing
2022-12-15	medium	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-includes/css/classic-themes.min.css?ver=1	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/plugins/ait-item-extension/design/css/frontend.css?ver=6.1.1	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/colorbox/colorbox.min.css?ver=1.4.27	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/ait/element-placeholder.css?ver=4.0.26.1626200761	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/jquery.selectbox.css?ver=6.1.1	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/leaflet.css?ver=6.1.1	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/font-awesome.css?ver=6.1.1	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/uploads/cache/directory2-child/base-4.0.26.1626200761.css?ver=4.0.26.1626200761	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/MarkerCluster.css?ver=6.1.1	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/elements/search-form/design/css/base-style.css?ver=6.1.1	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/jquery-ui-css/jquery-ui.css?ver=1.8.24	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/leaflet-gesture-handling.min.css?ver=6.1.1	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/uploads/cache/directory2-child/preloading-4.0.26.1626200761.css?ver=4.0.26.1626200761	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/uploads/cache/directory2-child/typography-4.0.26.1626200761-en_US.css?ver=4.0.26.1626200761	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/colorbox/jquery.colorbox.min.js?ver=1.4.27	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/plugins/popslide/assets/js/jquery.cookie.min.js	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-includes/js/underscore.min.js?ver=1.13.4	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/plugins/popslide/assets/js/front.js	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.3	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.selectbox-0.2.js?ver=6.1.1	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.raty-2.5.2.js?ver=6.1.1	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.markercluster.js?ver=6.1.1	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/themes/directory2/design/js/menu.js?ver=6.1.1	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet-gesture-handling.min.js?ver=6.1.1	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/themes/directory2/design/js/portfolio-item.js?ver=6.1.1	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/modernizr/modernizr.touch.js?ver=2.6.2	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/bxslider/jquery.bxslider.min.js?ver=4.1.2	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/plugins/ait-shortcodes/assets/js/rule-btn.js?ver=6.1.1	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.select2-3.5.1.js?ver=6.1.1	Phishing
2022-12-15	medium	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.js?ver=6.1.1	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (42)

	URL	Size	First Seen	Last Seen
	kingstonconnections.ca/wp-content/plugins/popslide/assets/js/jquery.cookie.min.js	1.3 kB	2023-03-09	2024-01-03
Pretty URL kingstonconnections.ca/wp-content/plugins/popslide/assets/js/jquery.cookie.min.js IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:38:28 Last Seen2024-01-03 14:25:12 Times Seen15 Hash c9eef727053e5fa5f4da1a259b68b019 2890d34d2e16bd9a3b22f52063502d2a20d36312 2948bdabb34333fb333a64321b1a1a29d3aea5eefae9033c8ec37a7a561f5b7f Loading...

	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/colorbox/jquery.colorbox.min.js?ver=1.4.27	12 kB	2023-03-07	2024-05-11
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/colorbox/jquery.colorbox.min.js?ver=1.4.27 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:22 Last Seen2024-05-11 00:02:46 Times Seen3691 Hash 663dd01c8e3859c4aa97cf088c49a64e 4181716dabb9a951a17bfa6e3a03f48ad17e016f 41bc4d4fe88139d6ee89abfcb2abac71e1430d85dbffc0be7c8f6bd36f4ced7e Loading...

	kingstonconnections.ca/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2	8.8 kB	2023-03-08	2024-05-09
Pretty URL kingstonconnections.ca/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:32 Last Seen2024-05-09 17:03:39 Times Seen916 Hash 89a5cf06fc7dd77902474cb1ffe4a428 474e8b42319320197c4b85f4dfc12818e9abb5ba 04e009a731cacdb72b79de34d2cb88c364ec1c60ccaa1c163b617fed2b6b9198 Loading...

	kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17	158 kB	2023-03-08	2024-05-11
Pretty URL kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:25 Last Seen2024-05-11 00:58:36 Times Seen10394 Hash e53ec3d6e21be78115810135f5e956fe 523892839b88351523e0498ba881c4431197b54e b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f Loading...

	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	11 kB	2023-03-09	2023-03-17
Pretty URL kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:38:28 Last Seen2023-03-17 10:34:43 Times Seen1 Hash cabe6642e6aa25d6ad41c16e37f6a916 296dc77f37b60f09c445bb0a789026ef967be0ed dee80caf0f0d9049a4582f10d03222c19ccba67a4a21ce769c755768bef598e9 Loading...

	kingstonconnections.ca/wp-content/plugins/popslide/assets/js/front.js	2.7 kB	2023-03-09	2024-01-03
Pretty URL kingstonconnections.ca/wp-content/plugins/popslide/assets/js/front.js IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:38:28 Last Seen2024-01-03 14:25:13 Times Seen15 Hash 3ff927be3c0ffb476485dc19873ea4da 63238214c21e46b890f1d5948ccdc0be39cc2528 014cb59a604de951cce7f410857e5eef80b2b2cf2a9dbcfacce5c0f2bea7157b Loading...

	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	2.2 kB	2023-03-09	2023-03-11
Pretty URL kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:38:28 Last Seen2023-03-11 23:19:21 Times Seen1 Hash 5c3a22ae2c1c4955c0be553d387ca9ff bf9cc4cae950496a1c045eaa9f6060781d384d3b 887f25a12489681d86bdf80150125564d539e09b08426147889c051823d5bb41 Loading...

	kingstonconnections.ca/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0	151 kB	2023-03-07	2024-04-29
Pretty URL kingstonconnections.ca/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:48 Last Seen2024-04-29 02:06:47 Times Seen929 Hash c15dcd71fd8c45d9e9b4d6ddb498ac14 1c8553e2770a6708586d6f3da58cf3416d4b3beb 0a79ae4b9e359eb359db5e9c4ee6abd91a0cd514eabdeac0c44b2f1c2bac1c40 Loading...

	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	576 B	2023-03-09	2023-03-11
Pretty URL kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:38:29 Last Seen2023-03-11 23:19:21 Times Seen1 Hash b782b468430b5da38c501fcd0e0db292 34b92bdc90d81fc70908f11426ed8057c237154a c4f3d6ad71887417fa13432b8fc981f66cadfc0d6d5aff7f583359a6caa21d52 Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.js?ver=6.1.1	143 kB	2023-03-07	2024-04-16
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.js?ver=6.1.1 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:45 Last Seen2024-04-16 08:11:10 Times Seen74 Hash 3d572837c18a377367dbcf67427f6fc5 ed42c792a635e57d5d3da311bc2be43be59dc58a 24e9ec66cdbc367cdf424561c6d266a9d6a562417f7a39985970fffef1738160 Loading...

	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/ait/ait.js?ver=4.0.26.1626200761	3.7 kB	2023-03-07	2024-05-10
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/ait/ait.js?ver=4.0.26.1626200761 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:09 Last Seen2024-05-10 19:35:32 Times Seen39 Hash 8e6446daabdad87bf25e5dc67ada4768 793c55d7f66c44820a2f6809f5fa10c7f5269ff3 4b52e1de111fbeb4a545d0846e07738c6e1a7f49222fe4ceba3868622e4f8b62 Loading...

	kingstonconnections.ca/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-05-10
Pretty URL kingstonconnections.ca/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-10 20:32:53 Times Seen38257 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.markercluster.js?ver=6.1.1	34 kB	2023-03-07	2024-05-07
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.markercluster.js?ver=6.1.1 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:57 Last Seen2024-05-07 11:24:12 Times Seen448 Hash ee8d78836d0d718b2b6d39ef60e03181 9e22ebf6b48ac0839d8a7dd5c0795c0dd541fdf4 58be871df61f6c512464e15db0941e63b9491bf1396a2ae3bea6f39e0854cd1c Loading...

	kingstonconnections.ca/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	21 kB	2023-03-08	2024-05-09
Pretty URL kingstonconnections.ca/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-05-09 23:11:38 Times Seen9848 Hash 034bd11ecaf6fb9240d905245e42e202 ff136c394ed95badfc0107fb98a890dcff642828 ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651 Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/custom.js?ver=6.1.1	8.0 kB	2023-03-07	2023-10-30
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/custom.js?ver=6.1.1 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:09 Last Seen2023-10-30 11:29:52 Times Seen5 Hash c6c651ee20509c469ef745125d43223e 7a9a029d6c289509b7afe3ada192862f65e62355 8f222bb9558651840a99c3e22fee4a5046f1e0b35ce710a4d771209cb9c88cf4 Loading...

