Report - aureumcs.ca/menu/inc/en-us

Report Overview

Submitted URL
aureumcs.ca/menu/inc/en-us
IP
67.43.226.109
ASN
#36666 GTCOMM
Submitted
2022-12-02 06:13:40
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
60

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	56 kB	34.120.237.76
bam-cell.nr-data.net	365	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	2.3 kB	162.247.241.2
js-na1.hs-scripts.com	8274	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	589 B	104.17.210.204
static.hsappstatic.net	8199	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	7.0 kB	104.17.9.210
api.hubapi.com	4102	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	432 B	1.1 kB	104.17.200.204
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.4 kB	8.4 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
aureumcs.ca	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	17 kB	1.6 MB	67.43.226.109
api.hubspot.com	5214	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	630 B	3.0 kB	104.19.154.83
js.hs-scripts.com	2571	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	392 B	629 B	104.17.210.204
js-agent.newrelic.com	378	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	19 kB	151.101.66.137
snap.licdn.com	1044	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	4.9 kB	95.101.11.57
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.131
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	1.6 kB	142.250.74.106
js.hsadspixel.net	3795	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	354 B	3.6 kB	104.17.115.176
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	21 kB	142.250.74.110
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	599 B	703 B	64.233.164.156
px.ads.linkedin.com	522	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	970 B	2.3 kB	13.107.42.14
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.148.190.4
js.usemessages.com	5634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	22 kB	104.17.236.204
cdn.linkedin.oribi.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	966 B	920 B	54.230.111.78
www.linkedin.com	608	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	587 B	2.5 kB	13.107.42.14
js.hs-analytics.net	2411	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	624 B	104.17.70.176

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-12-01	medium	aureumcs.ca/menu/inc/en-us	Office365
2022-12-01	medium	aureumcs.ca/menu/inc/en-us	Office365

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-02	medium	aureumcs.ca/menu/inc/en-us	Phishing
2022-12-02	medium	aureumcs.ca/menu/inc/en-us	Phishing
2022-12-02	medium	aureumcs.ca/wp-content/themes/handel/css/bootstrap.css?ver=5.1.15	Phishing
2022-12-02	medium	aureumcs.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1	Phishing
2022-12-02	medium	aureumcs.ca/wp-includes/css/dist/block-library/style.min.css?ver=5.1.15	Phishing
2022-12-02	medium	aureumcs.ca/wp-content/themes/handel/style.css?ver=5.1.15	Phishing
2022-12-02	medium	aureumcs.ca/wp-content/themes/handel/css/swiper.min.css?ver=5.1.15	Phishing
2022-12-02	medium	aureumcs.ca/wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=5.1.15	Phishing
2022-12-02	medium	aureumcs.ca/wp-content/themes/handel/css/codeless-dynamic.css?ver=5.1.15	Phishing
2022-12-02	medium	aureumcs.ca/wp-content/themes/handel/css/codeless-creative-search.css?ver=5.1.15	Phishing
2022-12-02	medium	aureumcs.ca/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.css?ver=5.1.15	Phishing
2022-12-02	medium	aureumcs.ca/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.0	Phishing
2022-12-02	medium	aureumcs.ca/wp-content/plugins/tablepress/css/default.min.css?ver=1.9.2	Phishing
2022-12-02	medium	aureumcs.ca/wp-includes/js/jquery/jquery.js?ver=1.12.4	Phishing
2022-12-02	medium	aureumcs.ca/wp-content/plugins/download-manager/assets/js/front.js?ver=5.1.15	Phishing
2022-12-02	medium	aureumcs.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1	Phishing
2022-12-02	medium	aureumcs.ca/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=5.1.15	Phishing
2022-12-02	medium	aureumcs.ca/wp-includes/js/imagesloaded.min.js?ver=3.2.0	Phishing
2022-12-02	medium	aureumcs.ca/wp-content/plugins/codeless-builder/assets/js/cl-front-end.js?ver=5.1.15	Phishing
2022-12-02	medium	aureumcs.ca/wp-content/plugins/download-manager/assets/js/chosen.jquery.min.js?ver=5.1.15	Phishing
2022-12-02	medium	aureumcs.ca/wp-includes/js/jquery/jquery.form.min.js?ver=4.2.1	Phishing
2022-12-02	medium	aureumcs.ca/wp-includes/js/wp-embed.min.js?ver=5.1.15	Phishing
2022-12-02	medium	aureumcs.ca/wp-content/uploads/2022/11/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4k-3.woff	Phishing
2022-12-02	medium	aureumcs.ca/wp-content/uploads/2022/11/CSR94z5ZnPydRjlCCwlKa8cp-3.woff	Phishing
2022-12-02	medium	aureumcs.ca/wp-content/uploads/2022/11/CSR44z5ZnPydRjlCCwlC0OI6T_N9-3.woff	Phishing
2022-12-02	medium	aureumcs.ca/wp-content/uploads/2022/11/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w9-3.woff	Phishing
2022-12-02	medium	aureumcs.ca/wp-content/uploads/2022/11/CSR44z5ZnPydRjlCCwlCtOM6T_N9-3.woff	Phishing
2022-12-02	medium	aureumcs.ca/wp-content/themes/handel/css/fonts/codeless-icons.woff2?79887187	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (46)

	URL	Size	First Seen	Last Seen
	js.usemessages.com/conversations-embed.js	75 kB	2023-03-08	2023-03-11
Pretty URL js.usemessages.com/conversations-embed.js IP 104.17.236.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:40 Last Seen2023-03-11 23:50:13 Times Seen1 Hash 3627b1239c7c8f4b3768aac997a7abb5 586da2ea2a9caff38f6e2ace67821b307d11f007 e1bd4b4b6864190d640c111b4c78f1190f566c6d12507fd15355187793b1174c Loading...

	aureumcs.ca/menu/inc/en-us	72 B	2023-03-07	2024-04-19
Pretty URL aureumcs.ca/menu/inc/en-us IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:57:48 Last Seen2024-04-19 17:27:24 Times Seen43 Hash 3bedd646e3198775a47b583cc8738200 7d70f85183457e0bf51e7a67fce6c7b765ec4a42 7fdd9b6347499265bc1fea5913cc328a42a052649cacfa677edb8f77737d13ab Loading...

	aureumcs.ca/wp-includes/js/wp-emoji-release.min.js?ver=5.1.15	12 kB	2023-03-07	2024-04-05
Pretty URL aureumcs.ca/wp-includes/js/wp-emoji-release.min.js?ver=5.1.15 IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:16 Last Seen2024-04-05 05:28:29 Times Seen2101 Hash 33479c6b333bb34fd771bf50df1fefc3 4869e92709eee1d1a42a697a80879e303aea7572 d9160bf5ee2c9435a62c8b1d991b7f419417cab5d5a37eefcee79767a292b4b7 Loading...

	aureumcs.ca/menu/inc/en-us	334 B	2023-03-08	2023-03-08
Pretty URL aureumcs.ca/menu/inc/en-us IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:45 Last Seen2023-03-08 14:31:45 Times Seen1 Hash c54d89811c470cf04262dfcb72368591 4859246d064a64a9b3be554501e480cd3f1bd08c f319c0bf058f2fc9f33f1f9b38ab591562b0d884d467c0e7e72661d64f780f21 Loading...

	aureumcs.ca/wp-includes/js/jquery/jquery.js?ver=1.12.4	97 kB	2023-03-07	2024-04-20
Pretty URL aureumcs.ca/wp-includes/js/jquery/jquery.js?ver=1.12.4 IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:38 Last Seen2024-04-20 09:49:39 Times Seen17722 Hash 49edccea2e7ba985cadc9ba0531cbed1 f8747f8ee704d9af31d0950015e01d3f9635b070 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df Loading...

	aureumcs.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1	10 kB	2023-03-07	2024-04-23
Pretty URL aureumcs.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-23 05:14:55 Times Seen37149 Hash 7121994eec5320fbe6586463bf9651c2 90532aff6d4121954254cdf04994d834f7ec169b 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Loading...

	aureumcs.ca/menu/inc/en-us	757 B	2023-03-08	2023-03-08
Pretty URL aureumcs.ca/menu/inc/en-us IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:45 Last Seen2023-03-08 14:31:45 Times Seen1 Hash 11b0beb630c09ed04b5d0879671260dc 5ec18aaddba4b98157becb11137c9b187300a5b8 a0722a069a16465435d180013474d0a0d3b222e7eac16fa4d35d6768d0308ae7 Loading...

	aureumcs.ca/wp-includes/js/jquery/jquery.form.min.js?ver=4.2.1	16 kB	2023-03-07	2024-04-16
Pretty URL aureumcs.ca/wp-includes/js/jquery/jquery.form.min.js?ver=4.2.1 IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:25 Last Seen2024-04-16 10:51:58 Times Seen578 Hash dc8902056c06aec88cebcc2ab9ee44f3 023a840ffef1fa94acfdac6ef39fef89937a0420 984cf02a8dfc0e5f7d51a73b1b768a82b005bf389183b6d038022fc2ddd1f06c Loading...

	unknown	0 B	2023-03-07	2024-04-23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 15:54:33 Times Seen37021601 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	js.hsadspixel.net/fb.js	6.0 kB	2023-03-08	2023-03-11
Pretty URL js.hsadspixel.net/fb.js IP 104.17.115.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:27:28 Last Seen2023-03-11 23:52:28 Times Seen1 Hash c32a10854f4ff995fc7198ba0324bcc6 538c079c9eebb6ad6d1a0d300adb0ccee3a9e3fc 45f97a1f00cd5aaa7a0e2ae8a3a47031764054e46fa624f71043b618b4c2398b Loading...

	aureumcs.ca/menu/inc/en-us	2.0 kB	2023-03-08	2023-03-08
Pretty URL aureumcs.ca/menu/inc/en-us IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:45 Last Seen2023-03-08 14:31:45 Times Seen1 Hash e72d711aac0254b9b494a45820603f9f 9607aeaaf4150c3782f3ab7bbfe4fd7365b69e9f 928cdabd59f9ce319f6df9798fbde3127e10c1c6935432cc1754b461b72cf6d7 Loading...

	aureumcs.ca/menu/inc/en-us	108 B	2023-03-07	2024-04-17
Pretty URL aureumcs.ca/menu/inc/en-us IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-17 10:30:46 Times Seen1415 Hash 2231d6e8d067a5cd22231e45e01e55de c9853ded0a5ac22d145c255b7e82f4c68e551a88 a96d6ca55569b0fb36fb7b9bfc2378f8c0cb651f41ea58af668175d44756fc50 Loading...

	aureumcs.ca/wp-content/plugins/download-manager/assets/js/front.js?ver=5.1.15	21 kB	2023-03-08	2024-01-24
Pretty URL aureumcs.ca/wp-content/plugins/download-manager/assets/js/front.js?ver=5.1.15 IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:05:15 Last Seen2024-01-24 09:01:30 Times Seen3 Hash ce5203aec0477660cbe50cf1453d89f4 f3b6a52519b06dd68961ea42546d556a6ac1ea80 022da7a1344c50af056e93f9ee1fd3bf99fabe6bdef2cc77620970e27ecc524d Loading...

	aureumcs.ca/wp-content/themes/handel/js/codeless-main.js?ver=5.1.15	114 kB	2023-03-08	2023-12-31
Pretty URL aureumcs.ca/wp-content/themes/handel/js/codeless-main.js?ver=5.1.15 IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:45 Last Seen2023-12-31 09:29:45 Times Seen3 Hash 4bbc2a00ea808016ec23fc4a64a61e7e a279debc64fafa71ef78f466a7522876cf6ff08b d5ffba28fe353e13f953e51c8e4ec6b7b54674df4d9a0f93004cbbbb7456fe88 Loading...

	aureumcs.ca/wp-content/themes/handel/js/bowser.min.js?ver=5.1.15	6.8 kB	2023-03-07	2024-01-11
Pretty URL aureumcs.ca/wp-content/themes/handel/js/bowser.min.js?ver=5.1.15 IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:32:53 Last Seen2024-01-11 11:30:04 Times Seen30 Hash 47473f693375db5dfbc3a4f1315af97e 7b377000b7d6fa43ce2801c9b427aa0a9a4b960c b4f4e3e207f5ff66b5afbdb9d7f2b10e6df5780445d3d718636b6149f0460e57 Loading...

	aureumcs.ca/wp-content/plugins/codeless-builder/assets/js/cl-front-end.js?ver=5.1.15	8.5 kB	2023-03-08	2023-12-31
Pretty URL aureumcs.ca/wp-content/plugins/codeless-builder/assets/js/cl-front-end.js?ver=5.1.15 IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:45 Last Seen2023-12-31 09:29:45 Times Seen7 Hash 923ea3daf2ef846b3b0df66f3812ef41 0b823474d4a6a5d0cebb05e91048fab46602c0e7 d1f43193e302f0ecb93d77f1dfa55d1ee1244ea0571a13d87acb5d13707802df Loading...

	js.hs-scripts.com/5921771.js?integration=wordpress&ver=5.1.15	1.9 kB	2023-03-08	2023-03-08
Pretty URL js.hs-scripts.com/5921771.js?integration=wordpress&ver=5.1.15 IP 104.17.210.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:45 Last Seen2023-03-08 14:31:45 Times Seen1 Hash d46044e9ad299b497838dcfd111207ab 90a60ff307653ec3858d7fa2fecf496800749e4d 960c652fe35818c64bc547b10ed4377d58c52c60c1847829c99dadcc72089fd1 Loading...

	static.hsappstatic.net/hubspot-dlb/static-1.332/bundle.production.js	302 kB	2023-03-08	2023-03-14
Pretty URL static.hsappstatic.net/hubspot-dlb/static-1.332/bundle.production.js IP 104.17.9.210 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:45 Last Seen2023-03-14 09:11:59 Times Seen1 Hash d9e371a943207738b889e588b0560980 d86941f08fb1ae89eae604cd05617140cf71e18f f0690400723e03c32d39e4cd16927f0698eb86effbb015b62b574ab0f3380dbf Loading...

	app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b?uuid=406a2d32e7914cb99a57d1283bf2b4e4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=aureumcs.ca&inApp53=false&messagesUtk=d157961626d44d478778b1d231ac304b&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false	6.9 kB	2023-03-08	2023-03-11
Pretty URL app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b?uuid=406a2d32e7914cb99a57d1283bf2b4e4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=aureumcs.ca&inApp53=false&messagesUtk=d157961626d44d478778b1d231ac304b&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:45 Last Seen2023-03-11 23:50:13 Times Seen1 Hash 4ccd13c3f57c1165cae5d741546d8c95 8d93e6d3d6c86b160d30ab39c172f015ca1324d9 2c266fb672e73f499ffedf738526ad61faba7a43c265ab94b6dcf7141cc18a94 Loading...

	app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b?uuid=406a2d32e7914cb99a57d1283bf2b4e4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=aureumcs.ca&inApp53=false&messagesUtk=d157961626d44d478778b1d231ac304b&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false	1.8 kB	2023-03-08	2023-03-13
Pretty URL app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b?uuid=406a2d32e7914cb99a57d1283bf2b4e4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=aureumcs.ca&inApp53=false&messagesUtk=d157961626d44d478778b1d231ac304b&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:37:32 Last Seen2023-03-13 16:09:57 Times Seen1 Hash a94d9eaa616f1b731be46e7da4038188 4e10c3a0cab16117cad224e3307f888cdd41d6a0 6193fdf366492d80d1db1104bd4634a562b324fac5b4eca017fe918afce54ce4 Loading...

	js-agent.newrelic.com/nr-spa-1216.min.js	50 kB	2023-03-07	2024-03-22
Pretty URL js-agent.newrelic.com/nr-spa-1216.min.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:43 Times Seen568 Hash 63e2df852d15ab21d7ff8fc4363222e8 7ee401ba652db0a4ec960350e17216cda01e22fb 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe Loading...

	bam-cell.nr-data.net/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=593&ck=1&ref=https://app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b&be=301&fe=447&dc=410&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669961610445,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:8,%22rp%22:178,%22rpe%22:192,%22dl%22:182,%22di%22:409,%22ds%22:410,%22de%22:410,%22dc%22:446,%22l%22:446,%22le%22:448%7D,%22navigation%22:%7B%7D%7D&fcp=581&ja=%7B%22nrSnippetVersion%22:%221198%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22userAgentRaw%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0%22,%22supportsPromiseRejectionEvent%22:true,%22cpuCores%22:16,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:5921771,%22package%22:%22conversations-visitor-ui%22,%22packageVersion%22:%221.13883%22,%22template%22:%22visitor-index.html.tsx%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22isEmbeddedInProduct%22:%22false%22,%22reactRhumbVersion%22:%221.8417%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0,%22supportsUserTiming%22:true,%22supportsPerformanceTimeline%22:true,%22supportsHighResolutionTime%22:true%7D&jsonp=NREUM.setToken	49 B	2023-03-07	2024-03-22
Pretty URL bam-cell.nr-data.net/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=593&ck=1&ref=https://app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b&be=301&fe=447&dc=410&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669961610445,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:8,%22rp%22:178,%22rpe%22:192,%22dl%22:182,%22di%22:409,%22ds%22:410,%22de%22:410,%22dc%22:446,%22l%22:446,%22le%22:448%7D,%22navigation%22:%7B%7D%7D&fcp=581&ja=%7B%22nrSnippetVersion%22:%221198%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22userAgentRaw%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0%22,%22supportsPromiseRejectionEvent%22:true,%22cpuCores%22:16,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:5921771,%22package%22:%22conversations-visitor-ui%22,%22packageVersion%22:%221.13883%22,%22template%22:%22visitor-index.html.tsx%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22isEmbeddedInProduct%22:%22false%22,%22reactRhumbVersion%22:%221.8417%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0,%22supportsUserTiming%22:true,%22supportsPerformanceTimeline%22:true,%22supportsHighResolutionTime%22:true%7D&jsonp=NREUM.setToken IP 162.247.241.2 ASN #23467 NEWRELIC-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:42 Times Seen2776 Hash ada33e5b8877e743ff658bf4bfa1867c 5a78662243dac43c0ee48bcb7e05a536b84c2e38 dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Loading...

	aureumcs.ca/menu/inc/en-us	168 B	2023-03-08	2023-03-08
Pretty URL aureumcs.ca/menu/inc/en-us IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:45 Last Seen2023-03-08 14:31:45 Times Seen1 Hash 548fe228e1fa1b96beaeba623a28e26e 567e65106cccc25119ed9be1eb73f8db2e8aefa0 1eeaee909a02601a901a5c3961d52fd2ce5bca78f59bc721f1015e9cd60af01d Loading...

	aureumcs.ca/wp-includes/js/wp-embed.min.js?ver=5.1.15	1.4 kB	2023-03-07	2024-04-23
Pretty URL aureumcs.ca/wp-includes/js/wp-embed.min.js?ver=5.1.15 IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-23 05:14:55 Times Seen2986 Hash 570ae0f3c201604926ea599d3d1f6c04 2c29243a73660964d4712b969d2a15e27777bc14 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b Loading...

	app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b?uuid=406a2d32e7914cb99a57d1283bf2b4e4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=aureumcs.ca&inApp53=false&messagesUtk=d157961626d44d478778b1d231ac304b&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false	156 B	2023-03-07	2024-04-22
Pretty URL app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b?uuid=406a2d32e7914cb99a57d1283bf2b4e4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=aureumcs.ca&inApp53=false&messagesUtk=d157961626d44d478778b1d231ac304b&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:36 Last Seen2024-04-22 18:11:47 Times Seen485 Hash 98e66de399fa396284537c21704453f3 d2444cf49859dcd57cfa6c1c31cbb5804a7db751 b08c11d21f8d4e8083fc55647572c119ec33892109e20be981f4aede871d0208 Loading...

	app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b?uuid=406a2d32e7914cb99a57d1283bf2b4e4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=aureumcs.ca&inApp53=false&messagesUtk=d157961626d44d478778b1d231ac304b&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false	1.3 kB	2023-03-08	2023-03-14
Pretty URL app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b?uuid=406a2d32e7914cb99a57d1283bf2b4e4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=aureumcs.ca&inApp53=false&messagesUtk=d157961626d44d478778b1d231ac304b&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:45 Last Seen2023-03-14 09:11:59 Times Seen1 Hash 4aa57c44ca6f2894a1c8a98409c7f19a 9bdad450621e0c86f7fc2335ff8698d29974394e f789e4144080d8adbb7f35fd97f2cd05c720bc0fabfa316aa45566a700617e3f Loading...

	app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b?uuid=406a2d32e7914cb99a57d1283bf2b4e4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=aureumcs.ca&inApp53=false&messagesUtk=d157961626d44d478778b1d231ac304b&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false	38 kB	2023-03-08	2023-03-11
Pretty URL app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b?uuid=406a2d32e7914cb99a57d1283bf2b4e4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=aureumcs.ca&inApp53=false&messagesUtk=d157961626d44d478778b1d231ac304b&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:45 Last Seen2023-03-11 23:50:13 Times Seen1 Hash c0ace25f654bc3cafe60c9f91c56fa1b fe0f7542f9792cc0e0eb52099adf2f1e683f65b4 c83164afbf8ccabf12a7aee6e7eee642240b356798dfe55d2192ce41adf2e89a Loading...

	static.hsappstatic.net/conversations-visitor-ui/static-1.13861/i18n-data-data-locales-en-us.js	776 B	2023-03-08	2023-03-11
Pretty URL static.hsappstatic.net/conversations-visitor-ui/static-1.13861/i18n-data-data-locales-en-us.js IP 104.17.9.210 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:45 Last Seen2023-03-11 23:50:12 Times Seen1 Hash a1dec623914000bd4a908273f8980145 fc4fc644d7624d5f02baecb31804e8929f27c7bb df30306fd8e5a48dc3bfa01f0c30ddfb60c781b455187c199681994ce366b85d Loading...

	snap.licdn.com/li.lms-analytics/insight.min.js	13 kB	2023-03-08	2023-03-12
Pretty URL snap.licdn.com/li.lms-analytics/insight.min.js IP 95.101.11.57 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:40 Last Seen2023-03-12 12:54:15 Times Seen1 Hash 795b6295a518e0a829d7b29695163231 9cada4433e63280a008cbb0a2a0bdb5af5e57206 641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c Loading...

	aureumcs.ca/wp-includes/js/imagesloaded.min.js?ver=3.2.0	8.1 kB	2023-03-07	2024-04-18
Pretty URL aureumcs.ca/wp-includes/js/imagesloaded.min.js?ver=3.2.0 IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:58 Last Seen2024-04-18 13:51:05 Times Seen1104 Hash 7e97ab52c3df75e9053002bb59f2cdd5 502edaa98677c743246149deb3a76f5ff65272dd 11e15f1d64a63cb498d0d42720a688ed15bf78393d8c460d695a110244c066e3 Loading...

	aureumcs.ca/wp-content/plugins/download-manager/assets/js/chosen.jquery.min.js?ver=5.1.15	52 kB	2023-03-07	2024-03-14
Pretty URL aureumcs.ca/wp-content/plugins/download-manager/assets/js/chosen.jquery.min.js?ver=5.1.15 IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:50 Last Seen2024-03-14 16:32:35 Times Seen225 Hash 4f0361640d5597fb84f0b07deabe3d56 d7b5fa9101e2edff3fa588ba35cfd4e3e47c8382 7373ca9ed2c272959213699ab6c34d53f342a2d01d996ebc543743312911a6dc Loading...

	aureumcs.ca/menu/inc/en-us	313 B	2023-03-08	2023-03-08
Pretty URL aureumcs.ca/menu/inc/en-us IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:45 Last Seen2023-03-08 14:31:45 Times Seen1 Hash 699fc4d4303387325dfebd2023174b2c 0ab3387d160da7e5bed55d38a616fda02e5c405d 5734d9e1be923ad75113700f92fc5b3d6b2f437028acdaa2c1d6ce03e4164872 Loading...

	aureumcs.ca/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1	14 kB	2023-03-07	2024-04-18
Pretty URL aureumcs.ca/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1 IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-18 05:49:36 Times Seen6653 Hash 1534f06aa2b1b721a45372f8238e2461 86f7e7b926e1a88209d171b56dadbccc2c96f578 b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900 Loading...

	aureumcs.ca/menu/inc/en-us	123 B	2023-03-08	2023-03-08
Pretty URL aureumcs.ca/menu/inc/en-us IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:45 Last Seen2023-03-08 14:31:45 Times Seen1 Hash b8476cca3af1c81347616b8e1d03ff5c 6e3cf1df386a4faa870429e36a4ab9c67f8ef04f a28f616800c9b8a45e6fbb08bc9b3f69448228600555416b2421cdc931aa03a0 Loading...

	app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b?uuid=406a2d32e7914cb99a57d1283bf2b4e4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=aureumcs.ca&inApp53=false&messagesUtk=d157961626d44d478778b1d231ac304b&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false	729 B	2023-03-07	2024-02-26
Pretty URL app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b?uuid=406a2d32e7914cb99a57d1283bf2b4e4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=aureumcs.ca&inApp53=false&messagesUtk=d157961626d44d478778b1d231ac304b&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-02-26 01:06:13 Times Seen500 Hash 55e493432c5c0753a588eb606ae42ea4 fbb99ec417f738ce7a5fed36df2cc9543dd16e5c ce4c87fb06572713214289198ab50a4d56cd990ee93535a356f0c22951fcfdf6 Loading...

	js.hs-analytics.net/analytics/1669961400000/5921771.js	65 kB	2023-03-08	2023-03-08
Pretty URL js.hs-analytics.net/analytics/1669961400000/5921771.js IP 104.17.70.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:45 Last Seen2023-03-08 14:31:45 Times Seen1 Hash 6e24e4be7b6b242ecfb3075fc1b70069 71bf4a47b8f5b954a468e509b373ca9bfdfcb57d 5fd0682fc3d271bbab6d66357bb8145a4741a61620e64bcb727509cdfa2fce19 Loading...

	aureumcs.ca/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=5.1.15	36 kB	2023-03-07	2024-03-14
Pretty URL aureumcs.ca/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=5.1.15 IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:29 Last Seen2024-03-14 16:32:35 Times Seen117 Hash 4422b5e224030e6b1ba4a00b83ec492c 90ee6c4e2fbaa8b1bf7c692c7a5f805221209904 4b9329f540f2a0a583e6b0dff71f0f68d819ca3920c752fdb4e6bb1f88659cab Loading...

	aureumcs.ca/menu/inc/en-us	151 B	2023-03-08	2023-03-08
Pretty URL aureumcs.ca/menu/inc/en-us IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:45 Last Seen2023-03-08 14:31:45 Times Seen1 Hash 706729faa4b792e0f70fd5541ac142a4 adff762b98051f5080733f45ad79ad5c672419b2 dd728040d8d133a0f363430fa07527e4eec860f1b5e10d9bb18b3379b6d8bb2a Loading...

	static.hsappstatic.net/head-dlb/static-1.245/bundle.production.js	45 kB	2023-03-08	2023-03-14
Pretty URL static.hsappstatic.net/head-dlb/static-1.245/bundle.production.js IP 104.17.9.210 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:45 Last Seen2023-03-14 09:11:59 Times Seen1 Hash d0d928e20b2bebe8d43d510597af50e3 e3d4df8ce6cf336fad2dcebe725a58708c686638 5876c2096fc247c54eb08226f1e290b4127c7843c41003ec42041bc9cb3ec022 Loading...

	js.hs-banner.com/5921771.js	61 kB	2023-03-08	2023-03-08
Pretty URL js.hs-banner.com/5921771.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:45 Last Seen2023-03-08 14:31:45 Times Seen1 Hash c1aaf926d4c85f7e65830a6f257e3691 909f582ff5e1eefd5b440e19afe13b31f4c4a6cc 8cb3aa731b0bed65a3b6bb1a890bad7c0933d563be11f3bf71cb54a82ec8b7ad Loading...

	app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b?uuid=406a2d32e7914cb99a57d1283bf2b4e4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=aureumcs.ca&inApp53=false&messagesUtk=d157961626d44d478778b1d231ac304b&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false	277 B	2023-03-07	2024-04-22
Pretty URL app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b?uuid=406a2d32e7914cb99a57d1283bf2b4e4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=aureumcs.ca&inApp53=false&messagesUtk=d157961626d44d478778b1d231ac304b&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-22 18:11:47 Times Seen201 Hash 2f455b41d7de33ba854951be26607ca6 523ba09c0ca8dc195e19fc53c778542391d1829d a0ce90daa1fdcf0623bcd97717c9357c9487c43300eeab59035aaa1a8cbef4fd Loading...

	aureumcs.ca/menu/inc/en-us	2.3 kB	2023-03-08	2023-03-08
Pretty URL aureumcs.ca/menu/inc/en-us IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:45 Last Seen2023-03-08 14:31:45 Times Seen1 Hash a5de017318316df339af6bad7724d73a 6bd54113bdfbad30d34597c3a3554a108c107d19 fc6443bda2f1b39f8bcde758799d9e71c11d2f7e04f86ef8c92e6e4b81b5fdb6 Loading...

	aureumcs.ca/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.0	9.3 kB	2023-03-07	2024-04-18
Pretty URL aureumcs.ca/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.0 IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:28 Last Seen2024-04-18 16:58:36 Times Seen499 Hash e8e1926e604c239d9631d52d530b0df8 a9f05939eb5f0c00bb982d8dcfd91201f2547663 63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4 Loading...

	aureumcs.ca/menu/inc/en-us	163 B	2023-03-08	2023-03-08
Pretty URL aureumcs.ca/menu/inc/en-us IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:45 Last Seen2023-03-08 14:31:45 Times Seen1 Hash 2eff3219bcc5e5c210dc128756d34a7e c4a294b2cf45a46b8a80bbe76d98d90c8cf7e94d 9f9d72f5281a5e32a468dc37e946ebf339aef0195f9ccf6d5672eea2fab73bcf Loading...

	aureumcs.ca/wp-content/plugins/cf7-cost-calculator-price-calculation/frontend/js/cf7_calculator.js?ver=5.1.15	4.5 kB	2023-03-08	2023-12-31
Pretty URL aureumcs.ca/wp-content/plugins/cf7-cost-calculator-price-calculation/frontend/js/cf7_calculator.js?ver=5.1.15 IP 67.43.226.109 ASN #36666 GTCOMM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:34:15 Last Seen2023-12-31 09:29:45 Times Seen17 Hash 2713018f19de937971df23a639aa5dc4 e9b55b60f276bcb5def73b0c65a9515beacad04d 37c484f27a855e50d3d194dc1229f3998cb79ed51d2dfc20f5d1dd5bd3c2d421 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-20
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-20 17:36:09 Times Seen1522 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

HTTP Transactions (101)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7961
Expires: Fri, 02 Dec 2022 08:26:10 GMT
Date: Fri, 02 Dec 2022 06:13:29 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1286
Cache-Control: max-age=103149
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:29 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 10:52:38 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5948
Expires: Fri, 02 Dec 2022 07:52:37 GMT
Date: Fri, 02 Dec 2022 06:13:29 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 05:18:11 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3318
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 2ueBz1+LerjhxvggbYrke4VYQdgJ5CH8dzI7pUp6fSbR5O9DGuAsySLYpajDwG3qoKPy9yXNDHY=
x-amz-request-id: K2Q1KA16ZMNEZW0K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 05:46:35 GMT
age: 1614
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:13:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

aureumcs.ca/menu/inc/en-us

67.43.226.109

301 Moved Permanently

0 B

URL HTTP/1.1
aureumcs.ca/menu/inc/en-us
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Office365
fortinet	Phishing

HTTP Headers

GET /menu/inc/en-us HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 06:13:29 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://aureumcs.ca/menu/inc/en-us
X-Endurance-Cache-Level: 2
Content-Length: 0
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 06:11:15 GMT
cache-control: public,max-age=3600
age: 134
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1287
Cache-Control: max-age=98086
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:30 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:28:16 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.148.190.4

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.190.4:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SEZ8F70GqJYt93XdYBB4tA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TVHK2QDFd2R9+YmqxCwOfgzgDTY=

aureumcs.ca/menu/inc/en-us

67.43.226.109

404 Not Found

59 kB

URL HTTP/1.1
aureumcs.ca/menu/inc/en-us
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28921), with CRLF, LF line terminators
Size
59 kB (58916 bytes)
Hash
53fbd0ebef3a288edcc434faa7fc0f4e
3c78e0035ad9676fab707c8822156137768dbaf8
6d4226b9285dcd4aecf7d6d13ad223696825bab7a3e4bbad0e98db72f7475d78

Detections

Analyzer	Verdict	Alert
openphish	Office365
fortinet	Phishing

HTTP Headers

GET /menu/inc/en-us HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 404 Not Found
Date: Fri, 02 Dec 2022 06:13:30 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://aureumcs.ca/wp-json/>; rel="https://api.w.org/"
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

aureumcs.ca/wp-content/themes/handel/css/bootstrap.css?ver=5.1.15

67.43.226.109

200 OK

22 kB

URL HTTP/1.1
aureumcs.ca/wp-content/themes/handel/css/bootstrap.css?ver=5.1.15
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text, with very long lines (540)
Size
22 kB (22351 bytes)
Hash
29d5b9d4240bbc8e53f3621e88c327ca
053a0a26d60d4e11aa517823e18deec661a020b6
7d26fc6c42778c8c3b7e2aebcd67331daabe0b21f35c477c926826edafa87ce7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/handel/css/bootstrap.css?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:30 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:35:50 GMT
Accept-Ranges: bytes
Content-Length: 22351
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:30 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=499
Connection: Keep-Alive
Content-Type: text/css

fonts.googleapis.com/css?family=Cantarell:400,700

142.250.74.106

200 OK

847 B

URL HTTP/2
fonts.googleapis.com/css?family=Cantarell:400,700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
847 B (847 bytes)
Hash
4e0d42fee49419bbd09cf20401de835f
e49bc2e652a477e36ddccfde1b2119b71ccf5d4d
de8c2df51eef5f13ca2c735c2c51f732025d1623878a2f90d2680262015538bd

HTTP Headers

GET /css?family=Cantarell:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 06:13:30 GMT
date: Fri, 02 Dec 2022 06:13:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

aureumcs.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1

67.43.226.109

200 OK

1.7 kB

URL HTTP/1.1
aureumcs.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text
Size
1.7 kB (1685 bytes)
Hash
5ad1cfa3f5175f627385651790ed0bbd
7a06ac744a748ce4c315c798614d6d0068596cc4
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:30 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:37:05 GMT
Accept-Ranges: bytes
Content-Length: 1685
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:30 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/css

aureumcs.ca/wp-includes/css/dist/block-library/style.min.css?ver=5.1.15

67.43.226.109

200 OK

25 kB

URL HTTP/1.1
aureumcs.ca/wp-includes/css/dist/block-library/style.min.css?ver=5.1.15
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text, with very long lines (25245), with no line terminators
Size
25 kB (25245 bytes)
Hash
d0b8525a9eff4173fd149a06f341e531
35013c4712d463aa5020f33d3234c4e90f700515
94f80c87390a84a3761860b1ce0764da77bb81d6f11cb3d059339148589aaf5c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:30 GMT
Server: Apache
Last-Modified: Sat, 23 Oct 2021 23:20:58 GMT
Accept-Ranges: bytes
Content-Length: 25245
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:30 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/css

aureumcs.ca/wp-content/themes/handel/style.css?ver=5.1.15

67.43.226.109

200 OK

144 kB

URL HTTP/1.1
aureumcs.ca/wp-content/themes/handel/style.css?ver=5.1.15
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text
Size
144 kB (143594 bytes)
Hash
d4703b730933bcddd2a2507f0bff4e0c
96cfd7bf548418e380bec4916b0f288edacc5ff1
ba83fdbf1159837a0cb4cc8b4c6705aa72108554a58748e059d01a78d0cd47b7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/handel/style.css?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:30 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:35:50 GMT
Accept-Ranges: bytes
Content-Length: 143594
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:30 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=498
Connection: Keep-Alive
Content-Type: text/css

aureumcs.ca/wp-content/themes/handel/css/swiper.min.css?ver=5.1.15

67.43.226.109

200 OK

18 kB

URL HTTP/1.1
aureumcs.ca/wp-content/themes/handel/css/swiper.min.css?ver=5.1.15
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text, with very long lines (17460)
Size
18 kB (17764 bytes)
Hash
6a2ba9efe9c7c37b7e8c5eaf0e4a5c22
22bf973b87b91171139ce0402184730e39d54877
0f1e91e1586503881cca1bc05182a1be22aa06677441c8585784fb9687e10bda

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/handel/css/swiper.min.css?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:35:50 GMT
Accept-Ranges: bytes
Content-Length: 17764
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=499
Connection: Keep-Alive
Content-Type: text/css

aureumcs.ca/wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=5.1.15

67.43.226.109

200 OK

46 kB

URL HTTP/1.1
aureumcs.ca/wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=5.1.15
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text, with very long lines (45507)
Size
46 kB (45687 bytes)
Hash
826c57385f3d35cfed5478ba7b1f5c03
20d2d431065fc6b38c1187eda564639527e2428e
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:30 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:36:51 GMT
Accept-Ranges: bytes
Content-Length: 45687
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:30 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/css

aureumcs.ca/wp-content/themes/handel/css/codeless-front-elements.css?ver=5.1.15

67.43.226.109

200 OK

82 kB

URL HTTP/1.1
aureumcs.ca/wp-content/themes/handel/css/codeless-front-elements.css?ver=5.1.15
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text
Size
82 kB (81631 bytes)
Hash
de96a26bb607e3eb129ae6d74baec38e
f11584fd7d13a1d59db3e7a5f8ae0c10e8c4615b
5c61aa90fce23890d8e230703d307b17d8277439b5062f2fd79119589808670f

HTTP Headers

GET /wp-content/themes/handel/css/codeless-front-elements.css?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:35:50 GMT
Accept-Ranges: bytes
Content-Length: 81631
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=499
Connection: Keep-Alive
Content-Type: text/css

aureumcs.ca/wp-content/themes/handel/css/codeless-dynamic.css?ver=5.1.15

67.43.226.109

200 OK

6 B

URL HTTP/1.1
aureumcs.ca/wp-content/themes/handel/css/codeless-dynamic.css?ver=5.1.15
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text, with no line terminators
Size
6 B (6 bytes)
Hash
aa676972bbd2b68e94ef8e91e81d20be
a4c0dac49e47ffe0dbcca7615f73b72ef6b71543
7c98040a541657584690ae2a1cc3b42a8b53b159cc60c5d3abbfecbaeac6c94a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/handel/css/codeless-dynamic.css?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:35:50 GMT
Accept-Ranges: bytes
Content-Length: 6
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=498
Connection: Keep-Alive
Content-Type: text/css

aureumcs.ca/wp-content/themes/handel/css/codeless-creative-search.css?ver=5.1.15

67.43.226.109

200 OK

4.5 kB

URL HTTP/1.1
aureumcs.ca/wp-content/themes/handel/css/codeless-creative-search.css?ver=5.1.15
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text, with CRLF line terminators
Size
4.5 kB (4464 bytes)
Hash
85f5e9ef4c035ea695fdeb4357351a30
bbc3fcdedb832060c70442d4d5fcde327b7cf52d
0cc81e1d024fef9511ebeb1a6e1633c92c0b6523dadc527df39b2fe85fca9dcf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/handel/css/codeless-creative-search.css?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:35:50 GMT
Accept-Ranges: bytes
Content-Length: 4464
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=497
Connection: Keep-Alive
Content-Type: text/css

aureumcs.ca/wp-includes/js/wp-emoji-release.min.js?ver=5.1.15

67.43.226.109

200 OK

12 kB

URL HTTP/1.1
aureumcs.ca/wp-includes/js/wp-emoji-release.min.js?ver=5.1.15
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text, with very long lines (9071)
Size
12 kB (11951 bytes)
Hash
33479c6b333bb34fd771bf50df1fefc3
4869e92709eee1d1a42a697a80879e303aea7572
d9160bf5ee2c9435a62c8b1d991b7f419417cab5d5a37eefcee79767a292b4b7

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 23 Oct 2021 23:20:58 GMT
Accept-Ranges: bytes
Content-Length: 11951
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=499
Connection: Keep-Alive
Content-Type: application/javascript

aureumcs.ca/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.css?ver=5.1.15

67.43.226.109

200 OK

153 kB

URL HTTP/1.1
aureumcs.ca/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.css?ver=5.1.15
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text
Size
153 kB (153002 bytes)
Hash
e11463786c8ea49f581e7038bae629d7
c7f936a7ca6ec21c0e5c20a97b8c68ba53b931d6
3b3f795b38f3b068024a17fc98ddcc74fabc638f703aedce293533788bf6f29d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.css?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:30 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:36:51 GMT
Accept-Ranges: bytes
Content-Length: 153002
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:30 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/css

aureumcs.ca/wp-content/plugins/download-manager/assets/css/front.css?ver=5.1.15

67.43.226.109

200 OK

132 kB

URL HTTP/1.1
aureumcs.ca/wp-content/plugins/download-manager/assets/css/front.css?ver=5.1.15
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text, with very long lines (482)
Size
132 kB (131800 bytes)
Hash
1821771b63fedd698f16a0821c7a64ae
0d8c8ab8c11cda5b529663e753727eb215b30956
1f6fce3336ed9b371f00e27a5fc65b848561abb53938a29d8d2456352e5360a5

HTTP Headers

GET /wp-content/plugins/download-manager/assets/css/front.css?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:30 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:36:51 GMT
Accept-Ranges: bytes
Content-Length: 131800
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:30 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/css

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2743
Expires: Fri, 02 Dec 2022 06:59:14 GMT
Date: Fri, 02 Dec 2022 06:13:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2743
Expires: Fri, 02 Dec 2022 06:59:14 GMT
Date: Fri, 02 Dec 2022 06:13:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2743
Expires: Fri, 02 Dec 2022 06:59:14 GMT
Date: Fri, 02 Dec 2022 06:13:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2743
Expires: Fri, 02 Dec 2022 06:59:14 GMT
Date: Fri, 02 Dec 2022 06:13:31 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7732 bytes)
Hash
379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V4Z3TZtTDMjnyxZx7VdJrKtZ-PbZkWnsQ0-1eFDem4TVyRGvk0dc7A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 30335
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8863 bytes)
Hash
156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cgj3fw3lpngosMNOK7cZUZO94T__4RTy_p7wa6rI62OOvhI5E9wMSw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:19:21 GMT
age: 82450
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6174 bytes)
Hash
b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:15:42 GMT
age: 82669
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11402 bytes)
Hash
1c80b8025242ddfcc816ec612456b99e
aa944d10fe4a44b790b01ef62edc0f85a6d558e3
a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
content-type: image/jpeg
age: 30118
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

aureumcs.ca/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.0

67.43.226.109

200 OK

9.3 kB

URL HTTP/1.1
aureumcs.ca/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.0
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text, with very long lines (1022)
Size
9.3 kB (9298 bytes)
Hash
e8e1926e604c239d9631d52d530b0df8
a9f05939eb5f0c00bb982d8dcfd91201f2547663
63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.0 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Fri, 08 Nov 2019 01:44:01 GMT
Accept-Ranges: bytes
Content-Length: 9298
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=497
Connection: Keep-Alive
Content-Type: application/javascript

aureumcs.ca/wp-content/plugins/tablepress/css/default.min.css?ver=1.9.2

67.43.226.109

200 OK

5.9 kB

URL HTTP/1.1
aureumcs.ca/wp-content/plugins/tablepress/css/default.min.css?ver=1.9.2
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text, with very long lines (5871), with no line terminators
Size
5.9 kB (5871 bytes)
Hash
17a42baaae8926c5f8df316b9a3db617
4cd76dc34f8e2f31952b99db1b3b29f404d2996c
760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/tablepress/css/default.min.css?ver=1.9.2 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:36:45 GMT
Accept-Ranges: bytes
Content-Length: 5871
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=498
Connection: Keep-Alive
Content-Type: text/css

34.120.237.76

200 OK

2.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.9 kB (2942 bytes)
Hash
b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 31124
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4834 bytes)
Hash
cd8ad22c2eb1eb91c76970fa449f1bc4
0de97f3a4964038222bd751e043e413113e6db9d
668f805815aede3bc04f8564bd6aefd56029362bb0aa8a794673eb78ab2d4643

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4834
x-amzn-requestid: 63a0b8b5-5cb3-4a1f-aa46-47c84abe726f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQrjEeAIAMF3sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7e3-0032799009f893ba79f314db;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bBj-TXtavCuORZ9qBoZeVj-GXeRljAeW-98HY7lTk5_VRSKF4_07VQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 04:22:38 GMT
age: 6653
etag: "0de97f3a4964038222bd751e043e413113e6db9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

aureumcs.ca/wp-includes/js/jquery/jquery.js?ver=1.12.4

67.43.226.109

200 OK

97 kB

URL HTTP/1.1
aureumcs.ca/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text, with very long lines (31997)
Size
97 kB (96873 bytes)
Hash
49edccea2e7ba985cadc9ba0531cbed1
f8747f8ee704d9af31d0950015e01d3f9635b070
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Thu, 05 Sep 2019 01:45:59 GMT
Accept-Ranges: bytes
Content-Length: 96873
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=496
Connection: Keep-Alive
Content-Type: application/javascript

aureumcs.ca/wp-content/plugins/download-manager/assets/js/front.js?ver=5.1.15

67.43.226.109

200 OK

21 kB

URL HTTP/1.1
aureumcs.ca/wp-content/plugins/download-manager/assets/js/front.js?ver=5.1.15
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text, with very long lines (4123)
Size
21 kB (21137 bytes)
Hash
ce5203aec0477660cbe50cf1453d89f4
f3b6a52519b06dd68961ea42546d556a6ac1ea80
022da7a1344c50af056e93f9ee1fd3bf99fabe6bdef2cc77620970e27ecc524d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/download-manager/assets/js/front.js?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:36:51 GMT
Accept-Ranges: bytes
Content-Length: 21137
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=499
Connection: Keep-Alive
Content-Type: application/javascript

aureumcs.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

67.43.226.109

200 OK

10 kB

URL HTTP/1.1
aureumcs.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text, with very long lines (9959)
Size
10 kB (10056 bytes)
Hash
7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Wed, 30 Jan 2019 15:57:24 GMT
Accept-Ranges: bytes
Content-Length: 10056
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=498
Connection: Keep-Alive
Content-Type: application/javascript

aureumcs.ca/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=5.1.15

67.43.226.109

200 OK

36 kB

URL HTTP/1.1
aureumcs.ca/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=5.1.15
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text, with very long lines (32025)
Size
36 kB (35955 bytes)
Hash
4422b5e224030e6b1ba4a00b83ec492c
90ee6c4e2fbaa8b1bf7c692c7a5f805221209904
4b9329f540f2a0a583e6b0dff71f0f68d819ca3920c752fdb4e6bb1f88659cab

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:36:51 GMT
Accept-Ranges: bytes
Content-Length: 35955
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=499
Connection: Keep-Alive
Content-Type: application/javascript

aureumcs.ca/wp-includes/js/imagesloaded.min.js?ver=3.2.0

67.43.226.109

200 OK

8.1 kB

URL HTTP/1.1
aureumcs.ca/wp-includes/js/imagesloaded.min.js?ver=3.2.0
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text, with very long lines (7996)
Size
8.1 kB (8113 bytes)
Hash
7e97ab52c3df75e9053002bb59f2cdd5
502edaa98677c743246149deb3a76f5ff65272dd
11e15f1d64a63cb498d0d42720a688ed15bf78393d8c460d695a110244c066e3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/imagesloaded.min.js?ver=3.2.0 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 16 Mar 2019 20:12:36 GMT
Accept-Ranges: bytes
Content-Length: 8113
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=497
Connection: Keep-Alive
Content-Type: application/javascript

aureumcs.ca/wp-content/themes/handel/js/codeless-main.js?ver=5.1.15

67.43.226.109

200 OK

114 kB

URL HTTP/1.1
aureumcs.ca/wp-content/themes/handel/js/codeless-main.js?ver=5.1.15
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text, with very long lines (2022)
Size
114 kB (114370 bytes)
Hash
4bbc2a00ea808016ec23fc4a64a61e7e
a279debc64fafa71ef78f466a7522876cf6ff08b
d5ffba28fe353e13f953e51c8e4ec6b7b54674df4d9a0f93004cbbbb7456fe88

HTTP Headers

GET /wp-content/themes/handel/js/codeless-main.js?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:35:50 GMT
Accept-Ranges: bytes
Content-Length: 114370
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=495
Connection: Keep-Alive
Content-Type: application/javascript

aureumcs.ca/wp-content/themes/handel/js/bowser.min.js?ver=5.1.15

67.43.226.109

200 OK

6.8 kB

URL HTTP/1.1
aureumcs.ca/wp-content/themes/handel/js/bowser.min.js?ver=5.1.15
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text, with very long lines (6679), with CRLF line terminators
Size
6.8 kB (6794 bytes)
Hash
47473f693375db5dfbc3a4f1315af97e
7b377000b7d6fa43ce2801c9b427aa0a9a4b960c
b4f4e3e207f5ff66b5afbdb9d7f2b10e6df5780445d3d718636b6149f0460e57

HTTP Headers

GET /wp-content/themes/handel/js/bowser.min.js?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:35:50 GMT
Accept-Ranges: bytes
Content-Length: 6794
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=498
Connection: Keep-Alive
Content-Type: application/javascript

aureumcs.ca/wp-content/plugins/codeless-builder/assets/js/cl-front-end.js?ver=5.1.15

67.43.226.109

200 OK

8.5 kB

URL HTTP/1.1
aureumcs.ca/wp-content/plugins/codeless-builder/assets/js/cl-front-end.js?ver=5.1.15
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text
Size
8.5 kB (8479 bytes)
Hash
923ea3daf2ef846b3b0df66f3812ef41
0b823474d4a6a5d0cebb05e91048fab46602c0e7
d1f43193e302f0ecb93d77f1dfa55d1ee1244ea0571a13d87acb5d13707802df

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/codeless-builder/assets/js/cl-front-end.js?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:36:12 GMT
Accept-Ranges: bytes
Content-Length: 8479
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=497
Connection: Keep-Alive
Content-Type: application/javascript

aureumcs.ca/wp-content/plugins/cf7-cost-calculator-price-calculation/frontend/js/cf7_calculator.js?ver=5.1.15

67.43.226.109

200 OK

4.5 kB

URL HTTP/1.1
aureumcs.ca/wp-content/plugins/cf7-cost-calculator-price-calculation/frontend/js/cf7_calculator.js?ver=5.1.15
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text, with CRLF line terminators
Size
4.5 kB (4528 bytes)
Hash
2713018f19de937971df23a639aa5dc4
e9b55b60f276bcb5def73b0c65a9515beacad04d
37c484f27a855e50d3d194dc1229f3998cb79ed51d2dfc20f5d1dd5bd3c2d421

HTTP Headers

GET /wp-content/plugins/cf7-cost-calculator-price-calculation/frontend/js/cf7_calculator.js?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:36:12 GMT
Accept-Ranges: bytes
Content-Length: 4528
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=498
Connection: Keep-Alive
Content-Type: application/javascript

aureumcs.ca/wp-content/plugins/download-manager/assets/js/chosen.jquery.min.js?ver=5.1.15

67.43.226.109

200 OK

52 kB

URL HTTP/1.1
aureumcs.ca/wp-content/plugins/download-manager/assets/js/chosen.jquery.min.js?ver=5.1.15
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text
Size
52 kB (52163 bytes)
Hash
4f0361640d5597fb84f0b07deabe3d56
d7b5fa9101e2edff3fa588ba35cfd4e3e47c8382
7373ca9ed2c272959213699ab6c34d53f342a2d01d996ebc543743312911a6dc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/download-manager/assets/js/chosen.jquery.min.js?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:36:51 GMT
Accept-Ranges: bytes
Content-Length: 52163
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=496
Connection: Keep-Alive
Content-Type: application/javascript

aureumcs.ca/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1

67.43.226.109

200 OK

14 kB

URL HTTP/1.1
aureumcs.ca/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text
Size
14 kB (14440 bytes)
Hash
1534f06aa2b1b721a45372f8238e2461
86f7e7b926e1a88209d171b56dadbccc2c96f578
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:37:05 GMT
Accept-Ranges: bytes
Content-Length: 14440
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=496
Connection: Keep-Alive
Content-Type: application/javascript

aureumcs.ca/wp-includes/js/jquery/jquery.form.min.js?ver=4.2.1

67.43.226.109

200 OK

16 kB

URL HTTP/1.1
aureumcs.ca/wp-includes/js/jquery/jquery.form.min.js?ver=4.2.1
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text, with very long lines (16015), with no line terminators
Size
16 kB (16015 bytes)
Hash
dc8902056c06aec88cebcc2ab9ee44f3
023a840ffef1fa94acfdac6ef39fef89937a0420
984cf02a8dfc0e5f7d51a73b1b768a82b005bf389183b6d038022fc2ddd1f06c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.form.min.js?ver=4.2.1 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 23 Oct 2021 23:20:58 GMT
Accept-Ranges: bytes
Content-Length: 16015
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=494
Connection: Keep-Alive
Content-Type: application/javascript

aureumcs.ca/wp-includes/js/wp-embed.min.js?ver=5.1.15

67.43.226.109

200 OK

1.4 kB

URL HTTP/1.1
aureumcs.ca/wp-includes/js/wp-embed.min.js?ver=5.1.15
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text, with very long lines (1391), with no line terminators
Size
1.4 kB (1391 bytes)
Hash
570ae0f3c201604926ea599d3d1f6c04
2c29243a73660964d4712b969d2a15e27777bc14
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-embed.min.js?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 23 Oct 2021 23:20:58 GMT
Accept-Ranges: bytes
Content-Length: 1391
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=497
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
6b654793d10152396cde60ce7cb6ebc3
f41045eb5e2a0fb00b28591f01939c2358a4e026
5e66f5788d425befd4a47b30891528a24754152283292773cab716e2811e5a9a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5619
Cache-Control: max-age=141661
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:31 GMT
Etag: "638907f5-118"
Expires: Sat, 03 Dec 2022 21:34:32 GMT
Last-Modified: Thu, 01 Dec 2022 20:00:53 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
7f2841772407c307432e3f5ddef9a7ef
d00f0cce62159348908c0c9ed0c8f3a87dc45243
a13053c32f86baab51932d019ef13956aabcb68a092f5d62ab30dcd1fb1eebd8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5413
Cache-Control: max-age=165965
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:31 GMT
Etag: "638967b3-118"
Expires: Sun, 04 Dec 2022 04:19:36 GMT
Last-Modified: Fri, 02 Dec 2022 02:49:23 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
6d15b7a8e1fe3c0bb4c2a72ecce789fe
70e388800fb7c45b39aa4d35fdb2b2b471e869e9
cf1f71974f520a7eb182437dbcc55af4261b0e34464fe23a4aa00bf14a92a640

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3596
Cache-Control: max-age=91428
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:31 GMT
Etag: "63884ba3-118"
Expires: Sat, 03 Dec 2022 07:37:19 GMT
Last-Modified: Thu, 01 Dec 2022 06:37:23 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280

aureumcs.ca/wp-content/uploads/2019/04/AureumLogo_transparent.png

67.43.226.109

200 OK

4.6 kB

URL HTTP/1.1
aureumcs.ca/wp-content/uploads/2019/04/AureumLogo_transparent.png
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
PNG image data, 289 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
4.6 kB (4647 bytes)
Hash
b40e4e5a9ff69bca88b66b59d37c87d9
4a847f1b97462a8f759ab063051faa8c056608c0
372d5198d72a5153ed6cc7d082f9d54fa8463e508e4baa478419a7dcc58390fc

HTTP Headers

GET /wp-content/uploads/2019/04/AureumLogo_transparent.png HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 03:17:05 GMT
Accept-Ranges: bytes
Content-Length: 4647
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=497
Connection: Keep-Alive
Content-Type: image/png

aureumcs.ca/wp-content/uploads/2019/04/AureumLogo_white_transparent_highres-1024x354.png

67.43.226.109

200 OK

34 kB

URL HTTP/1.1
aureumcs.ca/wp-content/uploads/2019/04/AureumLogo_white_transparent_highres-1024x354.png
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
PNG image data, 1024 x 354, 8-bit/color RGBA, non-interlaced\012- data
Size
34 kB (34100 bytes)
Hash
de3c8f4aa10dbd662060966b667333ac
fb3527897802a9fd6f0ef546434dbf9b577cb4f3
8ffc21f6c8fecf674d027b5825acfd91ef018f82317136fdc0f18bfaeea5ed19

HTTP Headers

GET /wp-content/uploads/2019/04/AureumLogo_white_transparent_highres-1024x354.png HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 03:17:27 GMT
Accept-Ranges: bytes
Content-Length: 34100
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=496
Connection: Keep-Alive
Content-Type: image/png

aureumcs.ca/wp-content/uploads/2022/11/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4k-3.woff

67.43.226.109

200 OK

71 kB

URL HTTP/1.1
aureumcs.ca/wp-content/uploads/2022/11/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4k-3.woff
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
Web Open Font Format, TrueType, length 70856, version 1.1\012- data
Size
71 kB (70856 bytes)
Hash
3fd233b6831dfcb1d57b957d521e7cb6
c2ee85b43984d41ce7d8ef14f23a78123065989e
17d899f5cfdbf624b2a124d0b2b8404e331424ece648c5c5c0e7b3d03ccc6a40

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2022/11/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4k-3.woff HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sun, 27 Nov 2022 22:39:45 GMT
Accept-Ranges: bytes
Content-Length: 70856
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=495
Connection: Keep-Alive
Content-Type: font/woff

aureumcs.ca/wp-content/uploads/2022/11/CSR94z5ZnPydRjlCCwlKa8cp-3.woff

67.43.226.109

200 OK

21 kB

URL HTTP/1.1
aureumcs.ca/wp-content/uploads/2022/11/CSR94z5ZnPydRjlCCwlKa8cp-3.woff
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
Web Open Font Format, TrueType, length 20672, version 1.1\012- data
Size
21 kB (20672 bytes)
Hash
462cf77b99b330b7a1b9a669e89be731
d91bbf440121d7b96887d608e92c1ec4c89564a6
0884fa46ed94d6f238e3cdb8feb360f978d92b86387387472964e0c642a136dd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2022/11/CSR94z5ZnPydRjlCCwlKa8cp-3.woff HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sun, 27 Nov 2022 22:39:46 GMT
Accept-Ranges: bytes
Content-Length: 20672
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=495
Connection: Keep-Alive
Content-Type: font/woff

aureumcs.ca/wp-content/uploads/2022/11/CSR44z5ZnPydRjlCCwlC0OI6T_N9-3.woff

67.43.226.109

200 OK

21 kB

URL HTTP/1.1
aureumcs.ca/wp-content/uploads/2022/11/CSR44z5ZnPydRjlCCwlC0OI6T_N9-3.woff
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
Web Open Font Format, TrueType, length 20732, version 1.1\012- data
Size
21 kB (20732 bytes)
Hash
c0b21742e1b0efa93266ced710639aa5
8354a178d57b0fc7f21710149010d1ae30c48805
22ba371570aa30fa5d3ef55d70094bf91d6da10499a2253030ad0e604b4fdf21

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2022/11/CSR44z5ZnPydRjlCCwlC0OI6T_N9-3.woff HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sun, 27 Nov 2022 22:39:46 GMT
Accept-Ranges: bytes
Content-Length: 20732
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=493
Connection: Keep-Alive
Content-Type: font/woff

js.usemessages.com/conversations-embed.js

104.17.236.204

200 OK

21 kB

URL HTTP/2
js.usemessages.com/conversations-embed.js
IP
104.17.236.204:0
ASN
#13335 CLOUDFLARENET

File type
C source, ASCII text, with very long lines (65536), with no line terminators
Size
21 kB (20933 bytes)
Hash
95bbd59d856e51b2cb55b24afb1c6380
16710986060c89ded3d131ea54239929624bed3d
5781a3dd5716086303b73bf835ea2341a95c136fd6f6feaa5d7af39ab9e9517a

HTTP Headers

GET /conversations-embed.js HTTP/1.1
Host: js.usemessages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:31 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Mon, 28 Nov 2022 03:14:29 UTC
etag: W/"3627b1239c7c8f4b3768aac997a7abb5"
x-amz-server-side-encryption: AES256
x-amz-version-id: UwE6V3Lvp8vTfgqAGz4rAs3SLzfhB.nt
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fb1dc2e3bf4105b403e3bfa3a5067970.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: Ccy3dXIFr-km4t75Sdt7g0Dw1BfL0gOnQK7NfpPxTeQd6qx85Prswg==
cache-control: max-age=600
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.11431/bundles/project.js&cfRay=77141c9e7e0d0a2b-IAD
x-hs-target-asset: conversations-embed/static-1.11431/bundles/project.js
x-hs-cache-status: HIT
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 540
server: cloudflare
cf-ray: 7731eac94e66b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
462bd1920adf582c53b62bf5bd15cbfd
e8524bd822d024906c927f22f9f6ff64e53c3c73
f0fc888f0c5048a613cb857ef8c052ac93e6505ee10010e436acee86a12e5a6c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6094
Cache-Control: max-age=134246
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:31 GMT
Etag: "6388e923-117"
Expires: Sat, 03 Dec 2022 19:30:57 GMT
Last-Modified: Thu, 01 Dec 2022 17:49:23 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

aureumcs.ca/wp-content/uploads/2022/11/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w9-3.woff

67.43.226.109

200 OK

51 kB

URL HTTP/1.1
aureumcs.ca/wp-content/uploads/2022/11/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w9-3.woff
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
Web Open Font Format, TrueType, length 51152, version 1.1\012- data
Size
51 kB (51152 bytes)
Hash
8c11c1bdfbe79ab8d354bc9295f617bc
35444d06cf1af13da73bf42566397b3ce67bbe6d
46a8b2d46c50135f8627a9e0f0e9c64d8b943c42d819caac49db8d799c5df6a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2022/11/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w9-3.woff HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sun, 27 Nov 2022 22:39:45 GMT
Accept-Ranges: bytes
Content-Length: 51152
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=496
Connection: Keep-Alive
Content-Type: font/woff

aureumcs.ca/wp-content/themes/handel/css/codeless-icons.css

67.43.226.109

200 OK

52 kB

URL HTTP/1.1
aureumcs.ca/wp-content/themes/handel/css/codeless-icons.css
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
ASCII text, with very long lines (52336), with no line terminators
Size
52 kB (52336 bytes)
Hash
231ab1554eedd8fdcac5e616937ee32a
d8191923122cfb4f357600ead8f92f622005a91c
16ea247aa6bdf8dacb04b10daa9fa62b64ad871c36c5bede1b817b23df31822c

HTTP Headers

GET /wp-content/themes/handel/css/codeless-icons.css HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:35:50 GMT
Accept-Ranges: bytes
Content-Length: 52336
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=496
Connection: Keep-Alive
Content-Type: text/css

js.hsadspixel.net/fb.js

104.17.115.176

200 OK

2.6 kB

URL HTTP/2
js.hsadspixel.net/fb.js
IP
104.17.115.176:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (5960)
Size
2.6 kB (2550 bytes)
Hash
ae87d32e1dc6d21f430953429dc0d596
d9c7ba7790992303a1cc1858edc7b0c5364c55db
436488eb9fcf70c200e8c269903f6a322f0056ee2b48a3ff58fea80a065ea095

HTTP Headers

GET /fb.js HTTP/1.1
Host: js.hsadspixel.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:31 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 03:38:56 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: aoUPWE.Bu9NRjxDy7F1Soox3yNWe2Us6
etag: W/"c32a10854f4ff995fc7198ba0324bcc6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: smhvQzjcFZrUF_W80GOlXD1DdtGd0AC68U0HlvjmUpwB5gIHEEOtRA==
age: 33
cache-control: max-age=600
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.302/bundles/pixels-release.js&cfRay=76d6427b4847b506-IAD
x-hs-target-asset: adsscriptloaderstatic/static-1.302/bundles/pixels-release.js
x-hs-cache-status: HIT
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
cf-cache-status: HIT
server: cloudflare
cf-ray: 7731eac95dceb500-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
462bd1920adf582c53b62bf5bd15cbfd
e8524bd822d024906c927f22f9f6ff64e53c3c73
f0fc888f0c5048a613cb857ef8c052ac93e6505ee10010e436acee86a12e5a6c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6173
Cache-Control: max-age=134325
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:31 GMT
Etag: "6388e923-117"
Expires: Sat, 03 Dec 2022 19:32:16 GMT
Last-Modified: Thu, 01 Dec 2022 17:49:23 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279

aureumcs.ca/wp-content/uploads/2022/11/CSR44z5ZnPydRjlCCwlCtOM6T_N9-3.woff

67.43.226.109

200 OK

21 kB

URL HTTP/1.1
aureumcs.ca/wp-content/uploads/2022/11/CSR44z5ZnPydRjlCCwlCtOM6T_N9-3.woff
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
Web Open Font Format, TrueType, length 20772, version 1.1\012- data
Size
21 kB (20772 bytes)
Hash
9ebf868721246e4f8b8a519261160e55
49ae40df2cbfb773be773848ef514dd01f41208d
8fa1f0ee71a167429a7d4d82c24e274cf72aba123c5f7c6025ccfc3fc4025fd7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2022/11/CSR44z5ZnPydRjlCCwlCtOM6T_N9-3.woff HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sun, 27 Nov 2022 22:39:46 GMT
Accept-Ranges: bytes
Content-Length: 20772
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=492
Connection: Keep-Alive
Content-Type: font/woff

api.hubspot.com/livechat-public/v1/message/public?portalId=5921771&conversations-embed=static-1.11431&mobile=false&messagesUtk=d157961626d44d478778b1d231ac304b&traceId=d157961626d44d478778b1d231ac304b

104.19.154.83

200 OK

1.4 kB

URL HTTP/2
api.hubspot.com/livechat-public/v1/message/public?portalId=5921771&conversations-embed=static-1.11431&mobile=false&messagesUtk=d157961626d44d478778b1d231ac304b&traceId=d157961626d44d478778b1d231ac304b
IP
104.19.154.83:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (2890), with no line terminators
Size
1.4 kB (1419 bytes)
Hash
36d6150ceabf6915fb9f34a648f398dc
749c71424631ac5e14af263e985d8262b79be6e9
661872985a3d8e363a77af02a71836993d2fd6cf406340bcd9bea8e55446cd8a

HTTP Headers

GET /livechat-public/v1/message/public?portalId=5921771&conversations-embed=static-1.11431&mobile=false&messagesUtk=d157961626d44d478778b1d231ac304b&traceId=d157961626d44d478778b1d231ac304b HTTP/1.1
Host: api.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-HubSpot-Messages-Uri: https://aureumcs.ca/menu/inc/en-us
Origin: https://aureumcs.ca
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:32 GMT
content-type: application/json;charset=utf-8
content-length: 1419
cf-ray: 7731eaca7c7e0b61-OSL
access-control-allow-origin: https://aureumcs.ca
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-hubspot-correlation-id: 81a73a6c-b740-46dc-9303-9f9d4fb39746
x-trace: 2B84212FDCA6696192B6C9235B4A73A2FAAAFF35FD000000000000000000
set-cookie: __cf_bm=RYYgnlpzJDMWB6r_i0hOZkkA3OLrHiyVcV5FfGoLhi4-1669961612-0-AZ37wCN7mVDcsyuJHRARAAiHpL30gYyHKd3Id+9QoFNWygdtAECc+HKE7zg536sNHm3qvzOmTQfTmu9QPHyIPcs=; path=/; expires=Fri, 02-Dec-22 06:43:32 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TyHRqwAj2%2BlnhWjS1tVIiRpFhib0j%2F2nfFdSHs8aw9zLbz35ldD%2FtHEfR09hLo2ssxjSTGyRugvOknd9HDEVNkJrj33e00W%2BtcKqRCOs2DcNAqo0xvllXBrQ2CML%2BNy96w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

aureumcs.ca/wp-content/themes/handel/css/fonts/codeless-icons.woff2?79887187

67.43.226.109

200 OK

210 kB

URL HTTP/1.1
aureumcs.ca/wp-content/themes/handel/css/fonts/codeless-icons.woff2?79887187
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
Web Open Font Format (Version 2), TrueType, length 210388, version 1.0\012- data
Size
210 kB (210388 bytes)
Hash
3651f87980e89fc3f4fc015f96656960
96c315b40c26620edcde93a3a88829763df75f59
b22dd58aa9edacedc22ac47c89a3a4c1f738a28aae3ba7ec53d57b67515db5c5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/handel/css/fonts/codeless-icons.woff2?79887187 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://aureumcs.ca/wp-content/themes/handel/css/codeless-icons.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:32 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:35:50 GMT
Accept-Ranges: bytes
Content-Length: 210388
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:32 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=495
Connection: Keep-Alive
Content-Type: font/woff2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
1f3b5bcb7768f7ea14c845d4b30fa6b8
be390ecd5837808378b4307ab89db94f197cc178
01f2126ecaafe9296efe33f09dcda3c744b1869afdbcf8b45b2466e3c2a6bdff

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5618
Cache-Control: max-age=151759
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:32 GMT
Etag: "63892f69-118"
Expires: Sun, 04 Dec 2022 00:22:51 GMT
Last-Modified: Thu, 01 Dec 2022 22:49:13 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
5febcc63cc2c08b873bfee87cfbb205c
1b2605b40679d4390314f4d0f53729a4fd7f8b10
ce0901d88672218e15e196bc5f95cabc757633de0cb86ad894a05f87e05987c1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6094
Cache-Control: max-age=143591
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:32 GMT
Etag: "63890da5-117"
Expires: Sat, 03 Dec 2022 22:06:43 GMT
Last-Modified: Thu, 01 Dec 2022 20:25:09 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
5febcc63cc2c08b873bfee87cfbb205c
1b2605b40679d4390314f4d0f53729a4fd7f8b10
ce0901d88672218e15e196bc5f95cabc757633de0cb86ad894a05f87e05987c1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5545
Cache-Control: max-age=143042
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:32 GMT
Etag: "63890da5-117"
Expires: Sat, 03 Dec 2022 21:57:34 GMT
Last-Modified: Thu, 01 Dec 2022 20:25:09 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 02 Dec 2022 04:41:08 GMT
expires: Fri, 02 Dec 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 5544
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

aureumcs.ca/wp-content/uploads/2019/04/favicon.png

67.43.226.109

200 OK

13 kB

URL HTTP/1.1
aureumcs.ca/wp-content/uploads/2019/04/favicon.png
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
PNG image data, 196 x 196, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (13150 bytes)
Hash
607f987240d3f2801254e91275c7f8db
2fd4dc35489b6f5825d94983e6b2190cfb812313
8c480dbb68a05e5e1f6bd46e0f1264a236ddf920e13cb6e494faa7523285fdb4

HTTP Headers

GET /wp-content/uploads/2019/04/favicon.png HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:32 GMT
Server: Apache
Last-Modified: Sun, 28 Apr 2019 01:02:30 GMT
Accept-Ranges: bytes
Content-Length: 13150
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:32 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=494
Connection: Keep-Alive
Content-Type: image/png

aureumcs.ca/wp-content/uploads/2019/04/favicon-150x150.png

67.43.226.109

200 OK

8.8 kB

URL HTTP/1.1
aureumcs.ca/wp-content/uploads/2019/04/favicon-150x150.png
IP
67.43.226.109:0
ASN
#36666 GTCOMM

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
8.8 kB (8763 bytes)
Hash
21b9bb6cc990a36a4cc612468352d56e
d00c28f84ae2b40c5421c963bd160b65b1b5e2aa
d286040acdb9e8019fb3459c5318eadd5f23ffef301c5b311d19296ef80f7c53

HTTP Headers

GET /wp-content/uploads/2019/04/favicon-150x150.png HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:32 GMT
Server: Apache
Last-Modified: Sun, 28 Apr 2019 01:02:31 GMT
Accept-Ranges: bytes
Content-Length: 8763
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:32 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=491
Connection: Keep-Alive
Content-Type: image/png

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
7ddd5b339c17335fcc77b8e2b5a51538
b00cf5425274d30765aa7bd245b0e43c0cc326a0
1b44e08e02d38c6f9f1cc30370beb3f46a2711fe57c3b435d611363d70fbabae

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6268
Cache-Control: max-age=131852
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:32 GMT
Etag: "6388df1c-117"
Expires: Sat, 03 Dec 2022 18:51:04 GMT
Last-Modified: Thu, 01 Dec 2022 17:06:36 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-142598049-1&cid=2060274083.1669961611&jid=283114704&gjid=1385980352&_gid=1152790238.1669961611&_u=YGBAgUABCAAAAEAAI~&z=1773224716

64.233.164.156

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-142598049-1&cid=2060274083.1669961611&jid=283114704&gjid=1385980352&_gid=1152790238.1669961611&_u=YGBAgUABCAAAAEAAI~&z=1773224716
IP
64.233.164.156:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-142598049-1&cid=2060274083.1669961611&jid=283114704&gjid=1385980352&_gid=1152790238.1669961611&_u=YGBAgUABCAAAAEAAI~&z=1773224716 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://aureumcs.ca
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://aureumcs.ca
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 02 Dec 2022 06:13:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
7ddd5b339c17335fcc77b8e2b5a51538
b00cf5425274d30765aa7bd245b0e43c0cc326a0
1b44e08e02d38c6f9f1cc30370beb3f46a2711fe57c3b435d611363d70fbabae

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6268
Cache-Control: max-age=131852
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:32 GMT
Etag: "6388df1c-117"
Expires: Sat, 03 Dec 2022 18:51:04 GMT
Last-Modified: Thu, 01 Dec 2022 17:06:36 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279

js-agent.newrelic.com/nr-spa-1216.min.js

151.101.66.137

200 OK

18 kB

URL HTTP/2
js-agent.newrelic.com/nr-spa-1216.min.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32010)
Size
18 kB (18216 bytes)
Hash
6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a

HTTP Headers

GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.hubspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 06:13:32 GMT
via: 1.1 varnish
x-served-by: cache-bma1631-BMA
x-cache: HIT
x-cache-hits: 873
x-timer: S1669961613.614845,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d678930a3ffb73b22a3baad2fa2690cf
e836f3e1afe6f80b127b0b5c0e568f7bd259edb5
ea28784ef2cd6dfe7b41c89c359ec6d50ea053abb0b167509374bee44faeb256

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6262
Cache-Control: max-age=151320
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:32 GMT
Etag: "63892b2e-1d7"
Expires: Sun, 04 Dec 2022 00:15:32 GMT
Last-Modified: Thu, 01 Dec 2022 22:31:10 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

snap.licdn.com/li.lms-analytics/insight.min.js

95.101.11.57

200 OK

4.6 kB

URL HTTP/2
snap.licdn.com/li.lms-analytics/insight.min.js
IP
95.101.11.57:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (12961)
Size
4.6 kB (4581 bytes)
Hash
c1a25b303b61b25e995516f5559bcdea
3c16a6fa3a2a6dc59d57a9ea1588c4f259884688
2063d2d1415ce9437e9331cb9a798714a5b2e106a65d6dc0ef0d426a5a4c30f2

HTTP Headers

GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=16322
date: Fri, 02 Dec 2022 06:13:32 GMT
content-length: 4581
x-cdn: AKAM
X-Firefox-Spdy: h2

bam-cell.nr-data.net/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=593&ck=1&ref=https://app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b&be=301&fe=447&dc=410&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669961610445,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:8,%22rp%22:178,%22rpe%22:192,%22dl%22:182,%22di%22:409,%22ds%22:410,%22de%22:410,%22dc%22:446,%22l%22:446,%22le%22:448%7D,%22navigation%22:%7B%7D%7D&fcp=581&ja=%7B%22nrSnippetVersion%22:%221198%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22userAgentRaw%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0%22,%22supportsPromiseRejectionEvent%22:true,%22cpuCores%22:16,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:5921771,%22package%22:%22conversations-visitor-ui%22,%22packageVersion%22:%221.13883%22,%22template%22:%22visitor-index.html.tsx%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22isEmbeddedInProduct%22:%22false%22,%22reactRhumbVersion%22:%221.8417%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0,%22supportsUserTiming%22:true,%22supportsPerformanceTimeline%22:true,%22supportsHighResolutionTime%22:true%7D&jsonp=NREUM.setToken

162.247.241.2

200 OK

72 B

URL HTTP/1.1
bam-cell.nr-data.net/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=593&ck=1&ref=https://app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b&be=301&fe=447&dc=410&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669961610445,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:8,%22rp%22:178,%22rpe%22:192,%22dl%22:182,%22di%22:409,%22ds%22:410,%22de%22:410,%22dc%22:446,%22l%22:446,%22le%22:448%7D,%22navigation%22:%7B%7D%7D&fcp=581&ja=%7B%22nrSnippetVersion%22:%221198%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22userAgentRaw%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0%22,%22supportsPromiseRejectionEvent%22:true,%22cpuCores%22:16,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:5921771,%22package%22:%22conversations-visitor-ui%22,%22packageVersion%22:%221.13883%22,%22template%22:%22visitor-index.html.tsx%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22isEmbeddedInProduct%22:%22false%22,%22reactRhumbVersion%22:%221.8417%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0,%22supportsUserTiming%22:true,%22supportsPerformanceTimeline%22:true,%22supportsHighResolutionTime%22:true%7D&jsonp=NREUM.setToken
IP
162.247.241.2:0
ASN
#23467 NEWRELIC-AS-1

File type
ASCII text, with no line terminators
Size
72 B (72 bytes)
Hash
107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937

HTTP Headers

GET /1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=593&ck=1&ref=https://app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b&be=301&fe=447&dc=410&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669961610445,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:8,%22rp%22:178,%22rpe%22:192,%22dl%22:182,%22di%22:409,%22ds%22:410,%22de%22:410,%22dc%22:446,%22l%22:446,%22le%22:448%7D,%22navigation%22:%7B%7D%7D&fcp=581&ja=%7B%22nrSnippetVersion%22:%221198%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22userAgentRaw%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0%22,%22supportsPromiseRejectionEvent%22:true,%22cpuCores%22:16,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:5921771,%22package%22:%22conversations-visitor-ui%22,%22packageVersion%22:%221.13883%22,%22template%22:%22visitor-index.html.tsx%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22isEmbeddedInProduct%22:%22false%22,%22reactRhumbVersion%22:%221.8417%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0,%22supportsUserTiming%22:true,%22supportsPerformanceTimeline%22:true,%22supportsHighResolutionTime%22:true%7D&jsonp=NREUM.setToken HTTP/1.1
Host: bam-cell.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.hubspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:32 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7731ead03ee50b06-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=4a154dbd1350fa10; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=835T0jovCr5ysS%2F%2FQcoXs4A4NLMTrNVmcFIzT%2BWUE89sWLXInoaxVqHMjAhE3FD926pRzeXuonOW83H2AWgI9H%2FIDrGNK6QVkVD%2Bb99B5hlO5YQyb9sABgZYy%2F%2BKdtwHFkZJoRkO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip

cdn.linkedin.oribi.io/partner/1217346/domain/aureumcs.ca/token

54.230.111.78

200 OK

0 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/1217346/domain/aureumcs.ca/token
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /partner/1217346/domain/aureumcs.ca/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://aureumcs.ca/
Origin: https://aureumcs.ca
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 0
date: Thu, 01 Dec 2022 17:34:32 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JTPS-9Km8UBegBL4iIg8Bc264n9GMTLRUBCuCopV6ATAZzk1VcC3Og==
age: 45541
X-Firefox-Spdy: h2

bam-cell.nr-data.net/ins/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=870&ck=1&ref=https://app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b

162.247.241.2

204 No Content

0 B

URL HTTP/1.1
bam-cell.nr-data.net/ins/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=870&ck=1&ref=https://app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b
IP
162.247.241.2:0
ASN
#23467 NEWRELIC-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ins/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=870&ck=1&ref=https://app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b HTTP/1.1
Host: bam-cell.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 2103
Origin: https://app.hubspot.com
Connection: keep-alive
Referer: https://app.hubspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Date: Fri, 02 Dec 2022 06:13:33 GMT
Connection: keep-alive
CF-Ray: 7731ead13f420b06-OSL
Access-Control-Allow-Origin: https://app.hubspot.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjCKFETYD8uAaU3DF77uoE4z6q1%2FuZpAyeqdS41TWR2xCXuGwDOo8g5xbaHYDi%2FleeEpE4rRbkYfo%2FjN9gqx02YmNjTsHJn97gA58K%2FLSDbhV%2BZzJsw2ZhdRHGwQkrGBbkZ1i2Vs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare

bam-cell.nr-data.net/events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=875&ck=1&ref=https://app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b

162.247.241.2

200 OK

24 B

URL HTTP/1.1
bam-cell.nr-data.net/events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=875&ck=1&ref=https://app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b
IP
162.247.241.2:0
ASN
#23467 NEWRELIC-AS-1

File type
GIF image data, version 89a, 1 x 1\012- data
Size
24 B (24 bytes)
Hash
bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

HTTP Headers

POST /events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=875&ck=1&ref=https://app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b HTTP/1.1
Host: bam-cell.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1034
Origin: https://app.hubspot.com
Connection: keep-alive
Referer: https://app.hubspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:33 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 7731ead15cffb4f1-OSL
Access-Control-Allow-Origin: https://app.hubspot.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDInW5P8xxTf%2FfcnqcQZ04yns1ubC7eBeI44t0VFjiWS%2FO4gQ79FQVcxaHl4VCFa57D%2Bx2cBVQMI23ygzjdpJARtQfwwhwkOB8oSnPojtQnBhZ3UQ96WLGJ6HMhIw6%2BcN6llCQVY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare

px.ads.linkedin.com/collect?v=2&fmt=js&pid=1217346&time=1669961611206&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us

13.107.42.14

302 Found

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=1217346&time=1669961611206&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=1217346&time=1669961611206&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1217346%26time%3D1669961611206%26url%3Dhttps%253A%252F%252Faureumcs.ca%252Fmenu%252Finc%252Fen-us%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQJ6CUjVwI6xUQAAAYTRd_8givGoXmPF-gZh627rnmn_nyO7x2KQSvLHx2VYqJ-AlIPbrUQxVCRWaw; Max-Age=2592000; Expires=Sun, 01 Jan 2023 06:13:33 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQKt9GyfrPe0cAAAAYTRd_8g9r-29JmJl9DmttwT5tLny1_0ziWFLHhSEkALyxfS04_lMduToTuXVN-4jh17Bg; Max-Age=2592000; Expires=Sun, 01 Jan 2023 06:13:33 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&70fc07eb-bac4-4172-8471-f925fa4c7f00"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 02-Dec-2023 06:13:33 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2427:u=1:x=1:i=1669961613:t=1670048013:v=2:sig=AQHa1MTAnFYgnOzVadouGaxH_OcZYktG"; Expires=Sat, 03 Dec 2022 06:13:33 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXu0jy8eBWR3mE4yDbrbA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 6A5A0E858B6A4DF994645DD2DB23242A Ref B: OSL30EDGE0311 Ref C: 2022-12-02T06:13:33Z
date: Fri, 02 Dec 2022 06:13:32 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1217346%26time%3D1669961611206%26url%3Dhttps%253A%252F%252Faureumcs.ca%252Fmenu%252Finc%252Fen-us%26liSync%3Dtrue

13.107.42.14

302 Found

0 B

URL HTTP/2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1217346%26time%3D1669961611206%26url%3Dhttps%253A%252F%252Faureumcs.ca%252Fmenu%252Finc%252Fen-us%26liSync%3Dtrue
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1217346%26time%3D1669961611206%26url%3Dhttps%253A%252F%252Faureumcs.ca%252Fmenu%252Finc%252Fen-us%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aureumcs.ca/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1217346&time=1669961611206&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&19062639-fe7e-440a-8a55-61056e7693eb"; Domain=.linkedin.com; Expires=Sat, 02-Dec-2023 06:13:33 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20221202061333230441be-b17b-44bc-8498-e5a82c421d80AQFoOhhuop7rsH25LUIrKVDtUu_p9Rvl"; Domain=.www.linkedin.com; Expires=Sat, 02-Dec-2023 06:13:33 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2Njk5NjE2MTM7MjswMjFgy6vdIeyjO9P/uADjDREi/hmhN1x2DKN7rheMNypucA==; Domain=.linkedin.com; Expires=Wed, 31 May 2023 06:13:33 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2383:u=1:x=1:i=1669961613:t=1670048013:v=2:sig=AQGxPlu3f3hEwkztHlMbOj-CrUxkWTxK"; Expires=Sat, 03 Dec 2022 06:13:33 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com onyx.www.linkedin.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXu0jy/MBfy4Eh1BaWTPQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: FF1B62FB8EFD49D6BD83DD3C8FBD6420 Ref B: OSL30EDGE0311 Ref C: 2022-12-02T06:13:33Z
date: Fri, 02 Dec 2022 06:13:32 GMT
content-length: 0
X-Firefox-Spdy: h2

px.ads.linkedin.com/collect?v=2&fmt=js&pid=1217346&time=1669961611206&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us&liSync=true

13.107.42.14

200 OK

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=1217346&time=1669961611206&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us&liSync=true
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=1217346&time=1669961611206&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aureumcs.ca/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&040ef8b4-b2b8-47c2-8a72-fe43b354a28c"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 02-Dec-2023 06:13:33 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2427:u=1:x=1:i=1669961613:t=1670048013:v=2:sig=AQHa1MTAnFYgnOzVadouGaxH_OcZYktG"; Expires=Sat, 03 Dec 2022 06:13:33 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXu0jzCOL4OnxclLOTXeQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 52D43E8171A641F7A409FC176FEE30E6 Ref B: OSL30EDGE0311 Ref C: 2022-12-02T06:13:33Z
date: Fri, 02 Dec 2022 06:13:33 GMT
content-length: 0
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6564 bytes)
Hash
58a28fc1cbcacdb07b3ca175281982b5
9bc47ee49fc070d0997e49a719bd9758685ad583
d3bfcf749c4652cb29f7c82a5d7ba940bd607f9060e49c1c40a112eb3e625bd9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6564
x-amzn-requestid: e2875cf3-3915-43a5-a724-4de2ca03de56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepHOiIAMFTFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-5f7e2a3f609d54a609a12670;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mwGAEu-gPXY5Opwd972VbBA6l33dNk7bPFSyZmciaplQKj2ZuTkQSg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 30342
etag: "9bc47ee49fc070d0997e49a719bd9758685ad583"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

js.hs-scripts.com/5921771.js?integration=wordpress&ver=5.1.15

104.17.210.204

200 OK

0 B

URL HTTP/2
js.hs-scripts.com/5921771.js?integration=wordpress&ver=5.1.15
IP
104.17.210.204:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /5921771.js?integration=wordpress&ver=5.1.15 HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:31 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B1FEAC321F8D50BA8C145AFC827B80A04A9535DAF000000000000000000
cache-control: public, max-age=60
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 9c8a7f06-2bbe-45ff-aee2-3f0a8b398072
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://aureumcs.ca
last-modified: Fri, 02 Dec 2022 02:59:29 GMT
cf-cache-status: EXPIRED
expires: Fri, 02 Dec 2022 06:14:31 GMT
server: cloudflare
cf-ray: 7731eac389e7b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2

js.hs-analytics.net/analytics/1669961400000/5921771.js

104.17.70.176

200 OK

0 B

URL HTTP/2
js.hs-analytics.net/analytics/1669961400000/5921771.js
IP
104.17.70.176:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /analytics/1669961400000/5921771.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:32 GMT
content-type: text/javascript
x-amz-id-2: l91WAskxdGMa7/dwWIdEkJY0rqs+2eT32KM8R7OHA1CSgIUjSbMLCuls8F6bxGp7Txkm6AqMG9w=
x-amz-request-id: 60FEQXF4RM11KEYZ
last-modified: Thu, 01 Dec 2022 14:19:45 GMT
etag: W/"6e24e4be7b6b242ecfb3075fc1b70069"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
vary: origin, Accept-Encoding
expires: Fri, 02 Dec 2022 06:18:32 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 7731eacceaaa0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

js-na1.hs-scripts.com/5921771.js

104.17.210.204

200 OK

0 B

URL HTTP/2
js-na1.hs-scripts.com/5921771.js
IP
104.17.210.204:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /5921771.js HTTP/1.1
Host: js-na1.hs-scripts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:33 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B385CECA4F1312F7C510DF4A34CA93E3C3E07F0BD000000000000000000
cache-control: public, max-age=30
vary: origin, Accept-Encoding
x-hubspot-correlation-id: e4b3f640-891f-478c-8c81-4308b35e36f0
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://aureumcs.ca
last-modified: Fri, 02 Dec 2022 02:59:33 GMT
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 7731eacf9b1cb4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.linkedin.oribi.io/partner/1217346/domain/aureumcs.ca/token

54.230.111.78

200 OK

0 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/1217346/domain/aureumcs.ca/token
IP
54.230.111.78:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /partner/1217346/domain/aureumcs.ca/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://aureumcs.ca
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
date: Fri, 02 Dec 2022 05:31:15 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hsJfwWZK7sze_P23q2kYhdlt635vbVlfrM1iGKbSDXZg6ElLjxLg3A==
age: 2538
X-Firefox-Spdy: h2

static.hsappstatic.net/conversations-visitor-ui/static-1.13423/sass/visitor.css

104.17.9.210

200 OK

0 B

URL HTTP/2
static.hsappstatic.net/conversations-visitor-ui/static-1.13423/sass/visitor.css
IP
104.17.9.210:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /conversations-visitor-ui/static-1.13423/sass/visitor.css HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.hubspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:32 GMT
content-type: text/css
x-amz-replication-status: COMPLETED
last-modified: Tue, 11 Oct 2022 21:17:02 GMT
etag: W/"c57c59b19d20eb0d9c642bee666f5dc3"
x-amz-server-side-encryption: AES256
x-amz-version-id: urNCaUDe5_HA94fS9Bt7NjD5nB3OIUV8
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p9zRajP0RxCOkQb5QeJUkAQ33fKG2m2HTXXJSkWGrRP8ISzWIvT5lg==
cf-cache-status: HIT
age: 1952660
expires: Sat, 02 Dec 2023 06:13:32 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnrxQzxOs9p23T%2FBafkciZ6nK7KocK2XzlIKr2mZw9IwxeYSsqSTAn1ruFcQS4fSy4KIV7vPBPtUHYMhTvWPdtJ1fkhgje3EbKkfhFK3t0yvk8FxgjFVNTideL%2Ft1EralXU8kEWAC68%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7731eacd2e811c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.hsappstatic.net/conversations-visitor-ui/static-1.13861/i18n-data-data-locales-en-us.js

104.17.9.210

200 OK

0 B

URL HTTP/2
static.hsappstatic.net/conversations-visitor-ui/static-1.13861/i18n-data-data-locales-en-us.js
IP
104.17.9.210:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /conversations-visitor-ui/static-1.13861/i18n-data-data-locales-en-us.js HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.hubspot.com
Connection: keep-alive
Referer: https://app.hubspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:32 GMT
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET
access-control-max-age: 3000
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Tue, 22 Nov 2022 16:53:39 GMT
etag: W/"a1dec623914000bd4a908273f8980145"
x-amz-server-side-encryption: AES256
x-amz-version-id: N1YNpHsPesqdzMzbM3L1yATKJIWFsXmQ
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 d42e11d52edd8bb7c6c82444d8414824.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: D9ketAJd2yxQ0UIM_x9FKrg93rcVrhzxQpfvIMl1zWtZ4V0HQm2v3w==
cf-cache-status: HIT
age: 313129
expires: Sat, 02 Dec 2023 06:13:32 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SEKjsAWJhRf6nitpKTxXCOn14Rv%2FPHCn%2Bgw2OaO7%2Bn1K67tqF6jG29KYIWhcihwZu58LpgHHBCEHAx72fnYdk4a0kYLRmW6CoqdFx0IkUnoGd8fV1Fz1Cz3sLpSrEjQ74mPb%2FllX9Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7731eace5c4ab51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.hsappstatic.net/head-dlb/static-1.245/bundle.production.js

104.17.9.210

200 OK

0 B

URL HTTP/2
static.hsappstatic.net/head-dlb/static-1.245/bundle.production.js
IP
104.17.9.210:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /head-dlb/static-1.245/bundle.production.js HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.hubspot.com
Connection: keep-alive
Referer: https://app.hubspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:32 GMT
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET
access-control-max-age: 3000
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Mon, 07 Nov 2022 16:12:00 GMT
etag: W/"d0d928e20b2bebe8d43d510597af50e3"
x-amz-server-side-encryption: AES256
x-amz-version-id: cXTDvGuwbPuMrVAW0W63IbeHNqDKyRYR
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: S4R_IdlMnmvqWOtzIw-ci7tFaeL0xuHQK1KLCodI6dVIrQAAnYes2w==
cf-cache-status: HIT
age: 2112635
expires: Sat, 02 Dec 2023 06:13:32 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8071MSi7Bp%2Bi%2BRRGWvpwUXhgBn1FAOza%2Butj9xFTue33wEAxZdqGkqMxqU5c9%2FHtKd%2Bsglhzq7UbQBpIw46GOYMJhcUpZGztTC8cUH7OIKKexsYiMjUk%2BR2I14oq6JVXiVw5p8aUWXY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7731eacd2b42b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=5921771

104.17.200.204

200 OK

0 B

URL HTTP/2
api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=5921771
IP
104.17.200.204:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /hs-script-loader-public/v1/config/pixel/json?portalId=5921771 HTTP/1.1
Host: api.hubapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aureumcs.ca
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:32 GMT
content-type: application/json;charset=utf-8
cf-ray: 7731eace0a80b521-OSL
access-control-allow-origin: https://aureumcs.ca
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-max-age: 180
x-hubspot-correlation-id: 0d479022-088c-4f92-9b4f-7f5dd3f093dd
x-trace: 2B3C94BB2E35D77FDEE05CA65143886876C1423400000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v72AoZUfFCNcRB5igcHXPMQo5pcxTcEvRGu3wErN1gYtuUs%2FGuP8To7t79QBn6x1GOZOiFrPqfQGPmtMQ6UOsum4vp4l9Dy6bs61HhoukPOH9Ajq6IG4pjzFbuInd84y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.hsappstatic.net/hubspot-dlb/static-1.332/bundle.production.js

104.17.9.210

200 OK

0 B

URL HTTP/2
static.hsappstatic.net/hubspot-dlb/static-1.332/bundle.production.js
IP
104.17.9.210:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /hubspot-dlb/static-1.332/bundle.production.js HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.hubspot.com
Connection: keep-alive
Referer: https://app.hubspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:32 GMT
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET
access-control-max-age: 3000
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Nov 2022 18:32:01 GMT
etag: W/"d9e371a943207738b889e588b0560980"
x-amz-server-side-encryption: AES256
x-amz-version-id: 5fbvyIgmgfc2EQptzTy6EeP9FKqExCxl
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 d3e98d8cca4d16199794e4f4191b942c.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P1
x-amz-cf-id: naSDQwZ9VJ4ROhVJChetMaHntgnK8_i3abTiF3wlqsaSUoObvUFWcg==
cf-cache-status: HIT
age: 1938182
expires: Sat, 02 Dec 2023 06:13:32 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2LF2wIIxotM3ZPfodxDH7KjLBOkE%2FZjn1zNHv5u5qoljm7zcUj5jLzzY3znAx4LyHiugFJEeTBajfZa47E%2FrKr2vQxAa9qQdYmx8ewUMUDXpm613Bb2t6LU9POWeCBxDoNPm3CIzRo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7731eacd2b44b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.hsappstatic.net/conversations-visitor-ui/static-1.13883/bundles/visitor.js

104.17.9.210

200 OK

0 B

URL HTTP/2
static.hsappstatic.net/conversations-visitor-ui/static-1.13883/bundles/visitor.js
IP
104.17.9.210:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /conversations-visitor-ui/static-1.13883/bundles/visitor.js HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.hubspot.com
Connection: keep-alive
Referer: https://app.hubspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:32 GMT
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET
access-control-max-age: 3000
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Mon, 28 Nov 2022 14:47:44 GMT
etag: W/"b1140ae6da34d559f022466fda7d28d6"
x-amz-server-side-encryption: AES256
x-amz-version-id: 7ZfHprd_ObMXyNfnYPduQjpX3IqGPD5C
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 58899c559ea4c71daeb5333a74914042.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: s4kzo1i2gi1HQvtrMG6Tudlckrw2fnwWizqbCAXcJxLOoC29hhTgAA==
cf-cache-status: HIT
age: 313134
expires: Sat, 02 Dec 2023 06:13:32 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8JvrTt4L9Q2KLiJqHFNvhi7c6LQmktJiVI2Sc4yLO3Zk%2FGJ68btwvkfJ%2Fui6vFXzWwiWZ8HRSo8QGUO5fd2vTz5HjKUx94E4TR5CrZOxXl3DdLYUkppG1GS%2Fes9YbPHDQZsE8sYe%2FM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7731eacd2b46b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (46)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations