r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9090
Expires: Sun, 04 Dec 2022 19:36:40 GMT
Date: Sun, 04 Dec 2022 17:05:10 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1989
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 17:05:10 GMT
Last-Modified: Sun, 04 Dec 2022 16:32:01 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 16:20:08 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2702
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8002
Expires: Sun, 04 Dec 2022 19:18:32 GMT
Date: Sun, 04 Dec 2022 17:05:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mKjiSNXnongoDshECf9l9vmd/U1gjApxnHfZ+M2eYgQ86ZlbnKxCdVv3QZOwS82OeKMnlg7tUDI=
x-amz-request-id: DXGV0KKMW3CT4YKB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 16:47:03 GMT
age: 1087
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
192.124.249.175302 Found 271 B URL HTTP/1.1 higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
IP 192.124.249.175:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 855bbca0a6b1a72a044894f84fc6e173
a6e4a21f32cdba6f6f430d6c10cdf6f6bacda6c9
790f24dca58a4eff9a93a3f5e1e3a6d5fb480b289a80bdc229bb4b4c5a9f7ddc
Analyzer Verdict Alert fortinet Phishing
GET /netfilxwebsupportteampaymentalert/account/login.php HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: Sucuri/Cloudproxy
Date: Sun, 04 Dec 2022 17:05:10 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 271
Connection: keep-alive
X-Sucuri-ID: 19025
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Location: https://www.higginsonconsulting.ca//netfilxwebsupportteampaymentalert/account/login.php
X-Sucuri-Cache: BYPASS
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash fe8d1ed441d3d03b7865a990d15fbd73
9e27deb7184ac9a80398a3a8a80cc78c2caa7774
b3bbedc254ebdbca12331799c2a2b8503e631142d2e7708c113024dcffda77ef
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 04 Dec 2022 17:05:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 03 Dec 2022 21:37:36 GMT
Expires: Sun, 04 Dec 2022 21:37:36 GMT
ETag: "9e27deb7184ac9a80398a3a8a80cc78c2caa7774"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 16:08:58 GMT
cache-control: public,max-age=3600
age: 3373
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1982
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 17:05:11 GMT
Last-Modified: Sun, 04 Dec 2022 16:32:09 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.41.201.177101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.201.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: H7reCOIEzM6fpFuFsphxUQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zA5VU3DLXE6yTjDNPVF6eESDzJs=
www.higginsonconsulting.ca//netfilxwebsupportteampaymentalert/account/login.php
192.124.249.175301 Moved Permanently 115 B URL HTTP/2 www.higginsonconsulting.ca//netfilxwebsupportteampaymentalert/account/login.php
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 638064cafdb9480bf5f67e7cc087387d
5b068a6a7fab6f543ab04a8c95b3034374be2323
a534f8094c7f3dca3fe2aec3e5ced137dca89852509be71f427aaab6eb26d954
Analyzer Verdict Alert fortinet Phishing
GET //netfilxwebsupportteampaymentalert/account/login.php HTTP/1.1
Host: www.higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 04 Dec 2022 17:05:11 GMT
content-type: text/html; charset=UTF-8
content-length: 115
location: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
x-pingback: http://higginsonconsulting.ca/xmlrpc.php
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: BYPASS
X-Firefox-Spdy: h2
higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
192.124.249.175404 Not Found 4.1 kB URL HTTP/2 higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
IP 192.124.249.175:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1680), with CRLF, LF line terminators
Hash e0c440c9a2ed7c51d5d4ef0ea3735d34
220a528a144d00544070fe6f0c612306a0a6b5d0
6317754ac6e556c875a923ea1d20558b2246a49ebf9edbf8a608b1f168595186
Analyzer Verdict Alert fortinet Phishing
GET /netfilxwebsupportteampaymentalert/account/login.php HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: text/html; charset=UTF-8
content-length: 4058
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
x-pingback: http://higginsonconsulting.ca/xmlrpc.php
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: BYPASS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 17:05:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 17:05:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.2
192.124.249.175200 OK 401 B URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.2
IP 192.124.249.175:0
Hash 7ba3deb835ae61e6da97133025b68864
17a0aa9845ed63af73d54b4a28b439463fe959cb
16cd5bbd2f70847bce61e2f4a65233347f0b1ee39ff1db34f18b70cac2b670ac
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: text/css
content-length: 401
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "10a161b-44f-5e91c9a33dec0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 17:05:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
higginsonconsulting.ca/wp-content/plugins/doptg/libraries/gui/css/jquery.jscrollpane.css?ver=3.5.2
192.124.249.175200 OK 422 B URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/doptg/libraries/gui/css/jquery.jscrollpane.css?ver=3.5.2
IP 192.124.249.175:0
Hash e1b119e06389d3a2c2e470fa9f10d738
6261229373d6c649e90987b56ac0faf976e6081d
161bc2ef93866f56924fd4800a1e868811bde8ef7db34671aa03c46438e120ff
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/doptg/libraries/gui/css/jquery.jscrollpane.css?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: text/css
content-length: 422
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "33a17e3-54f-5e91c9a33dec0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/plugins/doptg/assets/gui/css/jquery.dop.ThumbnailGallery.css?ver=3.5.2
192.124.249.175200 OK 1.3 kB URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/doptg/assets/gui/css/jquery.dop.ThumbnailGallery.css?ver=3.5.2
IP 192.124.249.175:0
Hash 6b2ef9292d64ad7ed4057a168eb32b42
c719bb671d73ae25bfb2454f98be9d098725c00f
1bd52da52ffc45a9107e56734e85f12b05f77d139b8e022b23541f9b2e33755f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/doptg/assets/gui/css/jquery.dop.ThumbnailGallery.css?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: text/css
content-length: 1328
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "33a16cf-2631-5e91c9a33dec0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0
192.124.249.175200 OK 200 B URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 1a9e55da90589e2482a0a9d1b5d6058b
8e0feee1be3183ab1677b330306495e6ffbf1b5e
755f00cbe0df93719b668435b3822286655cbaaadfe814cbf58e2316922f72db
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: text/css
content-length: 200
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:42 GMT
etag: "33a183e-1ee-5e91c9a61a580-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/plugins/revslider/rs-plugin/css/captions.css?ver=3.5.2
192.124.249.175200 OK 77 B URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/revslider/rs-plugin/css/captions.css?ver=3.5.2
IP 192.124.249.175:0
File type ASCII text, with no line terminators
Hash 0b8a33a46142ea9451254dfd5e3cb7d8
ea1a296aa35dd1800fe1027888f5a0dad292e549
c4c4fdbc6206d4159a351c0c8fdcfbef554ba62b76fdad4e08b18ffc491843af
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/rs-plugin/css/captions.css?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: text/css
content-length: 77
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:43 GMT
etag: "33a14d0-8f-5e91c9a70e7c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5104
Expires: Sun, 04 Dec 2022 18:30:17 GMT
Date: Sun, 04 Dec 2022 17:05:13 GMT
Connection: keep-alive
higginsonconsulting.ca/wp-content/plugins/revslider/rs-plugin/css/settings.css?ver=3.5.2
192.124.249.175200 OK 3.5 kB URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/revslider/rs-plugin/css/settings.css?ver=3.5.2
IP 192.124.249.175:0
Hash 76b5d64779925d43faf5f6e29f46b1e5
fb51b89b13a067f334cf7b626291aff7baabd110
fa188305e25d3a4b9f47d90d1ebdcc2c3041b830c0e1f40b9df2912ac8b12a21
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/rs-plugin/css/settings.css?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: text/css
content-length: 3454
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:43 GMT
etag: "33a14d2-5015-5e91c9a70e7c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/responsiveslides.css?ver=1.0.1
192.124.249.175200 OK 179 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/responsiveslides.css?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 13598223f778b13c9c5a1be07376df06
6c3844d526fae634ed6b609ee70b2fd146d51436
79f5500a2003b84765c8eafb0c099700275413fb3ba83b85127f6c67870e2dd5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/css/responsiveslides.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: text/css
content-length: 179
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ef9-1e1-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5104
Expires: Sun, 04 Dec 2022 18:30:17 GMT
Date: Sun, 04 Dec 2022 17:05:13 GMT
Connection: keep-alive
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/prettyPhoto.css?ver=1.0.1
192.124.249.175200 OK 2.6 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/prettyPhoto.css?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with very long lines (402), with CRLF line terminators
Hash 09299afb7472acc712a0895ab3866fb0
f314198284c50628948a46cc739009417d39a901
8c279312ca30ab35d8434407db8f7278c3c155bec18e2f9e26fbbddb279182ae
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/css/prettyPhoto.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: text/css
content-length: 2579
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ead-4e59-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
192.124.249.175200 OK 450 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash f7546c3f60f4d7ef255e966930dbfb61
4f2128689a01055aec8e5a927cd7cb7e54dbc0d1
b7ece9a0ba51414aee9826dff9b86132dc14586c2e08ab70765e53a3d5f452ab
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/style.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: text/css
content-length: 450
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1e26-465-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5104
Expires: Sun, 04 Dec 2022 18:30:17 GMT
Date: Sun, 04 Dec 2022 17:05:13 GMT
Connection: keep-alive
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/jcarousel/skin.css?ver=1.0.1
192.124.249.175200 OK 574 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/jcarousel/skin.css?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 555a0feefd2980ab190a986d3b81cb5c
b8b6b5f3cb346a51aa0d82761b0ec1883fa31c48
765f7a4b5b7f44707fecd5767a2c62334ff8092a4664043ead3aafd87d3d07ff
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/css/jcarousel/skin.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: text/css
content-length: 574
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1eca-1246-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.all.css?ver=1.0.1
192.124.249.175200 OK 174 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.all.css?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash bf09227734e54bae4ec52c933490fa36
9cbe23532de44efc5605265b3655138b6d45cfb9
9179abd78c3ca5ee91c621bb66d25576c29b213ab092d3499808bc67c84305e0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/css/ui/jquery.ui.all.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: text/css
content-length: 174
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ec2-12f-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/skins/orange/images.css?ver=1.0.1
192.124.249.175200 OK 233 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/skins/orange/images.css?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 59a522d8c34ca616cc6a6f6a9f07039b
d1dd1712b2b4d1ec6682470c84024b1391022943
8e20f1eeee5e27f14eacc3a85042b9e3098da8c5a5cf815a1968d8665fe70e1e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/css/skins/orange/images.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: text/css
content-length: 233
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ef6-312-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5104
Expires: Sun, 04 Dec 2022 18:30:17 GMT
Date: Sun, 04 Dec 2022 17:05:13 GMT
Connection: keep-alive
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/custom.css?ver=1.0.1
192.124.249.175200 OK 69 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/custom.css?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash bbb8ce1766572603a7777b63b135c9c1
61386c3750a402eb79abab1c15edf95d439ed930
2e38bc6482e21e2a02922c3c4198e5c8c0055768c84d21b6eeff2093c7e13b8c
GET /wp-content/themes/rocco_bak/css/custom.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: text/css
content-length: 69
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ed6-47-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/plugins/doptg/libraries/js/jquery.mousewheel.js?ver=3.5.2
192.124.249.175200 OK 846 B URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/doptg/libraries/js/jquery.mousewheel.js?ver=3.5.2
IP 192.124.249.175:0
Hash 0411153929963e608018761de02885fe
d93fc2bd35fd26e9312ecc92e743639a7f91b716
f668e8cd093d0972b9838b3be7ed6ab2f4c482f923deaef9a31047594a516375
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/doptg/libraries/js/jquery.mousewheel.js?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: application/javascript
content-length: 846
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "33a17b9-960-5e91c9a33dec0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5104
Expires: Sun, 04 Dec 2022 18:30:17 GMT
Date: Sun, 04 Dec 2022 17:05:13 GMT
Connection: keep-alive
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/responsive.css?ver=1.0.1
192.124.249.175200 OK 2.7 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/responsive.css?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash d2d865b5983c7bc14ee045a32a0190ec
b9be464349f007cc6c37d6b4d3e37228113f0dc9
0efd6c483732e600aacbab1fdc3f1d47a620119d92959825d82836ebff343008
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/css/responsive.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: text/css
content-length: 2691
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1eab-3611-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/skins/orange/style.css?ver=1.0.1
192.124.249.175200 OK 1.5 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/skins/orange/style.css?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash d3ebfb9b45ee5c489706bf1f12172f04
123e40d50fe7566aadfd2d90445c8735a2df6b81
5c86e3d59cb5c1ee6c0c52db5a1e6bc0b4c4de2a3d046892f02693730fff0039
GET /wp-content/themes/rocco_bak/css/skins/orange/style.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: text/css
content-length: 1542
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ef8-18fc-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.9.2
192.124.249.175200 OK 2.4 kB URL HTTP/2 higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.9.2
IP 192.124.249.175:0
File type ASCII text, with very long lines (6594)
Hash eed06e3a48e68678568be5b8d16034f1
5e067964acb3dbf426b2cb19365b3b9ab2e4d94c
8e86f322a4f95ee9129902f1e528d5a5972fd8f785dae30777160234fc1ddecf
GET /wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.9.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: application/javascript
content-length: 2399
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:26:10 GMT
etag: "16022e1-1a67-5e91c9c0ce480-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/plugins/doptg/libraries/js/jquery.jscrollpane.min.js?ver=3.5.2
192.124.249.175200 OK 4.6 kB URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/doptg/libraries/js/jquery.jscrollpane.min.js?ver=3.5.2
IP 192.124.249.175:0
File type ASCII text, with very long lines (4028)
Hash 22b2491868634101c9faf6a908946a8b
38538a47715476b8148b3acb5f9c366ff1e026be
d0d997a4d33b83f7f0b09f28be25aba2a59f6591fc2b1dbb18ae74f5aecd01fb
GET /wp-content/plugins/doptg/libraries/js/jquery.jscrollpane.min.js?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: application/javascript
content-length: 4570
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "33a17b8-3941-5e91c9a33dec0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vNP2rQwmWTntetjJyjonO8N_YOBqvQuZUm42BWX7c1GoX7jASOIpCg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:49:42 GMT
age: 69331
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
192.124.249.175200 OK 5.5 kB URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
IP 192.124.249.175:0
File type ASCII text, with very long lines (14900)
Hash 6743a2b6116ec15f4976377dba04f208
8965d08b35b43c793d61c52b6e5abadfb54c3e46
af8ff9d1ac6440b5a47e8de5ca1cbdd39bb24f670925592d6faec0a64f873a4e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: application/javascript
content-length: 5544
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "1082056-3b90-5e91c9a33dec0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.sortable.min.js?ver=1.9.2
192.124.249.175200 OK 5.8 kB URL HTTP/2 higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.sortable.min.js?ver=1.9.2
IP 192.124.249.175:0
File type ASCII text, with very long lines (23415)
Hash 6f578f5f7fbd1cf3f547afa0f84d9d0e
de23ecea695ee1999b5c65c5a9036b46cfcdfffa
3edcf19bbb182574229be7be197abfc9be3b580efeb99b75cb2d0102d56b13b1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/jquery.ui.sortable.min.js?ver=1.9.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: application/javascript
content-length: 5763
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:26:10 GMT
etag: "16022ec-5c1e-5e91c9c0ce480-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 69312
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.9.2
192.124.249.175200 OK 1.9 kB URL HTTP/2 higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.9.2
IP 192.124.249.175:0
File type ASCII text, with very long lines (4530)
Hash 9921bf89de4819da583daa7afec3236d
b8cc93b18fe70781ee9661cdd02971ff2e8f4766
c152d68f4fef28952125de83e30cfdd25cbcf1a8232a553b134bf962953611d0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.9.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: application/javascript
content-length: 1906
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:26:10 GMT
etag: "16022d8-1255-5e91c9c0ce480-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/js/mfn.menu.js?ver=1.0.1
192.124.249.175200 OK 663 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/js/mfn.menu.js?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 37fb84f08067fb24c56500560e55df43
3687ac84a40fd67efdf723e3dcaf86eacc2fed98
a6717e8452369f21fb47b0ab079f15911a39d671de89ed35edc736081bbea9eb
GET /wp-content/themes/rocco_bak/js/mfn.menu.js?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: application/javascript
content-length: 663
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1df0-78e-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.accordion.min.js?ver=1.9.2
192.124.249.175200 OK 3.0 kB URL HTTP/2 higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.accordion.min.js?ver=1.9.2
IP 192.124.249.175:0
File type ASCII text, with very long lines (10286)
Hash 58945c8624437d9b8dfc59292bd1e788
e5db82109db2706bb578197306b31dfacd983f61
2bbfd68117fead557a9214ec351cd2666f6b27010eedcb3986459eae1a479e8f
GET /wp-includes/js/jquery/ui/jquery.ui.accordion.min.js?ver=1.9.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: application/javascript
content-length: 3035
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:26:09 GMT
etag: "16022e8-28d6-5e91c9bfda240-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C400italic%2C700&ver=3.5.2
142.250.74.106200 OK 9.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C400italic%2C700&ver=3.5.2
IP 142.250.74.106:0
Hash d6e5b01972e1d42b4b5653090e15f270
8d553af12cccabe2acaf9cc60c6c4adf27ba8124
8785969ea2410b6959e565288cd8fd11652f8e7e8433639713e806a8a241e279
GET /css?family=Open+Sans%3A300%2C400%2C400italic%2C700&ver=3.5.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 17:05:12 GMT
date: Sun, 04 Dec 2022 17:05:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.2
192.124.249.175200 OK 2.9 kB URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.2
IP 192.124.249.175:0
Hash fa4542f622b5327612fcfdb953cda397
2974bebb5300f8c951a779acd2f333ff99b22b4c
dfbe7fc2531e8a18764ddb10e5f014585efc77f46bf7edb3346b93535433ee5c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: application/javascript
content-length: 2937
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "1082055-2bc0-5e91c9a33dec0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Patua+One&ver=3.5.2
142.250.74.106200 OK 16 kB URL HTTP/2 fonts.googleapis.com/css?family=Patua+One&ver=3.5.2
IP 142.250.74.106:0
Hash 84d35d3f75e78cfba00506eb278ab381
02ddaaba7ebdf958427f7d3e4561af89eea31125
da0705bb7c326b57eed4e12bfef275b7b85ffd1dd6de1815f00768d957c9b882
GET /css?family=Patua+One&ver=3.5.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 17:05:12 GMT
date: Sun, 04 Dec 2022 17:05:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.mouse.min.js?ver=1.9.2
192.124.249.175200 OK 843 B URL HTTP/2 higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.mouse.min.js?ver=1.9.2
IP 192.124.249.175:0
File type ASCII text, with very long lines (2700)
Hash 7e0ccdcb77d2752baee9774ee1a24096
8de03b4157e25bcebe0842bd4d30c2331ee77278
dde51cffc43a973abac2c18a04b7408dbd239d3883e0535dcd135d8b19ca3af1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/jquery.ui.mouse.min.js?ver=1.9.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: application/javascript
content-length: 843
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:26:10 GMT
etag: "16022e3-b30-5e91c9c0ce480-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 69672
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.tabs.min.js?ver=1.9.2
192.124.249.175200 OK 5.2 kB URL HTTP/2 higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.tabs.min.js?ver=1.9.2
IP 192.124.249.175:0
File type ASCII text, with very long lines (18409)
Hash 462bd945bf9cf4fdba727de5de617afb
558ef3332f74ca7f07b36c8b6348db703de04d7c
89a9c0a6ebdefd7da0d7f522845f6f4c39fc487f26363783a4f1435a2bbdea62
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/jquery.ui.tabs.min.js?ver=1.9.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: application/javascript
content-length: 5150
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:26:10 GMT
etag: "16022d3-488c-5e91c9c0ce480-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/js/sliders/responsiveslides.js?ver=1.0.1
192.124.249.175200 OK 2.4 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/js/sliders/responsiveslides.js?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash cc970b337a5b20fbcc669bd92c2cf632
76f58c3ff40d947069792fd2029a1ac8cbaf35e8
bcefac70c3ea822ae6b120c41dc0f6bc51a70695d507dd6febe8394130dd3167
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/js/sliders/responsiveslides.js?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: application/javascript
content-length: 2417
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ded-2570-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2636f91bb8fa4d9bb7bef114c248a9ae
8637105f41058bc0d2b259d462b560881928adb6
3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PQ7xh995cd1UVi3z42EVZGjQjHLLvtAP5BBC-xLEEGr4mEiXS6fC-w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:06 GMT
age: 69487
etag: "8637105f41058bc0d2b259d462b560881928adb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/js/sliders/jquery.jcarousel.min.js?ver=1.0.1
192.124.249.175200 OK 4.3 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/js/sliders/jquery.jcarousel.min.js?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with very long lines (15184), with CRLF line terminators
Hash b9a51e069208c94989ab81ff56505bd4
0597022af7fcc219e266dc83e063a489bc878b75
8e8fc9842982c3f3c20ba03a4d7003b6215104064e3fd3409793399b46d77d48
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/js/sliders/jquery.jcarousel.min.js?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: application/javascript
content-length: 4292
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1def-3d32-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/js/scripts.js?ver=1.0.1
192.124.249.175200 OK 2.4 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/js/scripts.js?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 2336ede36af214a26305c8d846c25d93
e48e5196037ab576517af5b25bf8a3c90770e54b
955f1102bb4e1cad8ed5cef3f937539a48a4b959f5afb54f4f9fb9d0feb0b444
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/js/scripts.js?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: application/javascript
content-length: 2417
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1df2-2e55-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/js/jquery.plugins.js?ver=1.0.1
192.124.249.175200 OK 12 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/js/jquery.plugins.js?ver=1.0.1
IP 192.124.249.175:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (21776), with CRLF line terminators
Hash 04261b037195d3d12240807615e8c408
d06c3f8582b3cdd394dd0dfaaf46cae78aedc6f5
431f1ddcb3e796b9aed24b897737eaf7c2234562ad509ae58e91b07e6f44b035
GET /wp-content/themes/rocco_bak/js/jquery.plugins.js?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: application/javascript
content-length: 11662
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1de4-a3da-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/uploads/2014/05/Higginson-Consulting-Ltd-Structural-Civil-e1400647779351.jpg
192.124.249.175200 OK 12 kB URL HTTP/2 higginsonconsulting.ca/wp-content/uploads/2014/05/Higginson-Consulting-Ltd-Structural-Civil-e1400647779351.jpg
IP 192.124.249.175:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x82, components 3\012- data
Hash e0bcd55dfd409f781264b22921d7bd3f
c9846d696c332a86caae265f6def6eaab7002dc1
5233c7d0471f9d9f441d19101f33e6798aa613ca5bd1feb60f93537af2523e8f
GET /wp-content/uploads/2014/05/Higginson-Consulting-Ltd-Structural-Civil-e1400647779351.jpg HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: image/jpeg
content-length: 12237
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:53 GMT
etag: "2101723-2fcd-5e91c9b097e40"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=3.5.2
192.124.249.175200 OK 18 kB URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=3.5.2
IP 192.124.249.175:0
File type Unicode text, UTF-8 text, with very long lines (63134)
Hash 0a4e2e312203185d3467863bbaeb2f50
d6d64d4047c763dbfc499fc8c8e27c43d60050b1
0c09b05432d919c02135ed3c78f0e1a32ed941659cb8131424adaf02707143be
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: application/javascript
content-length: 18199
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:43 GMT
etag: "33a1494-14750-5e91c9a70e7c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/plugins/doptg/assets/js/jquery.dop.ThumbnailGallery.js?ver=3.5.2
192.124.249.175200 OK 19 kB URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/doptg/assets/js/jquery.dop.ThumbnailGallery.js?ver=3.5.2
IP 192.124.249.175:0
Hash a7740212ae2560b2e8449596abb8a892
47d6767b4d83a90d4cbf3af8f52e63ec40a95923
2330ed7e0f1796e5fabe3c04d3a5349d7e069c2299ac4dbbf6af026bc93e5901
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/doptg/assets/js/jquery.dop.ThumbnailGallery.js?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: application/javascript
content-length: 19315
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "33a16aa-3bd1d-5e91c9a33dec0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/style.php?ver=1.0.1
192.124.249.175200 OK 435 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/style.php?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF, LF line terminators
Hash 3004372ccabdaa97c781c2ae0d088ebe
79b55a27197d9407513072b224aaecabcfe756d4
a78e20253a0b11a9406c26aceb6d0665daf087c2026402efbd04c49afc64d323
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/style.php?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:13 GMT
content-type: text/css;;charset=UTF-8
content-length: 435
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-includes/js/jquery/jquery.js?ver=1.8.3
192.124.249.175200 OK 32 kB URL HTTP/2 higginsonconsulting.ca/wp-includes/js/jquery/jquery.js?ver=1.8.3
IP 192.124.249.175:0
File type ASCII text, with very long lines (65483)
Hash 835ef7a3949c85489ee516fe0efa7184
8915c9f070078522709b8c2c2261d993712da213
f9bcc8788bc3201fe5da1353f7349271ff40d25d7d6b0e6313d84eb2f1e65b08
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.js?ver=1.8.3 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: application/javascript
content-length: 32380
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:26:10 GMT
etag: "15e2b10-16dda-5e91c9c0ce480-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/buttons.css
192.124.249.175200 OK 296 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/buttons.css
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash bceb23ff7b1c614fe36da80ae821ba03
e71450f5d54abd1da9fe39c0f278f6da9bb5a1e5
556a26e3cd1d64ba0abd72f2a8f6d75d4a6bcdd06e80d8ded86bfde79995dae5
GET /wp-content/themes/rocco_bak/css/buttons.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:13 GMT
content-type: text/css
content-length: 296
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ed5-5e8-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/grid.css
192.124.249.175200 OK 745 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/grid.css
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 9d0473660aeb6c53aaead26105c86991
f5c30bb8566b1019a5ab3a121d5822cf9ec97d77
c5a5edd389c8dbbd8e2ab1dbcbaffcd36c3f45b3c666d33c94202ba72f753b81
GET /wp-content/themes/rocco_bak/css/grid.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:13 GMT
content-type: text/css
content-length: 745
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ed0-a31-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/base.css
192.124.249.175200 OK 1.8 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/base.css
IP 192.124.249.175:0
File type ASCII text, with very long lines (483), with CRLF line terminators
Hash 44195593b80fc7d7e6c15afa93b5c23c
6e38ec17cc2cb8499e8bc568b8231b8b8b1fafef
d1e00a3cb2433acc3236fe4b237606e35df6de8e06c412e845edb9b34962e937
GET /wp-content/themes/rocco_bak/css/base.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:13 GMT
content-type: text/css
content-length: 1752
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ed4-18dc-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/layout.css
192.124.249.175200 OK 4.9 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/layout.css
IP 192.124.249.175:0
File type ASCII text, with very long lines (322), with CRLF line terminators
Hash d754ce32ce6b77b92cf6a589a128b8ed
2562b51cb2e0dc316482e9d16864118d6287eb12
d03121b02653b2cfdd4e31cb040c812479f7b0f0788cdb7998358cae28b789de
GET /wp-content/themes/rocco_bak/css/layout.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:13 GMT
content-type: text/css
content-length: 4865
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1efa-6487-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/animations.css
192.124.249.175200 OK 451 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/animations.css
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 24c512bcef02a5d35864309bb576d4af
226801ff841b0dc7ff63d76112dd643917ed824a
0ca3c68a095b120e3d77ffcacbfcbdfd72bb6f6e2ac8631a8d6f265db99ba261
GET /wp-content/themes/rocco_bak/css/animations.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:13 GMT
content-type: text/css
content-length: 451
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1efb-d49-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 17:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://higginsonconsulting.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 511952
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 17:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/variables.css
192.124.249.175200 OK 993 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/variables.css
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash c5a38add175e1432bd83e3d4250426a6
4666fae46a3f1cb6399fd1a22d3c227f68f39c91
af7b605a2e70ad861b8139b35fa765473350f86e4040bc4267511d76031f2a2c
GET /wp-content/themes/rocco_bak/css/variables.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:13 GMT
content-type: text/css
content-length: 993
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ed3-d29-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/shortcodes.css
192.124.249.175200 OK 4.4 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/shortcodes.css
IP 192.124.249.175:0
File type ASCII text, with very long lines (374), with CRLF line terminators
Hash 3162fa9b023969890daae49c9939ea82
1aac64dfea97b575eaa62edf8bc94e7b64e9cf4c
3e362c76566e2462d22dcfb1b93cb40685870c1f4be07942aadc9587903e0d2a
GET /wp-content/themes/rocco_bak/css/shortcodes.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:13 GMT
content-type: text/css
content-length: 4449
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ec7-616b-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/fonts.css
192.124.249.175200 OK 74 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/fonts.css
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 1673be58e25f55a64019ccc58d17cd83
ffcdce3a2ea5260ac83b7b854370a57e38645620
76550bdc643c361f88456b4bfbb3c0b004aafe432b8fe0b11efdc823fb605584
GET /wp-content/themes/rocco_bak/css/fonts.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:13 GMT
content-type: text/css
content-length: 74
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ed1-68-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.base.css
192.124.249.175200 OK 59 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.base.css
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 95d9b175d68f759b284287f8d423445e
c0ed993b74c6edb3b84e33d6d6280e699b7ade74
1070d5e76acdddb578ac78f78fc1307ad56854540eb666c2ad63df31708e8432
GET /wp-content/themes/rocco_bak/css/ui/jquery.ui.base.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.all.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:13 GMT
content-type: text/css
content-length: 59
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ec3-6f-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.theme.css
192.124.249.175200 OK 2.5 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.theme.css
IP 192.124.249.175:0
File type ASCII text, with very long lines (551), with CRLF line terminators
Hash e57c78e0db86b9c8746686405afd32be
99f8acb007e6b005db65cbb8062fe58389856ffd
1d60a0422bf23ed0c5ff2864351d7c34c634d33170d18efa57bdc8198edec3c7
GET /wp-content/themes/rocco_bak/css/ui/jquery.ui.theme.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.all.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:13 GMT
content-type: text/css
content-length: 2500
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ec4-4558-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/socialico.css
192.124.249.175200 OK 280 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/socialico.css
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 8e5cda2e5bf597df40a70ba5d88b6f41
40cd25374a03ddb297556d2341bcc8042bdfe839
031cf9a5dc3051f3612bd5f2e1a9e8256868e0cb890c726d8d482c98fb8a960d
GET /wp-content/themes/rocco_bak/fonts/socialico.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/css/fonts.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:13 GMT
content-type: text/css
content-length: 280
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1e17-25b-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.core.css
192.124.249.175200 OK 514 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.core.css
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 7b1cdf0501848a4cde4f1ab7c711c411
5c7b84ab713dcd80d665e8826717725cfb06ab22
98055596fffc8ffd35e43f14d9a23dea220d395a07c6612895092eeb16371404
GET /wp-content/themes/rocco_bak/css/ui/jquery.ui.core.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:13 GMT
content-type: text/css
content-length: 514
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ec5-54c-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/fontawesome.css
192.124.249.175200 OK 5.1 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/fontawesome.css
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash ce027665d8cc392b68e150f2236b77a3
2f8eb2b114736504bcf591b3e91abaa0a1504dce
346ff2d5e383af296f4187cad6ad0795e05945506f1bf5b7847a9a38752e9fe0
GET /wp-content/themes/rocco_bak/fonts/fontawesome.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/css/fonts.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:13 GMT
content-type: text/css
content-length: 5058
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1e11-700a-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.accordion.css
192.124.249.175200 OK 534 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.accordion.css
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 8df64f1a3321e8cbfbf0a3face05f861
270eda94e12ab37f9e9628634ab7f403dbc17d4b
40fb67b1a45c4113fec9b21b3e7f5ab8629f2827f06a6c9149968a57b7f1be9b
GET /wp-content/themes/rocco_bak/css/ui/jquery.ui.accordion.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:13 GMT
content-type: text/css
content-length: 534
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ec0-6db-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.tabs.css
192.124.249.175200 OK 454 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.tabs.css
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 62ac12ed7068722ea5bd665316fe6897
c88f32fb666b51ba79e7f1c430666ab11e27b89c
c38ad616141f71d0d2bb7c9f6f3ae6438fdaadcecf0ecf99ae09ad32b4b05348
GET /wp-content/themes/rocco_bak/css/ui/jquery.ui.tabs.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:14 GMT
content-type: text/css
content-length: 454
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ec6-5ac-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
216.58.207.227200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17820, version 1.0\012- data
Hash 3d5107abaf7bf4df5478bd04625c0929
b04d394caabf6ea3e500b74781dc2bfd54f3c18d
9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31
GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://higginsonconsulting.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:56:05 GMT
expires: Tue, 28 Nov 2023 18:56:05 GMT
cache-control: public, max-age=31536000
age: 511749
last-modified: Mon, 15 Aug 2022 18:13:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/plugins/recent-tweets-widget/assets/tweet.png
192.124.249.175200 OK 1.3 kB URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/recent-tweets-widget/assets/tweet.png
IP 192.124.249.175:0
File type PNG image data, 24 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 5131e10e2f4a1401999782c93d2fe338
debcd9c415053681c744e987a9616a489f4a7f75
a2062bdf8870d01bdef61bbf7cd4581a9845c0ca97e2cf4afc06b498c3c62c32
GET /wp-content/plugins/recent-tweets-widget/assets/tweet.png HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:14 GMT
content-type: image/png
content-length: 1316
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:42 GMT
etag: "33a183a-524-5e91c9a61a580"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/fontawesome-webfont.woff?v=3.2.1
192.124.249.175200 OK 44 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/fontawesome-webfont.woff?v=3.2.1
IP 192.124.249.175:0
File type Web Open Font Format, TrueType, length 43572, version 1.0\012- data
Hash b683029bafe0305ac2234038a03e1541
12f8c193902e99348493ace32e498031bf79b654
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/fonts/fontawesome-webfont.woff?v=3.2.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/fontawesome.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:14 GMT
content-type: font/woff
content-length: 43572
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1e1b-aa34-5e91c9abd3300"
accept-ranges: bytes
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 17:05:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/socialico-webfont.woff
192.124.249.175200 OK 21 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/socialico-webfont.woff
IP 192.124.249.175:0
File type Web Open Font Format, TrueType, length 21152, version 1.0\012- data
Hash 7d981a73f596299e73019e42361f4cec
3bc26443c5f17ed229e9ee16f074ca3f4d2e6bf3
5499c273b501aedecb05a514aea7783a88be973f8a6854e4228f80bb21abf84f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/fonts/socialico-webfont.woff HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/socialico.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:14 GMT
content-type: font/woff
content-length: 21152
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1e15-52a0-5e91c9abd3300"
accept-ranges: bytes
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
ssl.google-analytics.com/ga.js
142.250.74.104200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.104:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Sun, 04 Dec 2022 16:17:12 GMT
expires: Sun, 04 Dec 2022 18:17:12 GMT
cache-control: public, max-age=7200
age: 2882
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 17:05:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=581348966&utmhn=higginsonconsulting.ca&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Page%20Not%20Found%20-%20Higginson%20Consulting%20Ltd.Higginson%20Consulting%20Ltd.&utmhid=2052293752&utmr=-&utmp=%2Fnetfilxwebsupportteampaymentalert%2Faccount%2Flogin.php&utmht=1670173512448&utmac=UA-38159246-1&utmcc=__utma%3D22406946.1268847275.1670173512.1670173512.1670173512.1%3B%2B__utmz%3D22406946.1670173512.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1676258381&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.104200 OK 35 B URL HTTP/2 ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=581348966&utmhn=higginsonconsulting.ca&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Page%20Not%20Found%20-%20Higginson%20Consulting%20Ltd.Higginson%20Consulting%20Ltd.&utmhid=2052293752&utmr=-&utmp=%2Fnetfilxwebsupportteampaymentalert%2Faccount%2Flogin.php&utmht=1670173512448&utmac=UA-38159246-1&utmcc=__utma%3D22406946.1268847275.1670173512.1670173512.1670173512.1%3B%2B__utmz%3D22406946.1670173512.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1676258381&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.104:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=581348966&utmhn=higginsonconsulting.ca&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Page%20Not%20Found%20-%20Higginson%20Consulting%20Ltd.Higginson%20Consulting%20Ltd.&utmhid=2052293752&utmr=-&utmp=%2Fnetfilxwebsupportteampaymentalert%2Faccount%2Flogin.php&utmht=1670173512448&utmac=UA-38159246-1&utmcc=__utma%3D22406946.1268847275.1670173512.1670173512.1670173512.1%3B%2B__utmz%3D22406946.1670173512.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1676258381&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Sun, 04 Dec 2022 17:05:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/uploads/2013/09/favicon.ico
192.124.249.175200 OK 613 B URL HTTP/2 higginsonconsulting.ca/wp-content/uploads/2013/09/favicon.ico
IP 192.124.249.175:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash fab484210178c71ddd0675e78f7364d8
8f1b643f4d83268f15ded454a2e35bb97d9347fa
194d3e4b0fe6a26263d119f9e715982b15c10c71c84c8bc33d265f2e5a3d24a6
GET /wp-content/uploads/2013/09/favicon.ico HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 17:05:14 GMT
content-type: image/x-icon
content-length: 613
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:51 GMT
etag: "19e2f67-47e-5e91c9aeaf9c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
blackname.biz/?pu=mjqtknzqmi5ha3ddf42tsnbu
3.64.163.50200 OK 0 B URL HTTP/2 blackname.biz/?pu=mjqtknzqmi5ha3ddf42tsnbu
IP 3.64.163.50:0
GET /?pu=mjqtknzqmi5ha3ddf42tsnbu HTTP/1.1
Host: blackname.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Sun, 04 Dec 2022 17:05:12 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
etag: W/"5a33db765c41c5ccdcfee5bba5818c63"
cache-control: max-age=0, private, must-revalidate
set-cookie: bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=udLeEetmlv8MX9jM4t5DHKuK6mlYw8zAeD%2BLzlq1Zp1ToseGvQCt3MEn5xKgjFlTLhmQSl%2FMxoeMODehJey152HPmfTn8RnEF2iW1i9pNDqn1Yd2O7sSXd3JSnLu0MDx91J8PdnPWhh4sm3ipFV8N4vC6C7MdO2r6bmj25dn1pet0fFqGpEEYV88jbK%2FEsMhd1C8k%2BHpAMx6UejZY24eanTefo5WYHPxA35NUlz2pnIyUqeaW1S%2BeNsj7HMKlzEtdoT1Si1orO6gnWG3ExM%2F6IRW96gEoMfbP8WLgpOuPmmgPyHaqSq8bbGHL5%2F7SxmcQdsvpoTY8TlDf4zO2VZIAl1xRGkGTiQxPMtI1uCQn3cShvVrsZN9J1Imdfaw%2BgMIb7mWIfz8r3I58z5HkYK8o70WVneiuSFDTUE2tR5A%2Bpb%2BOVC%2BB1oi6XMXGOvc9hvqc0OUJ50SWFn4pxHlp9V9qQ%3D%3D--pcUTk4lms%2BeV%2BbbE--VPuwm5K5sT2DKXSu9JjLoA%3D%3D; path=/; secure; HttpOnly
x-request-id: 601087fb-b409-4fda-879f-e215733cd4ec
x-runtime: 0.124011
content-encoding: gzip
X-Firefox-Spdy: h2