	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/bxslider/jquery.bxslider.min.js?ver=4.1.2	19 kB	2023-03-07	2024-05-10
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/bxslider/jquery.bxslider.min.js?ver=4.1.2 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:11 Last Seen2024-05-10 19:35:33 Times Seen4442 Hash 697d69a48e5356f7106e38c09f7f19e0 b57160771fa597a5b56c5b12756c693e4829be07 bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e Loading...

	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	1.2 kB	2023-03-09	2024-01-19
Pretty URL kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:38:29 Last Seen2024-01-19 09:20:44 Times Seen2 Hash f8bab23bceec17542162123706f0e651 e27f1712049d0022f761bc961bddf02f0f32205c 03a2979fc00b697ba8e1ae0761a8d75f1f6635f2ab927d14b47bdcf75e51959f Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/mobile.js?ver=6.1.1	1.1 kB	2023-03-07	2024-05-01
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/mobile.js?ver=6.1.1 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:08 Last Seen2024-05-01 13:59:54 Times Seen23 Hash 6a40175a3c0bc944ca99e97111807e65 2bdb08ee1d9b3c5316e683567618b867f79a8e26 d309655a18b2fa5a0082de544c5575aad2e11cac6bcfeeff147359373105358b Loading...

	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	2.4 kB	2023-03-07	2024-05-10
Pretty URL kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:59 Last Seen2024-05-10 23:57:02 Times Seen3826 Hash 49f89aeeb8e861051ed61fc00d636b9b 9077f9d9ebc3b661bb3a81161c6a4e2de2531231 4190f2c4f25f9a34cbbfdb92f91a25359570d773ef7cff97c924e224ad877759 Loading...

	kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4	9.9 kB	2023-03-08	2024-05-09
Pretty URL kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:19 Last Seen2024-05-09 06:33:35 Times Seen3152 Hash dc74c9954b1944928eca0172c3b8c6b3 e9e00e587e0e28491b69563b4e768945ff2e0ed5 d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b Loading...

	unknown	0 B	2023-03-07	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 04:06:29 Times Seen37534499 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.raty-2.5.2.js?ver=6.1.1	16 kB	2023-03-07	2024-05-10
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.raty-2.5.2.js?ver=6.1.1 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:08 Last Seen2024-05-10 19:35:32 Times Seen48 Hash a71085e76574b771998680d759ae9c0b 5d9402529bb8ec91f3154f26a47ad683651a93da 855eb665ef63b789dbdc5912dbd26fde90e540306068a30dee538ac166d6c555 Loading...

	kingstonconnections.ca/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1	906 B	2023-03-07	2024-05-10
Pretty URL kingstonconnections.ca/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:59 Last Seen2024-05-10 04:43:18 Times Seen3904 Hash 2c6d3b562a48e0df5474999dd47e58fb 945220e990eb176c14e53cc663fb01e04e31b59f 3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550 Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.select2-3.5.1.js?ver=6.1.1	147 kB	2023-03-07	2024-05-10
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.select2-3.5.1.js?ver=6.1.1 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:08 Last Seen2024-05-10 19:35:33 Times Seen61 Hash 99bfacbacaa00bc5b64f40b857badbe6 0085b77bdd3af4a517f8fc5021753d84d5c67e27 5c2cca59a5673dab740e7a6a4e2707636f39b02a5e3a5539891ed2e53fa3c4a8 Loading...

	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	1.5 kB	2023-03-07	2024-05-09
Pretty URL kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-05-09 13:44:31 Times Seen698 Hash 0f34278c49ba25db1ef359dd2641dc9a 916c0b1bc083867813188c84bb055cfce331c44c 44134cbf94a69a4a21b2805d17b869ad1d5ce8ad563f96b6cd218e71fab9d07e Loading...

	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	4.0 kB	2023-03-09	2023-03-09
Pretty URL kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:38:29 Last Seen2023-03-09 09:38:29 Times Seen1 Hash 71bef855dc6fc72d47ba2dca2adcb788 c9da95b27f8b1cf1448fdfbb5a95892f953716f2 bc4d9fdd77390e7883dea9eb726e2f42f8b90bb7ea63e8d68541bf2f9785e265 Loading...

	kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1	1.2 kB	2023-03-07	2024-05-11
Pretty URL kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:59 Last Seen2024-05-11 00:58:36 Times Seen9361 Hash 51300497928562f8c86c7aaba99237cd e5826832b85c6afc6502b74cbb8ac5394b04c363 6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f Loading...

	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	149 B	2023-03-07	2024-05-10
Pretty URL kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-05-10 19:35:31 Times Seen2877 Hash 931deb2e7bef82d78d1c1b0a3fe4fe32 2a468d77a19124c4bcd1745b7f51eff01b269ade afb2b21f29cd5d7fc5b63a8ea02ece9649603b9e63a2afa55927c508345e1ee7 Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.infieldlabel-0.1.4.js?ver=6.1.1	5.8 kB	2023-03-07	2024-05-10
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.infieldlabel-0.1.4.js?ver=6.1.1 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:09 Last Seen2024-05-10 19:35:32 Times Seen38 Hash 372710f222244f8137edb8dafe56bee8 ddae6ea80bbc991ec1b157e465b989607a1167e9 bcabd3859644437d47fe098f85b398c21d0b9881d59a0b7476976d2d4a2e21a9 Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery-waypoints-2.0.3.js?ver=6.1.1	17 kB	2023-03-07	2024-05-01
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery-waypoints-2.0.3.js?ver=6.1.1 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:09 Last Seen2024-05-01 13:59:54 Times Seen15 Hash a24e24306f279bdb0e417bc5a1af593b c4b12ac6470fce9f4217adac4cc0e1ac6c48d50f d521591c77d150f050081a6a0077f47587c4befeda1d8a69ded8e286bdc100ce Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet-gesture-handling.min.js?ver=6.1.1	18 kB	2023-03-07	2024-03-03
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet-gesture-handling.min.js?ver=6.1.1 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:08 Last Seen2024-03-03 12:42:14 Times Seen20 Hash 8221a2669a9608431f9a6000cc529481 ebcfd67b1f3bb1b0e24984b73769788b99dc6c8c e3b8c8f6c16d2cae4c13eb8907a4a7fb396ecd70104269deb719ca90b3c74126 Loading...

	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	149 B	2023-03-09	2023-03-11
Pretty URL kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:38:29 Last Seen2023-03-11 23:19:21 Times Seen1 Hash e5b9d1b0489f70156934a05269ec3897 f68a8bc2af5fb5b8aebf072d613d02a02f41c225 62e632569c0695380fb7f9602cf4b1a6535f1ef651439247fd70a590fa8220f6 Loading...

	kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/modernizr/modernizr.touch.js?ver=2.6.2	3.3 kB	2023-03-07	2024-05-10
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/modernizr/modernizr.touch.js?ver=2.6.2 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:09 Last Seen2024-05-10 19:35:33 Times Seen27 Hash 99129dcc4b8a9a6a2869ba51750a7ec7 301fccf75c5f5f83a030392448d0f9e1bf54b96d 75fc336aaa3038fca70ef5f682d2575bff0dda12eccd9dc0c1c7645d638d01ae Loading...

	kingstonconnections.ca/wp-content/plugins/ait-shortcodes/assets/js/rule-btn.js?ver=6.1.1	149 B	2023-03-07	2024-05-10
Pretty URL kingstonconnections.ca/wp-content/plugins/ait-shortcodes/assets/js/rule-btn.js?ver=6.1.1 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:09 Last Seen2024-05-10 19:35:33 Times Seen39 Hash d59f6a8bcae31d209e5e8c4ce55c67f6 a3bf29f507f7015a58e51300b5d2765641c215ad 321454ada53b9c4f599dac5a6752ce9d1a7bbf1658f2d144f12b9462f02c34c4 Loading...

	kingstonconnections.ca/wp-includes/js/underscore.min.js?ver=1.13.4	19 kB	2023-03-08	2024-05-11
Pretty URL kingstonconnections.ca/wp-includes/js/underscore.min.js?ver=1.13.4 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:29 Last Seen2024-05-11 03:56:58 Times Seen42320 Hash f88d5720bb454ed5d204cbdb56901f6b f1952292fde4b15936e9aac16b2b9896684db95b 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/script.js?ver=6.1.1	3.9 kB	2023-03-07	2023-07-08
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/script.js?ver=6.1.1 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:09 Last Seen2023-07-08 16:28:01 Times Seen3 Hash 2d002b38f29525c1458cf352b7dfe2c9 1aab33c35619a46d8295326f8d2d628bbab5c3e6 e9537e3f727a1931129ca2e1145549e099141c52273415796169b2e81f692c62 Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/menu.js?ver=6.1.1	11 kB	2023-03-07	2023-10-30
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/menu.js?ver=6.1.1 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:09 Last Seen2023-10-30 11:29:52 Times Seen5 Hash b0b6eb07b99d1717bc1985e97740f221 7e9e9bd40ff0e34548cee7826b17a70ca9c4ffd3 ef530a5ba42a80824db6f9505e43f9d148585cc5d71597d3bfb8afc567db725e Loading...

	kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php	397 B	2023-03-09	2023-03-09
Pretty URL kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:38:29 Last Seen2023-03-09 09:38:29 Times Seen1 Hash c2e6018179d87d756007d9fb845b6852 b0ffd1a15f7e0bfc4e73cdc6e8e0de5fe28e6aa8 c5df5d90adcd3498ae5ffa95fa1d81f34c3560edce628aae92aee9f66292a50a Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/portfolio-item.js?ver=6.1.1	2.3 kB	2023-03-07	2024-05-01
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/portfolio-item.js?ver=6.1.1 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:08 Last Seen2024-05-01 13:59:54 Times Seen21 Hash 28a4bc0ae5fe8da9b7383ca288b0a987 7f84819089ec5aa57e1a4e7d7ad1b949420e7922 f5bedabb3139c2c46464822c3bfcf87223976ebb03d711686f26b68e436d7a0c Loading...

	kingstonconnections.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-05-11
Pretty URL kingstonconnections.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-11 01:26:12 Times Seen69213 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	kingstonconnections.ca/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-05-10
Pretty URL kingstonconnections.ca/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-05-10 23:44:41 Times Seen32026 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.selectbox-0.2.js?ver=6.1.1	15 kB	2023-03-07	2024-05-01
Pretty URL kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.selectbox-0.2.js?ver=6.1.1 IP 51.222.78.194 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:08 Last Seen2024-05-01 13:59:54 Times Seen15 Hash ac612ddbd4731218b897b01146794002 762f897f3f4560b151353f1249c701a33c45c4bf 1d6c7588c86ec580b63280ead63e38acf15181a78c7ffbc1424fd348a1b2d821 Loading...

HTTP Transactions (84)

URL IP Response Size

kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php

51.222.78.194

301 Moved Permanently

707 B

URL HTTP/1.1
kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 15 Dec 2022 03:02:54 GMT
server: LiteSpeed
location: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
555d8608594803d49eeb9581c6b70702
d01e0201e0ba0cf751ef97226620338a853bc635
2885cdac311a30161a8ac9ef8e54c788afafd4f86ed197a651fc6d8bda077908

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2885CDAC311A30161A8AC9EF8E54C788AFAFD4F86ED197A651FC6D8BDA077908"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5769
Expires: Thu, 15 Dec 2022 04:39:03 GMT
Date: Thu, 15 Dec 2022 03:02:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358212db02ecc7c1fa088906bd2dba14
091a0688da9de609d97349215ba9e452dfc346a4
7486e512e4de8172ac07f07f47da3a96dd3ac7cb054b335f3e4929261440e672

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7486E512E4DE8172AC07F07F47DA3A96DD3AC7CB054B335F3E4929261440E672"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18673
Expires: Thu, 15 Dec 2022 08:14:07 GMT
Date: Thu, 15 Dec 2022 03:02:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
51bd0cc75ed746fd33c950eb12936b7e
4a1007ea6c6e4f5e8b4a7d1f85f7a3e329dc8f50
188d4a0d544f40048dc7476cb4f5e478f1eb49a8ef1d51699fb155d2ae258655

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "188D4A0D544F40048DC7476CB4F5E478F1EB49A8EF1D51699FB155D2AE258655"
Last-Modified: Tue, 13 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7321
Expires: Thu, 15 Dec 2022 05:04:55 GMT
Date: Thu, 15 Dec 2022 03:02:54 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 15 Dec 2022 02:33:52 GMT
content-type: application/json
age: 1742
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: THLYQx0xPQzs63CChil6h/75qvy8dvMfOm6u4LBAtPqSgcRSW4XxbQDp7jpEKcbQHnLZlktdOuk=
x-amz-request-id: PMAN4NT59JXXCFDV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 15 Dec 2022 02:52:36 GMT
age: 618
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 15 Dec 2022 03:02:54 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 15 Dec 2022 02:33:21 GMT
age: 1774
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
210b7a2584ae55362c4b582e325f37f7
5f1982f961f1c5db96bbb66af075bab3cb535963
cb3767debad90cb8a34ce287de194cdb2a4f7146e7b51560fd2e0eb11fbfbc2f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4217
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 03:02:55 GMT
Etag: "63999230-1d7"
Last-Modified: Thu, 15 Dec 2022 01:52:38 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.215.56.181

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.215.56.181:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3CxKJ578IkuiTOi4Px0uOQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZpaorZog7OyMHj2h18xJWv9GbQY=

kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php

51.222.78.194

404 Not Found

28 kB

URL HTTP/2
kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9381), with CRLF, LF line terminators
Size
28 kB (27768 bytes)
Hash
4bede95ef1edcab66efe5fc9549cae02
a0a485eccc9f2212de321181b021d15290f83c0c
e7011e02e990fd55697d16a3c51d3bd6400fdaca55e7c70ac7ef77d212e5d3dc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://kingstonconnections.ca/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Thu, 15 Dec 2022 03:02:55 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-includes/css/classic-themes.min.css?ver=1

51.222.78.194

200 OK

144 B

URL HTTP/2
kingstonconnections.ca/wp-includes/css/classic-themes.min.css?ver=1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
144 B (144 bytes)
Hash
fcbd239f30d9a6dd1f3637f291143d37
2871bf7d98af3f43e42f7fa32808048e7134fabf
c2f98e9d71f782b7a3266cd337c61ae6c8dcbb7203669c07852aa2ab65ab6144

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: text/css
last-modified: Tue, 15 Nov 2022 16:24:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 144
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/plugins/ait-item-extension/design/css/frontend.css?ver=6.1.1

51.222.78.194

200 OK

469 B

URL HTTP/2
kingstonconnections.ca/wp-content/plugins/ait-item-extension/design/css/frontend.css?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
469 B (469 bytes)
Hash
abb72daafd06412efbaceeb36118b962
8c4a495fb293235df932a359a707c7953dc2fa21
4a06056ff568c779f88d5f35ed582255a5602dd602c64754ea91cc171ecf815b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/ait-item-extension/design/css/frontend.css?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: text/css
last-modified: Thu, 17 Sep 2020 14:16:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 469
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4

51.222.78.194

200 OK

848 B

URL HTTP/2
kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
848 B (848 bytes)
Hash
c962ba8e7d42ff9da18392b41dad5151
7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: text/css
last-modified: Tue, 15 Nov 2022 16:24:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 848
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bfb5d3c071cebab21e6ab8647e84b6ba
ebc1553e88dbe512449a31b3cb4c10c659484d7d
cf794ab56bfa29d8e47637d68f5c82e4c60b855a8f6b772f344a72c712da3c4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 03:02:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bfb5d3c071cebab21e6ab8647e84b6ba
ebc1553e88dbe512449a31b3cb4c10c659484d7d
cf794ab56bfa29d8e47637d68f5c82e4c60b855a8f6b772f344a72c712da3c4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 03:02:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

kingstonconnections.ca/wp-includes/css/dashicons.min.css?ver=6.1.1

51.222.78.194

200 OK

35 kB

URL HTTP/2
kingstonconnections.ca/wp-includes/css/dashicons.min.css?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (58981)
Size
35 kB (35110 bytes)
Hash
54c5bfb8a890d87139d9abfe01662c83
f9eddf5b8a3269e6d6fa40b4f13083705e6267c6
9685e5cabe4efc8c85e986725af8009b306416aad3ecc9086ca5bb12b84ce4ef

HTTP Headers

GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: text/css
last-modified: Fri, 16 Apr 2021 01:28:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 35110
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.3

51.222.78.194

200 OK

12 kB

URL HTTP/2
kingstonconnections.ca/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Size
12 kB (11522 bytes)
Hash
89c01460d72cb1ceb3a46b26a5ca1f76
ac2c983903467ac06692603836da52c269d34745
88fe06f32160927f89011be425a89c7bd71b305cbbb14145f9829509f2805897

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: text/css
last-modified: Tue, 28 Jan 2020 19:39:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11522
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/colorbox/colorbox.min.css?ver=1.4.27

51.222.78.194

200 OK

579 B

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/colorbox/colorbox.min.css?ver=1.4.27
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (2026)
Size
579 B (579 bytes)
Hash
3fa815f8b4d329936554aab60b74950f
b9c42a52f4849fcdbd1f914c5ccfbed59c7783d6
16ab0fbe01ebbb4096f7dedd182d3fc6de7bd87cd7bf2570d2dc848da1ef6194

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/ait-theme/assets/colorbox/colorbox.min.css?ver=1.4.27 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 579
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/ait/element-placeholder.css?ver=4.0.26.1626200761

51.222.78.194

200 OK

691 B

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/ait/element-placeholder.css?ver=4.0.26.1626200761
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
691 B (691 bytes)
Hash
dc99ade6b7e7b26dff8f4626e6da377a
4a701e3dc636e0ec2b0e67f43d6bdb11bba7b9b2
ce25e81bfbe7e02968361c63df00326fd1668cb3498df766cb08eb1a2342aa98

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/ait-theme/assets/ait/element-placeholder.css?ver=4.0.26.1626200761 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 691
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/jquery.selectbox.css?ver=6.1.1

51.222.78.194

200 OK

549 B

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/jquery.selectbox.css?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
549 B (549 bytes)
Hash
d3b3a6bbbe22fa4d9a985e157f4fa421
f63407b315b312eeab49c137d55b8ab487da2371
ad7759b1bce3252b3bfae6f71e0961b99c4346915de6d5a11faf7a8357459c57

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/css/libs/jquery.selectbox.css?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 549
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/jquery.select2-3.5.1.css?ver=6.1.1

51.222.78.194

200 OK

3.1 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/jquery.select2-3.5.1.css?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
3.1 kB (3124 bytes)
Hash
0a1f5bd82e1d9fdc7dbeacd1a150d28c
02c1d8bfe6e419613f05f950c6f42ed05d4b87ad
c03895b6fe0faf7645510d3e2a13fcbb920bfd025a9d208c08881bf0b196b2f6

HTTP Headers

GET /wp-content/themes/directory2/design/css/libs/jquery.select2-3.5.1.css?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3124
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7554f75e4959d216038e95962579e741
10f237248a234544391eb351e97515d385a372b3
cb2bc78887ed330dee49076c04ba87723fdc2a869a124dba2a475cac174480da

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 03:02:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/leaflet.css?ver=6.1.1

51.222.78.194

200 OK

3.1 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/leaflet.css?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
3.1 kB (3062 bytes)
Hash
5507585fdfa3f48b9ba06acc9a3a6072
ff99dc58cc025345b8d59ff790fb983b36b167cc
9d561bf9d7a7935b8141f19e1bd7b6271ebd699667a6c80839e16a611b7926d9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/css/libs/leaflet/leaflet.css?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3062
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/font-awesome.css?ver=6.1.1

51.222.78.194

200 OK

7.0 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/font-awesome.css?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
troff or preprocessor input, ASCII text, with very long lines (427)
Size
7.0 kB (7008 bytes)
Hash
40cd109595d6850ecd5db53cec3394c1
bc319f6e8245b4e9304d2ee2eedb4559966a4347
74d649dbc17be479d1777dd51c832bd51d4cc307b016ab64fb19f929e02c4a10

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/css/libs/font-awesome.css?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7008
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/MarkerCluster.Default.css?ver=6.1.1

51.222.78.194

200 OK

331 B

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/MarkerCluster.Default.css?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
331 B (331 bytes)
Hash
41e54e32115609fac2215b71dd73bf24
7074a79b4418c48d9d17a915aaf43574567af450
6dfaf1394cfa3cfcca3a62c489d331cb98aa8aae5c29cd0d9da76ac86a42cedf

HTTP Headers

GET /wp-content/themes/directory2/design/css/libs/leaflet/MarkerCluster.Default.css?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 331
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/uploads/cache/directory2-child/base-4.0.26.1626200761.css?ver=4.0.26.1626200761

51.222.78.194

200 OK

42 B

URL HTTP/2
kingstonconnections.ca/wp-content/uploads/cache/directory2-child/base-4.0.26.1626200761.css?ver=4.0.26.1626200761
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
42 B (42 bytes)
Hash
7b5c559e947c71c87e7aa0f2c25b1f3b
f4b49897b2c7d52599e0a4c1385ad53082a3531c
c9cc029c2488498fa7ed479fb67d4920b268b585545cdd856bd041c8649e4a04

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/cache/directory2-child/base-4.0.26.1626200761.css?ver=4.0.26.1626200761 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: text/css
last-modified: Wed, 07 Dec 2022 21:03:50 GMT
accept-ranges: bytes
content-length: 42
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/MarkerCluster.css?ver=6.1.1

51.222.78.194

200 OK

212 B

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/MarkerCluster.css?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
212 B (212 bytes)
Hash
b64f9160b03468e98bb2fb99e33f038c
6d53192bffc56a0af275abd30796580efb6e4f2a
8c61fe545b79e59e67dbccdb5b0bdd3652b0a08c7585a54572550e9d1713c508

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/css/libs/leaflet/MarkerCluster.css?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 212
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/ait-theme/elements/search-form/design/css/base-style.css?ver=6.1.1

51.222.78.194

200 OK

27 B

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/elements/search-form/design/css/base-style.css?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
27 B (27 bytes)
Hash
451a865ab7f4b7d884ba2297090e92f2
a400b61b6ba6387fa62842ae801339171c98bcba
16eb23976764966ef5f3d2d2b17ff8cfeb1892ed84edcbae61362d7fe36877e4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/ait-theme/elements/search-form/design/css/base-style.css?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-length: 27
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/jquery-ui-css/jquery-ui.css?ver=1.8.24

51.222.78.194

200 OK

5.5 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/jquery-ui-css/jquery-ui.css?ver=1.8.24
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (1399)
Size
5.5 kB (5498 bytes)
Hash
96121df13c6e35e4f8063ae6ce8ad8fe
9f63f124b7707cfc4d0f31d0cc30dcb19f4fabe5
2fa76f2ed3cc00fefe286ff0b0822025be03d4bd135a2affbea49bce44aabee1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/ait-theme/assets/jquery-ui-css/jquery-ui.css?ver=1.8.24 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5498
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/leaflet-gesture-handling.min.css?ver=6.1.1

51.222.78.194

200 OK

320 B

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/css/libs/leaflet/leaflet-gesture-handling.min.css?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (1022), with no line terminators
Size
320 B (320 bytes)
Hash
7f6c29c6cdd42f98a89d9c137b0aac57
b2fecb4e878774d771c1907e4503197e8fc98cd9
2c8bbecaa816f5e5e0ff316fa6e0087f4611a1349bf6f6c14da1e1b2e23f8499

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/css/libs/leaflet/leaflet-gesture-handling.min.css?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 320
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/ait-theme/elements/header-map/design/css/base-style.css?ver=6.1.1

51.222.78.194

200 OK

167 B

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/elements/header-map/design/css/base-style.css?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
9bbbef55a46d98eba46962413ad4bf67
ce90377f42bfacb3a0020a227af26153619583b2
71b48802321a95504b37856b24f30228d0a878f9aa1eab09251aced06af2db4e

HTTP Headers

GET /wp-content/themes/directory2/ait-theme/elements/header-map/design/css/base-style.css?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-length: 167
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/uploads/cache/directory2-child/preloading-4.0.26.1626200761.css?ver=4.0.26.1626200761

51.222.78.194

200 OK

6.0 kB

URL HTTP/2
kingstonconnections.ca/wp-content/uploads/cache/directory2-child/preloading-4.0.26.1626200761.css?ver=4.0.26.1626200761
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (65536), with no line terminators
Size
6.0 kB (5981 bytes)
Hash
cf02b5759aff578ad2d8c36696fb34cf
3b02b4acb35307aafbd821922881ff5f71c06e0a
fad8c331d45ff46845abfedf4d4397ff14f2d04663103d8bbef3adfed7e2dd8e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/cache/directory2-child/preloading-4.0.26.1626200761.css?ver=4.0.26.1626200761 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: text/css
last-modified: Wed, 07 Dec 2022 21:03:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5981
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4

51.222.78.194

200 OK

2.8 kB

URL HTTP/2
kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (9937), with no line terminators
Size
2.8 kB (2817 bytes)
Hash
4317b1c024df372435f6482deadddeb3
5c8824a17e40a44ea8fc51568b98bdb1e2e7fab5
3798fb16289ba55459fb6d3b2efa915e3c019c5942759abb7bd19a0ef622b85d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 16:24:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2817
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4

51.222.78.194

200 OK

3.7 kB

URL HTTP/2
kingstonconnections.ca/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (12310), with no line terminators
Size
3.7 kB (3706 bytes)
Hash
dc6411bfa6891b75944f0074c945752d
03c1a8b686c287068c61ab90f58d905496d65085
96abeabc9cc7b4c2b7d46579f2827c67ccd02fbaef0343ae052f71accd381b0d

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 16:24:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3706
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/uploads/cache/directory2-child/typography-4.0.26.1626200761-en_US.css?ver=4.0.26.1626200761

51.222.78.194

200 OK

4.8 kB

URL HTTP/2
kingstonconnections.ca/wp-content/uploads/cache/directory2-child/typography-4.0.26.1626200761-en_US.css?ver=4.0.26.1626200761
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (50085), with no line terminators
Size
4.8 kB (4752 bytes)
Hash
23b15bce1c17122123d35e619b7c5980
c7a87988c9e0047ef5970bc53cab6bc044e5730b
0c1ad851bff330cc6150ca38245f2a71e7f4baf6feadec6fb038c952c0f2d96f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/cache/directory2-child/typography-4.0.26.1626200761-en_US.css?ver=4.0.26.1626200761 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: text/css
last-modified: Wed, 07 Dec 2022 21:03:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4752
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/colorbox/jquery.colorbox.min.js?ver=1.4.27

51.222.78.194

200 OK

4.5 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/colorbox/jquery.colorbox.min.js?ver=1.4.27
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (11887)
Size
4.5 kB (4463 bytes)
Hash
65d669ec0b59ad7d2040d842c0b7a138
e5eb7828252dac354af8a3e21048b01a5e03fed7
adc999c096832cee4900be483e1aa5aa360994d89785f2ab9b123d90b716734e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/ait-theme/assets/colorbox/jquery.colorbox.min.js?ver=1.4.27 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4463
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/plugins/popslide/assets/js/jquery.cookie.min.js

51.222.78.194

200 OK

600 B

URL HTTP/2
kingstonconnections.ca/wp-content/plugins/popslide/assets/js/jquery.cookie.min.js
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (1285), with no line terminators
Size
600 B (600 bytes)
Hash
cf6db9095d99c3a903b9c45b33bfeba7
969effee72715014cad403163ef6e172a653224c
193da8104086306ee6ca5b44e03f54e5b0cd3d8230caf5bad05edbf306eebd5a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/popslide/assets/js/jquery.cookie.min.js HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Thu, 26 Mar 2020 13:48:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 600
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-includes/js/underscore.min.js?ver=1.13.4

51.222.78.194

200 OK

7.2 kB

URL HTTP/2
kingstonconnections.ca/wp-includes/js/underscore.min.js?ver=1.13.4
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (18798)
Size
7.2 kB (7179 bytes)
Hash
f4bb18d2e152ba945cb63980362f40e9
925f93a6c4ee411e97d8dc3186f9d66c4b5169ab
16ab496a6c74f5f272f7a5c31e9cb69c753fea994396ef6deacf641180ad317b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 16:24:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7179
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

51.222.78.194

200 OK

4.0 kB

URL HTTP/2
kingstonconnections.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (11126)
Size
4.0 kB (3995 bytes)
Hash
7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Tue, 15 Dec 2020 21:31:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/plugins/popslide/assets/js/front.js

51.222.78.194

200 OK

792 B

URL HTTP/2
kingstonconnections.ca/wp-content/plugins/popslide/assets/js/front.js
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
792 B (792 bytes)
Hash
aaa06787ae4ea91535efa202e2932b35
9787b1808d5af3edcef268d8694b3e2292e83f8c
de945d8a217f77be3869a0c8f5d3533bf253708e40ff66cef6e85c204712116e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/popslide/assets/js/front.js HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Thu, 26 Mar 2020 13:48:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 792
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

51.222.78.194

200 OK

30 kB

URL HTTP/2
kingstonconnections.ca/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (65447)
Size
30 kB (30324 bytes)
Hash
3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 16:24:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/uploads/cache/directory2-child/style-4.0.26.1626200761.css?ver=4.0.26.1626200761

51.222.78.194

200 OK

99 kB

URL HTTP/2
kingstonconnections.ca/wp-content/uploads/cache/directory2-child/style-4.0.26.1626200761.css?ver=4.0.26.1626200761
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (65536), with no line terminators
Size
99 kB (99295 bytes)
Hash
e15dc2a4a7a6f4112de9f30d93f2c26d
34c1979ac672296938e5e09e5188a404565c87aa
b5649869719e46cfb0cd84d7623c4fa41e150163a310fb051f1538966d8a9095

HTTP Headers

GET /wp-content/uploads/cache/directory2-child/style-4.0.26.1626200761.css?ver=4.0.26.1626200761 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: text/css
last-modified: Wed, 07 Dec 2022 21:03:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 99295
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.3

51.222.78.194

200 OK

67 kB

URL HTTP/2
kingstonconnections.ca/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.3
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (64288)
Size
67 kB (66776 bytes)
Hash
aa9372a85693a6493774f10b65bad30c
cc3c53e0aed0450cafaec2579de0049ffad0387b
ece029d1221e027b0ca02e11c47f9838dd69f226a8283b4ef7dd7d684fef1c5a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.3 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Tue, 28 Jan 2020 19:39:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 66776
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0

51.222.78.194

200 OK

50 kB

URL HTTP/2
kingstonconnections.ca/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (32017), with CRLF line terminators
Size
50 kB (50040 bytes)
Hash
12ee1cc38870cd33b736f5a03a213de8
32e13b34e228e12ef6e3afcfcfa57cfb92d632ff
629c9a0ac8f73997327bfe37312e363e461ab8c1d8ac1c112b2d2f2eed814dee

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Tue, 28 Jan 2020 19:39:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 50040
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.selectbox-0.2.js?ver=6.1.1

51.222.78.194

200 OK

3.7 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.selectbox-0.2.js?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
3.7 kB (3702 bytes)
Hash
fe20db7ff1d6f533a5279598b65f6d78
fa675d5759cfe2a5d946f5cd78a264c9567213d7
feec72f60b44f846064f7a3603cc51bea78c6d62dd770bae0b4a8a72af7775ca

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/js/libs/jquery.selectbox-0.2.js?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3702
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.raty-2.5.2.js?ver=6.1.1

51.222.78.194

200 OK

3.7 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.raty-2.5.2.js?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
3.7 kB (3711 bytes)
Hash
73e29207c75b19b267ca486d698dd720
43e7446c71b8e719d1bdbecbc70de0ac40068293
fbd3e58109517198c4ce2045f912780f7c9c23ab7629be54abc753eaba899c96

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/js/libs/jquery.raty-2.5.2.js?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3711
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.infieldlabel-0.1.4.js?ver=6.1.1

51.222.78.194

200 OK

1.9 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.infieldlabel-0.1.4.js?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
1.9 kB (1862 bytes)
Hash
47112cf8265967d094a5ce5997495377
e2915f9ca6940057d72b324a26d0f8ab7f38dbda
f9921430b02661051ba14c9e08bfe481762d6d4dd583b96d9324ae0eb635301c

HTTP Headers

GET /wp-content/themes/directory2/design/js/libs/jquery.infieldlabel-0.1.4.js?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1862
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.markercluster.js?ver=6.1.1

51.222.78.194

200 OK

8.5 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.markercluster.js?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (32045)
Size
8.5 kB (8465 bytes)
Hash
c60b5e3a8d131299c4da83e4b367490d
2b215d63e3a933ee25d9551b68defcf9986d2497
0412440f0d70391630d734199065569329db8dd6c0d7b067287de4199e6546da

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/js/libs/leaflet/leaflet.markercluster.js?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8465
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery-waypoints-2.0.3.js?ver=6.1.1

51.222.78.194

200 OK

3.4 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery-waypoints-2.0.3.js?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
3.4 kB (3446 bytes)
Hash
3c1e9a8ee6422e73b156bbe79beedbc7
56d39626241423beb358d455c60a1da7a831a847
5e51cb02940d689e397ee51e1269cf7d58e980eda3cdb002c655a41ea0b78945

HTTP Headers

GET /wp-content/themes/directory2/design/js/libs/jquery-waypoints-2.0.3.js?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3446
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/menu.js?ver=6.1.1

51.222.78.194

200 OK

2.5 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/menu.js?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
2.5 kB (2470 bytes)
Hash
6ed61bacc4629f8000fa292c007b394f
aae08a186c61fcefafaa3c429d254391bb56a9a6
d42146f08f70d3acf7de452f9b84e8839265c5b81a05ced3545310b02fced9cd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/js/menu.js?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2470
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet-gesture-handling.min.js?ver=6.1.1

51.222.78.194

200 OK

6.1 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet-gesture-handling.min.js?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
Unicode text, UTF-8 text, with very long lines (14650)
Size
6.1 kB (6097 bytes)
Hash
84fbf0f521f3b26eea0a5f3043016045
0876751eb39f1c178b8077d697afcbfa2ea9a4ae
5f4bcfd711a6aeaa175e610fd38462776391a1c9f87a62d9e097a4e8c3e21a38

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/js/libs/leaflet/leaflet-gesture-handling.min.js?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6097
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/portfolio-item.js?ver=6.1.1

51.222.78.194

200 OK

715 B

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/portfolio-item.js?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
715 B (715 bytes)
Hash
445f9be76c2f2ffdcb4356146ccfa06f
dca44440d94c86143629f94b3f13aa7162d30c29
e25ca8c246066bf9424ee935981838821e3c34a940337fe1cd7f358f45376c90

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/js/portfolio-item.js?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 715
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/custom.js?ver=6.1.1

51.222.78.194

200 OK

2.1 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/custom.js?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
2.1 kB (2140 bytes)
Hash
65006712cde9e7d61282a256055462b6
82656441a8161d29a8509008fbafbf114e5c0b59
ab4b0e6ba7a8ab9e74669134308d39d76ba95026ee9ac6288fd0fb7ae3801849

HTTP Headers

GET /wp-content/themes/directory2/design/js/custom.js?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2140
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/modernizr/modernizr.touch.js?ver=2.6.2

51.222.78.194

200 OK

1.4 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/modernizr/modernizr.touch.js?ver=2.6.2
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (3173)
Size
1.4 kB (1416 bytes)
Hash
25cf9696e54a12b10205980c6d9cfd26
d199bdb2e9a733a880ab07aa06d1a6c9c0acded9
e2f531fc851a3194d139898dc7d0e3ca00609a491ebd740b028ed9c30ba09c62

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/ait-theme/assets/modernizr/modernizr.touch.js?ver=2.6.2 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1416
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2

51.222.78.194

200 OK

2.6 kB

URL HTTP/2
kingstonconnections.ca/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (8632)
Size
2.6 kB (2646 bytes)
Hash
8238287357a4279c2ae038a097965ad3
3a677770d91002d75e397397671b82332724af10
b5c3686973bb5e86e3328dc87298dee495dd6908355ac1d6e7fee730c364e92e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 16:24:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2646
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

51.222.78.194

200 OK

6.8 kB

URL HTTP/2
kingstonconnections.ca/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
Unicode text, UTF-8 text, with very long lines (8189)
Size
6.8 kB (6800 bytes)
Hash
3d0ff0f6731d9cef860af9a5a0e3ce62
13aed444304d782039e261475c8b4450b83e743e
e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 16:24:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6800
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/bxslider/jquery.bxslider.min.js?ver=4.1.2

51.222.78.194

200 OK

4.9 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/ait-theme/assets/bxslider/jquery.bxslider.min.js?ver=4.1.2
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (19040)
Size
4.9 kB (4925 bytes)
Hash
d2c26da9ce67516d1c19f4896b5b9c41
1979bb8c67596d0edd349d2209cb65110beea664
deef64f20a8ad1238a721449bc80cfb2e1a41cfe0085e5fe23b3562a108c1d92

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/ait-theme/assets/bxslider/jquery.bxslider.min.js?ver=4.1.2 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4925
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/script.js?ver=6.1.1

51.222.78.194

200 OK

1.4 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/script.js?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
1.4 kB (1409 bytes)
Hash
3260682397d5fe5c933668ba7cfdab43
0d0276585a1206e9cd06f8f944f9ae128ccf1919
9c0d35a40f8d44d32e97fb3995f4797640465d79e1bce7d670e32b4de9ba1ca7

HTTP Headers

GET /wp-content/themes/directory2/design/js/script.js?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1409
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/mobile.js?ver=6.1.1

51.222.78.194

200 OK

430 B

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/mobile.js?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
430 B (430 bytes)
Hash
d5e50f7c323d8e0fe2149738098de3ec
ae3c8dc6ecbfed68f36004500fa96029a7c64015
4eccb16db8a3d83d171756528ddd1526231ef8fa680f5210e8f2a59559ca3401

HTTP Headers

GET /wp-content/themes/directory2/design/js/mobile.js?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 430
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1

51.222.78.194

200 OK

392 B

URL HTTP/2
kingstonconnections.ca/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (906), with no line terminators
Size
392 B (392 bytes)
Hash
200d0ec78a54a35bb97450e75bddfe52
25a0c90e7c2a7f49b4d5abf3165eb2d03849c2cb
9555fae27002a4036ca476b62143a67552e3870a1ff46c5869611b5edbe1deac

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Thu, 04 Feb 2021 01:24:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 392
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1

51.222.78.194

200 OK

479 B

URL HTTP/2
kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (1191), with no line terminators
Size
479 B (479 bytes)
Hash
62b3593ce258f7488f936d31b1ab1b6e
34c14a9bf90463e4456add8d8d039453b8bb8b8e
be4b9efdf77f14940f6b8aa22e7287411cf0377f99009d49276b5cfa47c4f3ad

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 18:09:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 479
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/plugins/ait-shortcodes/assets/js/rule-btn.js?ver=6.1.1

51.222.78.194

200 OK

149 B

URL HTTP/2
kingstonconnections.ca/wp-content/plugins/ait-shortcodes/assets/js/rule-btn.js?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
149 B (149 bytes)
Hash
d59f6a8bcae31d209e5e8c4ce55c67f6
a3bf29f507f7015a58e51300b5d2765641c215ad
321454ada53b9c4f599dac5a6752ce9d1a7bbf1658f2d144f12b9462f02c34c4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/ait-shortcodes/assets/js/rule-btn.js?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Thu, 17 Sep 2020 14:16:52 GMT
accept-ranges: bytes
content-length: 149
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17

51.222.78.194

200 OK

36 kB

URL HTTP/2
kingstonconnections.ca/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (65266)
Size
36 kB (36433 bytes)
Hash
eabd3755fb73f0e4ef1ac6e474373dd8
cd92121ebac48f10a27821172202bb1d06267663
37f62084aa872e3b695e87f549c236fda5828bc68036875a771768cd90bf2436

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 16:24:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 36433
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.select2-3.5.1.js?ver=6.1.1

51.222.78.194

200 OK

30 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/jquery.select2-3.5.1.js?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (11072)
Size
30 kB (30069 bytes)
Hash
1c3ca3aad6432ea5e6c8797f3c2aa339
f5d974f46a1f4775bb4cf8b7a6fa7a292d8d0cbe
891ea511d0b55150b41cf081c6e90242eb6ffe675ef1a5ec630c6d5d8faa77b8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/js/libs/jquery.select2-3.5.1.js?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30069
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.js?ver=6.1.1

51.222.78.194

200 OK

40 kB

URL HTTP/2
kingstonconnections.ca/wp-content/themes/directory2/design/js/libs/leaflet/leaflet.js?ver=6.1.1
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (65325)
Size
40 kB (39939 bytes)
Hash
6d399babb4d84c222c3417d56ef3f961
07ac0e20c5c7fab1ef19ea5c47b6c109487ac8c1
43894d61d9472966ab5ae36c748623d136ed986f94ee30710711b94299daa21c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/directory2/design/js/libs/leaflet/leaflet.js?ver=6.1.1 HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 02:36:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 39939
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5862
Expires: Thu, 15 Dec 2022 04:40:38 GMT
Date: Thu, 15 Dec 2022 03:02:56 GMT
Connection: keep-alive

fonts.googleapis.com/css?family=PT+Sans+Narrow%3Aregular%2C700&subset=cyrillic-ext%2Clatin-ext%2Ccyrillic%2Clatin&ver=6.1.1

142.250.74.106

200 OK

1.0 kB

URL HTTP/2
fonts.googleapis.com/css?family=PT+Sans+Narrow%3Aregular%2C700&subset=cyrillic-ext%2Clatin-ext%2Ccyrillic%2Clatin&ver=6.1.1
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.0 kB (1005 bytes)
Hash
f4356a2c0dc28f75d5e1e42de5713bf2
7e728f939ebf39b69c994d38075d50dced10c47d
d3b39ef88920ecc157eae98f25ff4d19b1a72402c91e7182c92fecdd35dfc9a2

HTTP Headers

GET /css?family=PT+Sans+Narrow%3Aregular%2C700&subset=cyrillic-ext%2Clatin-ext%2Ccyrillic%2Clatin&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Dec 2022 03:02:56 GMT
date: Thu, 15 Dec 2022 03:02:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5862
Expires: Thu, 15 Dec 2022 04:40:38 GMT
Date: Thu, 15 Dec 2022 03:02:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5862
Expires: Thu, 15 Dec 2022 04:40:38 GMT
Date: Thu, 15 Dec 2022 03:02:56 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07861bcb-0cbb-458b-b85e-45f3efc2391a.jpeg

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07861bcb-0cbb-458b-b85e-45f3efc2391a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5789 bytes)
Hash
9d38060edf5f77bdaa18a4dd3b092c12
50b89e4fbdb88026899ce49cb45b0d6286f303a7
8ff9d03bca03022c717004f96a178d4982d16b575cb70a1a237ca76f90f4f0e1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07861bcb-0cbb-458b-b85e-45f3efc2391a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5789
x-amzn-requestid: bb0455df-4252-4b04-a24c-eb101e3e40db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKWBdFAUIAMFaig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a6a09-1e3f6b0d0a59da3807acffee;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 00:27:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VqhIHvfNAEZCR2jLF3lsgYp4uBuPWHSnvOrd_0sHOHEE9waf_svnMQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 02:16:25 GMT
age: 2791
etag: "50b89e4fbdb88026899ce49cb45b0d6286f303a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=PT+Sans%3Aregular%2Citalic%2C700%2C700italic&subset=cyrillic-ext%2Clatin-ext%2Ccyrillic%2Clatin&ver=6.1.1

142.250.74.106

200 OK

5.7 kB

URL HTTP/2
fonts.googleapis.com/css?family=PT+Sans%3Aregular%2Citalic%2C700%2C700italic&subset=cyrillic-ext%2Clatin-ext%2Ccyrillic%2Clatin&ver=6.1.1
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
5.7 kB (5746 bytes)
Hash
b28e9a0c157aa54e57bca37ad2a91318
0913ab40a2962a7d95d60b2f9f86c6133cbbf4c9
04bb0178eeb4fd5f339312a61471c90fa8b8edc756af0367ce1c4426c72e772e

HTTP Headers

GET /css?family=PT+Sans%3Aregular%2Citalic%2C700%2C700italic&subset=cyrillic-ext%2Clatin-ext%2Ccyrillic%2Clatin&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Dec 2022 03:02:56 GMT
date: Thu, 15 Dec 2022 03:02:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa84ff272-725d-4ea2-9b73-d56ddbd06979.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.2 kB (3187 bytes)
Hash
1e72301b10bca35b0a570adb01aea806
ff5817aecda71a982779d5b12ba19e3264e964a3
3de1caddc5e0214a69e34ecb64be729a70462f8ea1852f2b9b97901bdc0fd3cb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa84ff272-725d-4ea2-9b73-d56ddbd06979.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3187
x-amzn-requestid: 01e45059-3240-4c5b-bd89-4cce8387e6f4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUX0FUgoAMFYqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6765-1db6a3fd5433985e5f0687a7;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:49:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ab-V5dPQRj6wn9lhjFnS0WCdjKhyKG0S_eXyDQM86Bg-8P4qxvwqQg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 06:13:37 GMT
age: 74959
etag: "ff5817aecda71a982779d5b12ba19e3264e964a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb602c981-caf1-4cfc-b19b-56f816dc7417.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9891 bytes)
Hash
c2ae931d0f14a81013f782d43b8c7b85
9ec84996b63362ad370ff67b0fd8136a343c1bbf
9b4a2b3e5e2d2b4fac094135fed10a3040598f1208f6b2ec52d95d10aca66ed5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb602c981-caf1-4cfc-b19b-56f816dc7417.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9891
x-amzn-requestid: ef1d7b5b-b6fd-483b-bef7-235b0d76648d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c2SlaEzgoAMFebw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63926488-701a5e2b61cc6f647fe41acb;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 22:26:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K8OPTRGA7cKydHi7_5T23cXe-9m0MsxYAMzBh-aXD93WSNB4pOnMpA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 20:23:47 GMT
age: 23949
etag: "9ec84996b63362ad370ff67b0fd8136a343c1bbf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cff467d-ce7f-4454-8f95-b9c6348a2347.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5820 bytes)
Hash
651b0f2569cf044585ce4f571cfd89fb
4c5e9db56536dd4145d63200d0fd74e2aa243fbf
c561267909b1e19768a2c11d78bab18faaa0de11d822e56324d7642daf798bf5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cff467d-ce7f-4454-8f95-b9c6348a2347.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5820
x-amzn-requestid: aea526e4-f177-483a-bf63-4dbc3e526bf6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dHHBHE8HIAMFn0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63991ed3-2fdc5eed7f4c006224bd29c5;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 00:54:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: usEmccGMldP3GGjxbRfQ_TuRDdRzDqo8C31tNcjXVpz3ke03xykUfg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 13:45:56 GMT
etag: "4c5e9db56536dd4145d63200d0fd74e2aa243fbf"
content-type: image/jpeg
age: 47820
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f6337-b00d-4487-82ce-cbed5b4f3f4f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7616 bytes)
Hash
0d2294cdacdc84b8b19874ba56035a6d
53009a81b15e464d5529d36b1e04b841b2ae034e
67d59aa026b43ed3f698f3853b986fc7c07e4e6e5f7b3551e59238f79978480a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f6337-b00d-4487-82ce-cbed5b4f3f4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7616
x-amzn-requestid: 71bbe208-11e3-4280-bf09-bff8bd18fcb4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c82fXGmPoAMF3Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63950462-12393ca432808b7f0b2771dc;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 22:12:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G1MopDnv-WOAbIBMe0v-V9xXeJIVDReKWSMG33dQt1q5GpK41RU0PQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 11:18:24 GMT
age: 56672
etag: "53009a81b15e464d5529d36b1e04b841b2ae034e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e709a04ea80113c435ca4f9d37e93e7
053f34d74eded192d698bb20956897ec3e3ad23b
2535554bd9d9004c7888cde496278d847002218fb1d35a3d4bacdd98c8a92ff9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 03:02:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 03:02:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 03:02:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

216.58.207.227

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Size
45 kB (45300 bytes)
Hash
5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

HTTP Headers

GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kingstonconnections.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Dec 2022 22:37:36 GMT
expires: Sun, 10 Dec 2023 22:37:36 GMT
cache-control: public, max-age=31536000
age: 361520
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ptsansnarrow/v17/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2

216.58.207.227

200 OK

36 kB

URL HTTP/2
fonts.gstatic.com/s/ptsansnarrow/v17/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 36220, version 1.0\012- data
Size
36 kB (36220 bytes)
Hash
703384eb990fa92cab3b11662e55234f
825232b537f04761e3f866599f3abb7c14d32d60
38ba9bd69a8f6114511656eed8cf0f4e3d45d9e2c9aa0a22fb978d5da5ac250b

HTTP Headers

GET /s/ptsansnarrow/v17/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kingstonconnections.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 36220
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 02:16:45 GMT
expires: Fri, 15 Dec 2023 02:16:45 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:03:05 GMT
content-type: font/woff2
age: 2771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ptsansnarrow/v17/BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2

216.58.207.227

200 OK

51 kB

URL HTTP/2
fonts.gstatic.com/s/ptsansnarrow/v17/BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 51132, version 1.0\012- data
Size
51 kB (51132 bytes)
Hash
ebf9aaf2e7ed2dc812dcd308b5b807e2
821884be5d80ad6e3310c47ec68a172f3aebfe32
f54e39446dc1a3407191e704a37aa5da2d12fbdeac8842b6c3a5648377f3e688

HTTP Headers

GET /s/ptsansnarrow/v17/BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kingstonconnections.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 51132
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 19:37:01 GMT
expires: Thu, 14 Dec 2023 19:37:01 GMT
cache-control: public, max-age=31536000
age: 26755
last-modified: Wed, 27 Apr 2022 16:09:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 03:02:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

kingstonconnections.ca/wp-content/uploads/2015/12/kc-logo.png

51.222.78.194

200 OK

0 B

URL HTTP/2
kingstonconnections.ca/wp-content/uploads/2015/12/kc-logo.png
IP
51.222.78.194:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2015/12/kc-logo.png HTTP/1.1
Host: kingstonconnections.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kingstonconnections.ca/ccss/owas/ZS/92fd5b365c612a19b8d88dad3fe6bff5/74q7yehyqcmfbnsu0fpuw0uz.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 03:02:56 GMT
content-type: image/png
last-modified: Tue, 28 Jan 2020 19:40:06 GMT
accept-ranges: bytes
content-length: 69789
date: Thu, 15 Dec 2022 03:02:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (42)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations