r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7961
Expires: Fri, 02 Dec 2022 08:26:10 GMT
Date: Fri, 02 Dec 2022 06:13:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1286
Cache-Control: max-age=103149
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:29 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 10:52:38 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5948
Expires: Fri, 02 Dec 2022 07:52:37 GMT
Date: Fri, 02 Dec 2022 06:13:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 05:18:11 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3318
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 2ueBz1+LerjhxvggbYrke4VYQdgJ5CH8dzI7pUp6fSbR5O9DGuAsySLYpajDwG3qoKPy9yXNDHY=
x-amz-request-id: K2Q1KA16ZMNEZW0K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 05:46:35 GMT
age: 1614
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:13:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
aureumcs.ca/menu/inc/en-us
67.43.226.109301 Moved Permanently 0 B URL HTTP/1.1 aureumcs.ca/menu/inc/en-us
IP 67.43.226.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /menu/inc/en-us HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 06:13:29 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://aureumcs.ca/menu/inc/en-us
X-Endurance-Cache-Level: 2
Content-Length: 0
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 06:11:15 GMT
cache-control: public,max-age=3600
age: 134
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1287
Cache-Control: max-age=98086
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:30 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:28:16 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.190.4101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.190.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SEZ8F70GqJYt93XdYBB4tA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TVHK2QDFd2R9+YmqxCwOfgzgDTY=
aureumcs.ca/menu/inc/en-us
67.43.226.109404 Not Found 59 kB URL HTTP/1.1 aureumcs.ca/menu/inc/en-us
IP 67.43.226.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28921), with CRLF, LF line terminators
Hash 53fbd0ebef3a288edcc434faa7fc0f4e
3c78e0035ad9676fab707c8822156137768dbaf8
6d4226b9285dcd4aecf7d6d13ad223696825bab7a3e4bbad0e98db72f7475d78
Analyzer Verdict Alert openphish Office365
fortinet Phishing
GET /menu/inc/en-us HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Date: Fri, 02 Dec 2022 06:13:30 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://aureumcs.ca/wp-json/>; rel="https://api.w.org/"
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aureumcs.ca/wp-content/themes/handel/css/bootstrap.css?ver=5.1.15
67.43.226.109200 OK 22 kB URL HTTP/1.1 aureumcs.ca/wp-content/themes/handel/css/bootstrap.css?ver=5.1.15
IP 67.43.226.109:0
File type ASCII text, with very long lines (540)
Hash 29d5b9d4240bbc8e53f3621e88c327ca
053a0a26d60d4e11aa517823e18deec661a020b6
7d26fc6c42778c8c3b7e2aebcd67331daabe0b21f35c477c926826edafa87ce7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/handel/css/bootstrap.css?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:30 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:35:50 GMT
Accept-Ranges: bytes
Content-Length: 22351
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:30 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=499
Connection: Keep-Alive
Content-Type: text/css
fonts.googleapis.com/css?family=Cantarell:400,700
142.250.74.106200 OK 847 B URL HTTP/2 fonts.googleapis.com/css?family=Cantarell:400,700
IP 142.250.74.106:0
Hash 4e0d42fee49419bbd09cf20401de835f
e49bc2e652a477e36ddccfde1b2119b71ccf5d4d
de8c2df51eef5f13ca2c735c2c51f732025d1623878a2f90d2680262015538bd
GET /css?family=Cantarell:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 06:13:30 GMT
date: Fri, 02 Dec 2022 06:13:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
aureumcs.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1
67.43.226.109200 OK 1.7 kB URL HTTP/1.1 aureumcs.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1
IP 67.43.226.109:0
Hash 5ad1cfa3f5175f627385651790ed0bbd
7a06ac744a748ce4c315c798614d6d0068596cc4
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:30 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:37:05 GMT
Accept-Ranges: bytes
Content-Length: 1685
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:30 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/css
aureumcs.ca/wp-includes/css/dist/block-library/style.min.css?ver=5.1.15
67.43.226.109200 OK 25 kB URL HTTP/1.1 aureumcs.ca/wp-includes/css/dist/block-library/style.min.css?ver=5.1.15
IP 67.43.226.109:0
File type ASCII text, with very long lines (25245), with no line terminators
Hash d0b8525a9eff4173fd149a06f341e531
35013c4712d463aa5020f33d3234c4e90f700515
94f80c87390a84a3761860b1ce0764da77bb81d6f11cb3d059339148589aaf5c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:30 GMT
Server: Apache
Last-Modified: Sat, 23 Oct 2021 23:20:58 GMT
Accept-Ranges: bytes
Content-Length: 25245
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:30 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/css
aureumcs.ca/wp-content/themes/handel/style.css?ver=5.1.15
67.43.226.109200 OK 144 kB URL HTTP/1.1 aureumcs.ca/wp-content/themes/handel/style.css?ver=5.1.15
IP 67.43.226.109:0
Size 144 kB (143594 bytes)
Hash d4703b730933bcddd2a2507f0bff4e0c
96cfd7bf548418e380bec4916b0f288edacc5ff1
ba83fdbf1159837a0cb4cc8b4c6705aa72108554a58748e059d01a78d0cd47b7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/handel/style.css?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:30 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:35:50 GMT
Accept-Ranges: bytes
Content-Length: 143594
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:30 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=498
Connection: Keep-Alive
Content-Type: text/css
aureumcs.ca/wp-content/themes/handel/css/swiper.min.css?ver=5.1.15
67.43.226.109200 OK 18 kB URL HTTP/1.1 aureumcs.ca/wp-content/themes/handel/css/swiper.min.css?ver=5.1.15
IP 67.43.226.109:0
File type ASCII text, with very long lines (17460)
Hash 6a2ba9efe9c7c37b7e8c5eaf0e4a5c22
22bf973b87b91171139ce0402184730e39d54877
0f1e91e1586503881cca1bc05182a1be22aa06677441c8585784fb9687e10bda
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/handel/css/swiper.min.css?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:35:50 GMT
Accept-Ranges: bytes
Content-Length: 17764
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=499
Connection: Keep-Alive
Content-Type: text/css
aureumcs.ca/wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=5.1.15
67.43.226.109200 OK 46 kB URL HTTP/1.1 aureumcs.ca/wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=5.1.15
IP 67.43.226.109:0
File type ASCII text, with very long lines (45507)
Hash 826c57385f3d35cfed5478ba7b1f5c03
20d2d431065fc6b38c1187eda564639527e2428e
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:30 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:36:51 GMT
Accept-Ranges: bytes
Content-Length: 45687
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:30 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/css
aureumcs.ca/wp-content/themes/handel/css/codeless-front-elements.css?ver=5.1.15
67.43.226.109200 OK 82 kB URL HTTP/1.1 aureumcs.ca/wp-content/themes/handel/css/codeless-front-elements.css?ver=5.1.15
IP 67.43.226.109:0
Hash de96a26bb607e3eb129ae6d74baec38e
f11584fd7d13a1d59db3e7a5f8ae0c10e8c4615b
5c61aa90fce23890d8e230703d307b17d8277439b5062f2fd79119589808670f
GET /wp-content/themes/handel/css/codeless-front-elements.css?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:35:50 GMT
Accept-Ranges: bytes
Content-Length: 81631
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=499
Connection: Keep-Alive
Content-Type: text/css
aureumcs.ca/wp-content/themes/handel/css/codeless-dynamic.css?ver=5.1.15
67.43.226.109200 OK 6 B URL HTTP/1.1 aureumcs.ca/wp-content/themes/handel/css/codeless-dynamic.css?ver=5.1.15
IP 67.43.226.109:0
File type ASCII text, with no line terminators
Hash aa676972bbd2b68e94ef8e91e81d20be
a4c0dac49e47ffe0dbcca7615f73b72ef6b71543
7c98040a541657584690ae2a1cc3b42a8b53b159cc60c5d3abbfecbaeac6c94a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/handel/css/codeless-dynamic.css?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:35:50 GMT
Accept-Ranges: bytes
Content-Length: 6
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=498
Connection: Keep-Alive
Content-Type: text/css
aureumcs.ca/wp-content/themes/handel/css/codeless-creative-search.css?ver=5.1.15
67.43.226.109200 OK 4.5 kB URL HTTP/1.1 aureumcs.ca/wp-content/themes/handel/css/codeless-creative-search.css?ver=5.1.15
IP 67.43.226.109:0
File type ASCII text, with CRLF line terminators
Hash 85f5e9ef4c035ea695fdeb4357351a30
bbc3fcdedb832060c70442d4d5fcde327b7cf52d
0cc81e1d024fef9511ebeb1a6e1633c92c0b6523dadc527df39b2fe85fca9dcf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/handel/css/codeless-creative-search.css?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:35:50 GMT
Accept-Ranges: bytes
Content-Length: 4464
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=497
Connection: Keep-Alive
Content-Type: text/css
aureumcs.ca/wp-includes/js/wp-emoji-release.min.js?ver=5.1.15
67.43.226.109200 OK 12 kB URL HTTP/1.1 aureumcs.ca/wp-includes/js/wp-emoji-release.min.js?ver=5.1.15
IP 67.43.226.109:0
File type ASCII text, with very long lines (9071)
Hash 33479c6b333bb34fd771bf50df1fefc3
4869e92709eee1d1a42a697a80879e303aea7572
d9160bf5ee2c9435a62c8b1d991b7f419417cab5d5a37eefcee79767a292b4b7
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 23 Oct 2021 23:20:58 GMT
Accept-Ranges: bytes
Content-Length: 11951
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=499
Connection: Keep-Alive
Content-Type: application/javascript
aureumcs.ca/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.css?ver=5.1.15
67.43.226.109200 OK 153 kB URL HTTP/1.1 aureumcs.ca/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.css?ver=5.1.15
IP 67.43.226.109:0
Size 153 kB (153002 bytes)
Hash e11463786c8ea49f581e7038bae629d7
c7f936a7ca6ec21c0e5c20a97b8c68ba53b931d6
3b3f795b38f3b068024a17fc98ddcc74fabc638f703aedce293533788bf6f29d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.css?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:30 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:36:51 GMT
Accept-Ranges: bytes
Content-Length: 153002
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:30 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/css
aureumcs.ca/wp-content/plugins/download-manager/assets/css/front.css?ver=5.1.15
67.43.226.109200 OK 132 kB URL HTTP/1.1 aureumcs.ca/wp-content/plugins/download-manager/assets/css/front.css?ver=5.1.15
IP 67.43.226.109:0
File type ASCII text, with very long lines (482)
Size 132 kB (131800 bytes)
Hash 1821771b63fedd698f16a0821c7a64ae
0d8c8ab8c11cda5b529663e753727eb215b30956
1f6fce3336ed9b371f00e27a5fc65b848561abb53938a29d8d2456352e5360a5
GET /wp-content/plugins/download-manager/assets/css/front.css?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:30 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:36:51 GMT
Accept-Ranges: bytes
Content-Length: 131800
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:30 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2743
Expires: Fri, 02 Dec 2022 06:59:14 GMT
Date: Fri, 02 Dec 2022 06:13:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2743
Expires: Fri, 02 Dec 2022 06:59:14 GMT
Date: Fri, 02 Dec 2022 06:13:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2743
Expires: Fri, 02 Dec 2022 06:59:14 GMT
Date: Fri, 02 Dec 2022 06:13:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2743
Expires: Fri, 02 Dec 2022 06:59:14 GMT
Date: Fri, 02 Dec 2022 06:13:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V4Z3TZtTDMjnyxZx7VdJrKtZ-PbZkWnsQ0-1eFDem4TVyRGvk0dc7A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 30335
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cgj3fw3lpngosMNOK7cZUZO94T__4RTy_p7wa6rI62OOvhI5E9wMSw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:19:21 GMT
age: 82450
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:15:42 GMT
age: 82669
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c80b8025242ddfcc816ec612456b99e
aa944d10fe4a44b790b01ef62edc0f85a6d558e3
a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
content-type: image/jpeg
age: 30118
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
aureumcs.ca/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.0
67.43.226.109200 OK 9.3 kB URL HTTP/1.1 aureumcs.ca/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.0
IP 67.43.226.109:0
File type ASCII text, with very long lines (1022)
Hash e8e1926e604c239d9631d52d530b0df8
a9f05939eb5f0c00bb982d8dcfd91201f2547663
63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.0 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Fri, 08 Nov 2019 01:44:01 GMT
Accept-Ranges: bytes
Content-Length: 9298
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=497
Connection: Keep-Alive
Content-Type: application/javascript
aureumcs.ca/wp-content/plugins/tablepress/css/default.min.css?ver=1.9.2
67.43.226.109200 OK 5.9 kB URL HTTP/1.1 aureumcs.ca/wp-content/plugins/tablepress/css/default.min.css?ver=1.9.2
IP 67.43.226.109:0
File type ASCII text, with very long lines (5871), with no line terminators
Hash 17a42baaae8926c5f8df316b9a3db617
4cd76dc34f8e2f31952b99db1b3b29f404d2996c
760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/tablepress/css/default.min.css?ver=1.9.2 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:36:45 GMT
Accept-Ranges: bytes
Content-Length: 5871
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=498
Connection: Keep-Alive
Content-Type: text/css
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 31124
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd8ad22c2eb1eb91c76970fa449f1bc4
0de97f3a4964038222bd751e043e413113e6db9d
668f805815aede3bc04f8564bd6aefd56029362bb0aa8a794673eb78ab2d4643
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4834
x-amzn-requestid: 63a0b8b5-5cb3-4a1f-aa46-47c84abe726f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQrjEeAIAMF3sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7e3-0032799009f893ba79f314db;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bBj-TXtavCuORZ9qBoZeVj-GXeRljAeW-98HY7lTk5_VRSKF4_07VQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 04:22:38 GMT
age: 6653
etag: "0de97f3a4964038222bd751e043e413113e6db9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
aureumcs.ca/wp-includes/js/jquery/jquery.js?ver=1.12.4
67.43.226.109200 OK 97 kB URL HTTP/1.1 aureumcs.ca/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 67.43.226.109:0
File type ASCII text, with very long lines (31997)
Hash 49edccea2e7ba985cadc9ba0531cbed1
f8747f8ee704d9af31d0950015e01d3f9635b070
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Thu, 05 Sep 2019 01:45:59 GMT
Accept-Ranges: bytes
Content-Length: 96873
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=496
Connection: Keep-Alive
Content-Type: application/javascript
aureumcs.ca/wp-content/plugins/download-manager/assets/js/front.js?ver=5.1.15
67.43.226.109200 OK 21 kB URL HTTP/1.1 aureumcs.ca/wp-content/plugins/download-manager/assets/js/front.js?ver=5.1.15
IP 67.43.226.109:0
File type ASCII text, with very long lines (4123)
Hash ce5203aec0477660cbe50cf1453d89f4
f3b6a52519b06dd68961ea42546d556a6ac1ea80
022da7a1344c50af056e93f9ee1fd3bf99fabe6bdef2cc77620970e27ecc524d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/download-manager/assets/js/front.js?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:36:51 GMT
Accept-Ranges: bytes
Content-Length: 21137
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=499
Connection: Keep-Alive
Content-Type: application/javascript
aureumcs.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
67.43.226.109200 OK 10 kB URL HTTP/1.1 aureumcs.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 67.43.226.109:0
File type ASCII text, with very long lines (9959)
Hash 7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Wed, 30 Jan 2019 15:57:24 GMT
Accept-Ranges: bytes
Content-Length: 10056
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=498
Connection: Keep-Alive
Content-Type: application/javascript
aureumcs.ca/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=5.1.15
67.43.226.109200 OK 36 kB URL HTTP/1.1 aureumcs.ca/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=5.1.15
IP 67.43.226.109:0
File type ASCII text, with very long lines (32025)
Hash 4422b5e224030e6b1ba4a00b83ec492c
90ee6c4e2fbaa8b1bf7c692c7a5f805221209904
4b9329f540f2a0a583e6b0dff71f0f68d819ca3920c752fdb4e6bb1f88659cab
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:36:51 GMT
Accept-Ranges: bytes
Content-Length: 35955
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=499
Connection: Keep-Alive
Content-Type: application/javascript
aureumcs.ca/wp-includes/js/imagesloaded.min.js?ver=3.2.0
67.43.226.109200 OK 8.1 kB URL HTTP/1.1 aureumcs.ca/wp-includes/js/imagesloaded.min.js?ver=3.2.0
IP 67.43.226.109:0
File type ASCII text, with very long lines (7996)
Hash 7e97ab52c3df75e9053002bb59f2cdd5
502edaa98677c743246149deb3a76f5ff65272dd
11e15f1d64a63cb498d0d42720a688ed15bf78393d8c460d695a110244c066e3
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=3.2.0 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 16 Mar 2019 20:12:36 GMT
Accept-Ranges: bytes
Content-Length: 8113
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=497
Connection: Keep-Alive
Content-Type: application/javascript
aureumcs.ca/wp-content/themes/handel/js/codeless-main.js?ver=5.1.15
67.43.226.109200 OK 114 kB URL HTTP/1.1 aureumcs.ca/wp-content/themes/handel/js/codeless-main.js?ver=5.1.15
IP 67.43.226.109:0
File type ASCII text, with very long lines (2022)
Size 114 kB (114370 bytes)
Hash 4bbc2a00ea808016ec23fc4a64a61e7e
a279debc64fafa71ef78f466a7522876cf6ff08b
d5ffba28fe353e13f953e51c8e4ec6b7b54674df4d9a0f93004cbbbb7456fe88
GET /wp-content/themes/handel/js/codeless-main.js?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:35:50 GMT
Accept-Ranges: bytes
Content-Length: 114370
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=495
Connection: Keep-Alive
Content-Type: application/javascript
aureumcs.ca/wp-content/themes/handel/js/bowser.min.js?ver=5.1.15
67.43.226.109200 OK 6.8 kB URL HTTP/1.1 aureumcs.ca/wp-content/themes/handel/js/bowser.min.js?ver=5.1.15
IP 67.43.226.109:0
File type ASCII text, with very long lines (6679), with CRLF line terminators
Hash 47473f693375db5dfbc3a4f1315af97e
7b377000b7d6fa43ce2801c9b427aa0a9a4b960c
b4f4e3e207f5ff66b5afbdb9d7f2b10e6df5780445d3d718636b6149f0460e57
GET /wp-content/themes/handel/js/bowser.min.js?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:35:50 GMT
Accept-Ranges: bytes
Content-Length: 6794
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=498
Connection: Keep-Alive
Content-Type: application/javascript
aureumcs.ca/wp-content/plugins/codeless-builder/assets/js/cl-front-end.js?ver=5.1.15
67.43.226.109200 OK 8.5 kB URL HTTP/1.1 aureumcs.ca/wp-content/plugins/codeless-builder/assets/js/cl-front-end.js?ver=5.1.15
IP 67.43.226.109:0
Hash 923ea3daf2ef846b3b0df66f3812ef41
0b823474d4a6a5d0cebb05e91048fab46602c0e7
d1f43193e302f0ecb93d77f1dfa55d1ee1244ea0571a13d87acb5d13707802df
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/codeless-builder/assets/js/cl-front-end.js?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:36:12 GMT
Accept-Ranges: bytes
Content-Length: 8479
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=497
Connection: Keep-Alive
Content-Type: application/javascript
aureumcs.ca/wp-content/plugins/cf7-cost-calculator-price-calculation/frontend/js/cf7_calculator.js?ver=5.1.15
67.43.226.109200 OK 4.5 kB URL HTTP/1.1 aureumcs.ca/wp-content/plugins/cf7-cost-calculator-price-calculation/frontend/js/cf7_calculator.js?ver=5.1.15
IP 67.43.226.109:0
File type ASCII text, with CRLF line terminators
Hash 2713018f19de937971df23a639aa5dc4
e9b55b60f276bcb5def73b0c65a9515beacad04d
37c484f27a855e50d3d194dc1229f3998cb79ed51d2dfc20f5d1dd5bd3c2d421
GET /wp-content/plugins/cf7-cost-calculator-price-calculation/frontend/js/cf7_calculator.js?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:36:12 GMT
Accept-Ranges: bytes
Content-Length: 4528
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=498
Connection: Keep-Alive
Content-Type: application/javascript
aureumcs.ca/wp-content/plugins/download-manager/assets/js/chosen.jquery.min.js?ver=5.1.15
67.43.226.109200 OK 52 kB URL HTTP/1.1 aureumcs.ca/wp-content/plugins/download-manager/assets/js/chosen.jquery.min.js?ver=5.1.15
IP 67.43.226.109:0
Hash 4f0361640d5597fb84f0b07deabe3d56
d7b5fa9101e2edff3fa588ba35cfd4e3e47c8382
7373ca9ed2c272959213699ab6c34d53f342a2d01d996ebc543743312911a6dc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/download-manager/assets/js/chosen.jquery.min.js?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:36:51 GMT
Accept-Ranges: bytes
Content-Length: 52163
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=496
Connection: Keep-Alive
Content-Type: application/javascript
aureumcs.ca/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
67.43.226.109200 OK 14 kB URL HTTP/1.1 aureumcs.ca/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
IP 67.43.226.109:0
Hash 1534f06aa2b1b721a45372f8238e2461
86f7e7b926e1a88209d171b56dadbccc2c96f578
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:37:05 GMT
Accept-Ranges: bytes
Content-Length: 14440
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=496
Connection: Keep-Alive
Content-Type: application/javascript
aureumcs.ca/wp-includes/js/jquery/jquery.form.min.js?ver=4.2.1
67.43.226.109200 OK 16 kB URL HTTP/1.1 aureumcs.ca/wp-includes/js/jquery/jquery.form.min.js?ver=4.2.1
IP 67.43.226.109:0
File type ASCII text, with very long lines (16015), with no line terminators
Hash dc8902056c06aec88cebcc2ab9ee44f3
023a840ffef1fa94acfdac6ef39fef89937a0420
984cf02a8dfc0e5f7d51a73b1b768a82b005bf389183b6d038022fc2ddd1f06c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.form.min.js?ver=4.2.1 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 23 Oct 2021 23:20:58 GMT
Accept-Ranges: bytes
Content-Length: 16015
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=494
Connection: Keep-Alive
Content-Type: application/javascript
aureumcs.ca/wp-includes/js/wp-embed.min.js?ver=5.1.15
67.43.226.109200 OK 1.4 kB URL HTTP/1.1 aureumcs.ca/wp-includes/js/wp-embed.min.js?ver=5.1.15
IP 67.43.226.109:0
File type ASCII text, with very long lines (1391), with no line terminators
Hash 570ae0f3c201604926ea599d3d1f6c04
2c29243a73660964d4712b969d2a15e27777bc14
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=5.1.15 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 23 Oct 2021 23:20:58 GMT
Accept-Ranges: bytes
Content-Length: 1391
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=497
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 6b654793d10152396cde60ce7cb6ebc3
f41045eb5e2a0fb00b28591f01939c2358a4e026
5e66f5788d425befd4a47b30891528a24754152283292773cab716e2811e5a9a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5619
Cache-Control: max-age=141661
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:31 GMT
Etag: "638907f5-118"
Expires: Sat, 03 Dec 2022 21:34:32 GMT
Last-Modified: Thu, 01 Dec 2022 20:00:53 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7f2841772407c307432e3f5ddef9a7ef
d00f0cce62159348908c0c9ed0c8f3a87dc45243
a13053c32f86baab51932d019ef13956aabcb68a092f5d62ab30dcd1fb1eebd8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5413
Cache-Control: max-age=165965
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:31 GMT
Etag: "638967b3-118"
Expires: Sun, 04 Dec 2022 04:19:36 GMT
Last-Modified: Fri, 02 Dec 2022 02:49:23 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 6d15b7a8e1fe3c0bb4c2a72ecce789fe
70e388800fb7c45b39aa4d35fdb2b2b471e869e9
cf1f71974f520a7eb182437dbcc55af4261b0e34464fe23a4aa00bf14a92a640
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3596
Cache-Control: max-age=91428
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:31 GMT
Etag: "63884ba3-118"
Expires: Sat, 03 Dec 2022 07:37:19 GMT
Last-Modified: Thu, 01 Dec 2022 06:37:23 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280
aureumcs.ca/wp-content/uploads/2019/04/AureumLogo_transparent.png
67.43.226.109200 OK 4.6 kB URL HTTP/1.1 aureumcs.ca/wp-content/uploads/2019/04/AureumLogo_transparent.png
IP 67.43.226.109:0
File type PNG image data, 289 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash b40e4e5a9ff69bca88b66b59d37c87d9
4a847f1b97462a8f759ab063051faa8c056608c0
372d5198d72a5153ed6cc7d082f9d54fa8463e508e4baa478419a7dcc58390fc
GET /wp-content/uploads/2019/04/AureumLogo_transparent.png HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 03:17:05 GMT
Accept-Ranges: bytes
Content-Length: 4647
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=497
Connection: Keep-Alive
Content-Type: image/png
aureumcs.ca/wp-content/uploads/2019/04/AureumLogo_white_transparent_highres-1024x354.png
67.43.226.109200 OK 34 kB URL HTTP/1.1 aureumcs.ca/wp-content/uploads/2019/04/AureumLogo_white_transparent_highres-1024x354.png
IP 67.43.226.109:0
File type PNG image data, 1024 x 354, 8-bit/color RGBA, non-interlaced\012- data
Hash de3c8f4aa10dbd662060966b667333ac
fb3527897802a9fd6f0ef546434dbf9b577cb4f3
8ffc21f6c8fecf674d027b5825acfd91ef018f82317136fdc0f18bfaeea5ed19
GET /wp-content/uploads/2019/04/AureumLogo_white_transparent_highres-1024x354.png HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 03:17:27 GMT
Accept-Ranges: bytes
Content-Length: 34100
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=496
Connection: Keep-Alive
Content-Type: image/png
aureumcs.ca/wp-content/uploads/2022/11/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4k-3.woff
67.43.226.109200 OK 71 kB URL HTTP/1.1 aureumcs.ca/wp-content/uploads/2022/11/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4k-3.woff
IP 67.43.226.109:0
File type Web Open Font Format, TrueType, length 70856, version 1.1\012- data
Hash 3fd233b6831dfcb1d57b957d521e7cb6
c2ee85b43984d41ce7d8ef14f23a78123065989e
17d899f5cfdbf624b2a124d0b2b8404e331424ece648c5c5c0e7b3d03ccc6a40
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/11/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4k-3.woff HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sun, 27 Nov 2022 22:39:45 GMT
Accept-Ranges: bytes
Content-Length: 70856
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=495
Connection: Keep-Alive
Content-Type: font/woff
aureumcs.ca/wp-content/uploads/2022/11/CSR94z5ZnPydRjlCCwlKa8cp-3.woff
67.43.226.109200 OK 21 kB URL HTTP/1.1 aureumcs.ca/wp-content/uploads/2022/11/CSR94z5ZnPydRjlCCwlKa8cp-3.woff
IP 67.43.226.109:0
File type Web Open Font Format, TrueType, length 20672, version 1.1\012- data
Hash 462cf77b99b330b7a1b9a669e89be731
d91bbf440121d7b96887d608e92c1ec4c89564a6
0884fa46ed94d6f238e3cdb8feb360f978d92b86387387472964e0c642a136dd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/11/CSR94z5ZnPydRjlCCwlKa8cp-3.woff HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sun, 27 Nov 2022 22:39:46 GMT
Accept-Ranges: bytes
Content-Length: 20672
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=495
Connection: Keep-Alive
Content-Type: font/woff
aureumcs.ca/wp-content/uploads/2022/11/CSR44z5ZnPydRjlCCwlC0OI6T_N9-3.woff
67.43.226.109200 OK 21 kB URL HTTP/1.1 aureumcs.ca/wp-content/uploads/2022/11/CSR44z5ZnPydRjlCCwlC0OI6T_N9-3.woff
IP 67.43.226.109:0
File type Web Open Font Format, TrueType, length 20732, version 1.1\012- data
Hash c0b21742e1b0efa93266ced710639aa5
8354a178d57b0fc7f21710149010d1ae30c48805
22ba371570aa30fa5d3ef55d70094bf91d6da10499a2253030ad0e604b4fdf21
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/11/CSR44z5ZnPydRjlCCwlC0OI6T_N9-3.woff HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sun, 27 Nov 2022 22:39:46 GMT
Accept-Ranges: bytes
Content-Length: 20732
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=493
Connection: Keep-Alive
Content-Type: font/woff
js.usemessages.com/conversations-embed.js
104.17.236.204200 OK 21 kB URL HTTP/2 js.usemessages.com/conversations-embed.js
IP 104.17.236.204:0
File type C source, ASCII text, with very long lines (65536), with no line terminators
Hash 95bbd59d856e51b2cb55b24afb1c6380
16710986060c89ded3d131ea54239929624bed3d
5781a3dd5716086303b73bf835ea2341a95c136fd6f6feaa5d7af39ab9e9517a
GET /conversations-embed.js HTTP/1.1
Host: js.usemessages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:31 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Mon, 28 Nov 2022 03:14:29 UTC
etag: W/"3627b1239c7c8f4b3768aac997a7abb5"
x-amz-server-side-encryption: AES256
x-amz-version-id: UwE6V3Lvp8vTfgqAGz4rAs3SLzfhB.nt
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fb1dc2e3bf4105b403e3bfa3a5067970.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: Ccy3dXIFr-km4t75Sdt7g0Dw1BfL0gOnQK7NfpPxTeQd6qx85Prswg==
cache-control: max-age=600
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.11431/bundles/project.js&cfRay=77141c9e7e0d0a2b-IAD
x-hs-target-asset: conversations-embed/static-1.11431/bundles/project.js
x-hs-cache-status: HIT
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 540
server: cloudflare
cf-ray: 7731eac94e66b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 462bd1920adf582c53b62bf5bd15cbfd
e8524bd822d024906c927f22f9f6ff64e53c3c73
f0fc888f0c5048a613cb857ef8c052ac93e6505ee10010e436acee86a12e5a6c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6094
Cache-Control: max-age=134246
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:31 GMT
Etag: "6388e923-117"
Expires: Sat, 03 Dec 2022 19:30:57 GMT
Last-Modified: Thu, 01 Dec 2022 17:49:23 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
aureumcs.ca/wp-content/uploads/2022/11/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w9-3.woff
67.43.226.109200 OK 51 kB URL HTTP/1.1 aureumcs.ca/wp-content/uploads/2022/11/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w9-3.woff
IP 67.43.226.109:0
File type Web Open Font Format, TrueType, length 51152, version 1.1\012- data
Hash 8c11c1bdfbe79ab8d354bc9295f617bc
35444d06cf1af13da73bf42566397b3ce67bbe6d
46a8b2d46c50135f8627a9e0f0e9c64d8b943c42d819caac49db8d799c5df6a3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/11/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w9-3.woff HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sun, 27 Nov 2022 22:39:45 GMT
Accept-Ranges: bytes
Content-Length: 51152
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=496
Connection: Keep-Alive
Content-Type: font/woff
aureumcs.ca/wp-content/themes/handel/css/codeless-icons.css
67.43.226.109200 OK 52 kB URL HTTP/1.1 aureumcs.ca/wp-content/themes/handel/css/codeless-icons.css
IP 67.43.226.109:0
File type ASCII text, with very long lines (52336), with no line terminators
Hash 231ab1554eedd8fdcac5e616937ee32a
d8191923122cfb4f357600ead8f92f622005a91c
16ea247aa6bdf8dacb04b10daa9fa62b64ad871c36c5bede1b817b23df31822c
GET /wp-content/themes/handel/css/codeless-icons.css HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:35:50 GMT
Accept-Ranges: bytes
Content-Length: 52336
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=496
Connection: Keep-Alive
Content-Type: text/css
js.hsadspixel.net/fb.js
104.17.115.176200 OK 2.6 kB IP 104.17.115.176:0
File type ASCII text, with very long lines (5960)
Hash ae87d32e1dc6d21f430953429dc0d596
d9c7ba7790992303a1cc1858edc7b0c5364c55db
436488eb9fcf70c200e8c269903f6a322f0056ee2b48a3ff58fea80a065ea095
GET /fb.js HTTP/1.1
Host: js.hsadspixel.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:31 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 03:38:56 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: aoUPWE.Bu9NRjxDy7F1Soox3yNWe2Us6
etag: W/"c32a10854f4ff995fc7198ba0324bcc6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: smhvQzjcFZrUF_W80GOlXD1DdtGd0AC68U0HlvjmUpwB5gIHEEOtRA==
age: 33
cache-control: max-age=600
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.302/bundles/pixels-release.js&cfRay=76d6427b4847b506-IAD
x-hs-target-asset: adsscriptloaderstatic/static-1.302/bundles/pixels-release.js
x-hs-cache-status: HIT
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
cf-cache-status: HIT
server: cloudflare
cf-ray: 7731eac95dceb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 462bd1920adf582c53b62bf5bd15cbfd
e8524bd822d024906c927f22f9f6ff64e53c3c73
f0fc888f0c5048a613cb857ef8c052ac93e6505ee10010e436acee86a12e5a6c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6173
Cache-Control: max-age=134325
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:31 GMT
Etag: "6388e923-117"
Expires: Sat, 03 Dec 2022 19:32:16 GMT
Last-Modified: Thu, 01 Dec 2022 17:49:23 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
aureumcs.ca/wp-content/uploads/2022/11/CSR44z5ZnPydRjlCCwlCtOM6T_N9-3.woff
67.43.226.109200 OK 21 kB URL HTTP/1.1 aureumcs.ca/wp-content/uploads/2022/11/CSR44z5ZnPydRjlCCwlCtOM6T_N9-3.woff
IP 67.43.226.109:0
File type Web Open Font Format, TrueType, length 20772, version 1.1\012- data
Hash 9ebf868721246e4f8b8a519261160e55
49ae40df2cbfb773be773848ef514dd01f41208d
8fa1f0ee71a167429a7d4d82c24e274cf72aba123c5f7c6025ccfc3fc4025fd7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/11/CSR44z5ZnPydRjlCCwlCtOM6T_N9-3.woff HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:31 GMT
Server: Apache
Last-Modified: Sun, 27 Nov 2022 22:39:46 GMT
Accept-Ranges: bytes
Content-Length: 20772
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:31 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=492
Connection: Keep-Alive
Content-Type: font/woff
api.hubspot.com/livechat-public/v1/message/public?portalId=5921771&conversations-embed=static-1.11431&mobile=false&messagesUtk=d157961626d44d478778b1d231ac304b&traceId=d157961626d44d478778b1d231ac304b
104.19.154.83200 OK 1.4 kB URL HTTP/2 api.hubspot.com/livechat-public/v1/message/public?portalId=5921771&conversations-embed=static-1.11431&mobile=false&messagesUtk=d157961626d44d478778b1d231ac304b&traceId=d157961626d44d478778b1d231ac304b
IP 104.19.154.83:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (2890), with no line terminators
Hash 36d6150ceabf6915fb9f34a648f398dc
749c71424631ac5e14af263e985d8262b79be6e9
661872985a3d8e363a77af02a71836993d2fd6cf406340bcd9bea8e55446cd8a
GET /livechat-public/v1/message/public?portalId=5921771&conversations-embed=static-1.11431&mobile=false&messagesUtk=d157961626d44d478778b1d231ac304b&traceId=d157961626d44d478778b1d231ac304b HTTP/1.1
Host: api.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-HubSpot-Messages-Uri: https://aureumcs.ca/menu/inc/en-us
Origin: https://aureumcs.ca
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:32 GMT
content-type: application/json;charset=utf-8
content-length: 1419
cf-ray: 7731eaca7c7e0b61-OSL
access-control-allow-origin: https://aureumcs.ca
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-hubspot-correlation-id: 81a73a6c-b740-46dc-9303-9f9d4fb39746
x-trace: 2B84212FDCA6696192B6C9235B4A73A2FAAAFF35FD000000000000000000
set-cookie: __cf_bm=RYYgnlpzJDMWB6r_i0hOZkkA3OLrHiyVcV5FfGoLhi4-1669961612-0-AZ37wCN7mVDcsyuJHRARAAiHpL30gYyHKd3Id+9QoFNWygdtAECc+HKE7zg536sNHm3qvzOmTQfTmu9QPHyIPcs=; path=/; expires=Fri, 02-Dec-22 06:43:32 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TyHRqwAj2%2BlnhWjS1tVIiRpFhib0j%2F2nfFdSHs8aw9zLbz35ldD%2FtHEfR09hLo2ssxjSTGyRugvOknd9HDEVNkJrj33e00W%2BtcKqRCOs2DcNAqo0xvllXBrQ2CML%2BNy96w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
aureumcs.ca/wp-content/themes/handel/css/fonts/codeless-icons.woff2?79887187
67.43.226.109200 OK 210 kB URL HTTP/1.1 aureumcs.ca/wp-content/themes/handel/css/fonts/codeless-icons.woff2?79887187
IP 67.43.226.109:0
File type Web Open Font Format (Version 2), TrueType, length 210388, version 1.0\012- data
Size 210 kB (210388 bytes)
Hash 3651f87980e89fc3f4fc015f96656960
96c315b40c26620edcde93a3a88829763df75f59
b22dd58aa9edacedc22ac47c89a3a4c1f738a28aae3ba7ec53d57b67515db5c5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/handel/css/fonts/codeless-icons.woff2?79887187 HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://aureumcs.ca/wp-content/themes/handel/css/codeless-icons.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:32 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:35:50 GMT
Accept-Ranges: bytes
Content-Length: 210388
Cache-Control: max-age=10800
Expires: Fri, 02 Dec 2022 09:13:32 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=495
Connection: Keep-Alive
Content-Type: font/woff2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1f3b5bcb7768f7ea14c845d4b30fa6b8
be390ecd5837808378b4307ab89db94f197cc178
01f2126ecaafe9296efe33f09dcda3c744b1869afdbcf8b45b2466e3c2a6bdff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5618
Cache-Control: max-age=151759
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:32 GMT
Etag: "63892f69-118"
Expires: Sun, 04 Dec 2022 00:22:51 GMT
Last-Modified: Thu, 01 Dec 2022 22:49:13 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5febcc63cc2c08b873bfee87cfbb205c
1b2605b40679d4390314f4d0f53729a4fd7f8b10
ce0901d88672218e15e196bc5f95cabc757633de0cb86ad894a05f87e05987c1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6094
Cache-Control: max-age=143591
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:32 GMT
Etag: "63890da5-117"
Expires: Sat, 03 Dec 2022 22:06:43 GMT
Last-Modified: Thu, 01 Dec 2022 20:25:09 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5febcc63cc2c08b873bfee87cfbb205c
1b2605b40679d4390314f4d0f53729a4fd7f8b10
ce0901d88672218e15e196bc5f95cabc757633de0cb86ad894a05f87e05987c1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5545
Cache-Control: max-age=143042
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:32 GMT
Etag: "63890da5-117"
Expires: Sat, 03 Dec 2022 21:57:34 GMT
Last-Modified: Thu, 01 Dec 2022 20:25:09 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 02 Dec 2022 04:41:08 GMT
expires: Fri, 02 Dec 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 5544
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aureumcs.ca/wp-content/uploads/2019/04/favicon.png
67.43.226.109200 OK 13 kB URL HTTP/1.1 aureumcs.ca/wp-content/uploads/2019/04/favicon.png
IP 67.43.226.109:0
File type PNG image data, 196 x 196, 8-bit/color RGBA, non-interlaced\012- data
Hash 607f987240d3f2801254e91275c7f8db
2fd4dc35489b6f5825d94983e6b2190cfb812313
8c480dbb68a05e5e1f6bd46e0f1264a236ddf920e13cb6e494faa7523285fdb4
GET /wp-content/uploads/2019/04/favicon.png HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:32 GMT
Server: Apache
Last-Modified: Sun, 28 Apr 2019 01:02:30 GMT
Accept-Ranges: bytes
Content-Length: 13150
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:32 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=494
Connection: Keep-Alive
Content-Type: image/png
aureumcs.ca/wp-content/uploads/2019/04/favicon-150x150.png
67.43.226.109200 OK 8.8 kB URL HTTP/1.1 aureumcs.ca/wp-content/uploads/2019/04/favicon-150x150.png
IP 67.43.226.109:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 21b9bb6cc990a36a4cc612468352d56e
d00c28f84ae2b40c5421c963bd160b65b1b5e2aa
d286040acdb9e8019fb3459c5318eadd5f23ffef301c5b311d19296ef80f7c53
GET /wp-content/uploads/2019/04/favicon-150x150.png HTTP/1.1
Host: aureumcs.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/menu/inc/en-us
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:32 GMT
Server: Apache
Last-Modified: Sun, 28 Apr 2019 01:02:31 GMT
Accept-Ranges: bytes
Content-Length: 8763
Cache-Control: max-age=21600
Expires: Fri, 02 Dec 2022 12:13:32 GMT
X-Endurance-Cache-Level: 2
Keep-Alive: timeout=5, max=491
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7ddd5b339c17335fcc77b8e2b5a51538
b00cf5425274d30765aa7bd245b0e43c0cc326a0
1b44e08e02d38c6f9f1cc30370beb3f46a2711fe57c3b435d611363d70fbabae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6268
Cache-Control: max-age=131852
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:32 GMT
Etag: "6388df1c-117"
Expires: Sat, 03 Dec 2022 18:51:04 GMT
Last-Modified: Thu, 01 Dec 2022 17:06:36 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-142598049-1&cid=2060274083.1669961611&jid=283114704&gjid=1385980352&_gid=1152790238.1669961611&_u=YGBAgUABCAAAAEAAI~&z=1773224716
64.233.164.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-142598049-1&cid=2060274083.1669961611&jid=283114704&gjid=1385980352&_gid=1152790238.1669961611&_u=YGBAgUABCAAAAEAAI~&z=1773224716
IP 64.233.164.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-142598049-1&cid=2060274083.1669961611&jid=283114704&gjid=1385980352&_gid=1152790238.1669961611&_u=YGBAgUABCAAAAEAAI~&z=1773224716 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://aureumcs.ca
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://aureumcs.ca
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 02 Dec 2022 06:13:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7ddd5b339c17335fcc77b8e2b5a51538
b00cf5425274d30765aa7bd245b0e43c0cc326a0
1b44e08e02d38c6f9f1cc30370beb3f46a2711fe57c3b435d611363d70fbabae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6268
Cache-Control: max-age=131852
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:32 GMT
Etag: "6388df1c-117"
Expires: Sat, 03 Dec 2022 18:51:04 GMT
Last-Modified: Thu, 01 Dec 2022 17:06:36 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
js-agent.newrelic.com/nr-spa-1216.min.js
151.101.66.137200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.hubspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 06:13:32 GMT
via: 1.1 varnish
x-served-by: cache-bma1631-BMA
x-cache: HIT
x-cache-hits: 873
x-timer: S1669961613.614845,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d678930a3ffb73b22a3baad2fa2690cf
e836f3e1afe6f80b127b0b5c0e568f7bd259edb5
ea28784ef2cd6dfe7b41c89c359ec6d50ea053abb0b167509374bee44faeb256
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6262
Cache-Control: max-age=151320
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:13:32 GMT
Etag: "63892b2e-1d7"
Expires: Sun, 04 Dec 2022 00:15:32 GMT
Last-Modified: Thu, 01 Dec 2022 22:31:10 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
snap.licdn.com/li.lms-analytics/insight.min.js
95.101.11.57200 OK 4.6 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 95.101.11.57:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12961)
Hash c1a25b303b61b25e995516f5559bcdea
3c16a6fa3a2a6dc59d57a9ea1588c4f259884688
2063d2d1415ce9437e9331cb9a798714a5b2e106a65d6dc0ef0d426a5a4c30f2
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=16322
date: Fri, 02 Dec 2022 06:13:32 GMT
content-length: 4581
x-cdn: AKAM
X-Firefox-Spdy: h2
bam-cell.nr-data.net/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=593&ck=1&ref=https://app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b&be=301&fe=447&dc=410&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669961610445,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:8,%22rp%22:178,%22rpe%22:192,%22dl%22:182,%22di%22:409,%22ds%22:410,%22de%22:410,%22dc%22:446,%22l%22:446,%22le%22:448%7D,%22navigation%22:%7B%7D%7D&fcp=581&ja=%7B%22nrSnippetVersion%22:%221198%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22userAgentRaw%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0%22,%22supportsPromiseRejectionEvent%22:true,%22cpuCores%22:16,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:5921771,%22package%22:%22conversations-visitor-ui%22,%22packageVersion%22:%221.13883%22,%22template%22:%22visitor-index.html.tsx%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22isEmbeddedInProduct%22:%22false%22,%22reactRhumbVersion%22:%221.8417%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0,%22supportsUserTiming%22:true,%22supportsPerformanceTimeline%22:true,%22supportsHighResolutionTime%22:true%7D&jsonp=NREUM.setToken
162.247.241.2200 OK 72 B URL HTTP/1.1 bam-cell.nr-data.net/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=593&ck=1&ref=https://app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b&be=301&fe=447&dc=410&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669961610445,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:8,%22rp%22:178,%22rpe%22:192,%22dl%22:182,%22di%22:409,%22ds%22:410,%22de%22:410,%22dc%22:446,%22l%22:446,%22le%22:448%7D,%22navigation%22:%7B%7D%7D&fcp=581&ja=%7B%22nrSnippetVersion%22:%221198%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22userAgentRaw%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0%22,%22supportsPromiseRejectionEvent%22:true,%22cpuCores%22:16,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:5921771,%22package%22:%22conversations-visitor-ui%22,%22packageVersion%22:%221.13883%22,%22template%22:%22visitor-index.html.tsx%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22isEmbeddedInProduct%22:%22false%22,%22reactRhumbVersion%22:%221.8417%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0,%22supportsUserTiming%22:true,%22supportsPerformanceTimeline%22:true,%22supportsHighResolutionTime%22:true%7D&jsonp=NREUM.setToken
IP 162.247.241.2:0
File type ASCII text, with no line terminators
Hash 107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=593&ck=1&ref=https://app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b&be=301&fe=447&dc=410&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669961610445,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:8,%22rp%22:178,%22rpe%22:192,%22dl%22:182,%22di%22:409,%22ds%22:410,%22de%22:410,%22dc%22:446,%22l%22:446,%22le%22:448%7D,%22navigation%22:%7B%7D%7D&fcp=581&ja=%7B%22nrSnippetVersion%22:%221198%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22userAgentRaw%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0%22,%22supportsPromiseRejectionEvent%22:true,%22cpuCores%22:16,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:5921771,%22package%22:%22conversations-visitor-ui%22,%22packageVersion%22:%221.13883%22,%22template%22:%22visitor-index.html.tsx%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22isEmbeddedInProduct%22:%22false%22,%22reactRhumbVersion%22:%221.8417%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0,%22supportsUserTiming%22:true,%22supportsPerformanceTimeline%22:true,%22supportsHighResolutionTime%22:true%7D&jsonp=NREUM.setToken HTTP/1.1
Host: bam-cell.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.hubspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:32 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7731ead03ee50b06-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=4a154dbd1350fa10; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=835T0jovCr5ysS%2F%2FQcoXs4A4NLMTrNVmcFIzT%2BWUE89sWLXInoaxVqHMjAhE3FD926pRzeXuonOW83H2AWgI9H%2FIDrGNK6QVkVD%2Bb99B5hlO5YQyb9sABgZYy%2F%2BKdtwHFkZJoRkO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
cdn.linkedin.oribi.io/partner/1217346/domain/aureumcs.ca/token
54.230.111.78200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/1217346/domain/aureumcs.ca/token
IP 54.230.111.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /partner/1217346/domain/aureumcs.ca/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://aureumcs.ca/
Origin: https://aureumcs.ca
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Thu, 01 Dec 2022 17:34:32 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JTPS-9Km8UBegBL4iIg8Bc264n9GMTLRUBCuCopV6ATAZzk1VcC3Og==
age: 45541
X-Firefox-Spdy: h2
bam-cell.nr-data.net/ins/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=870&ck=1&ref=https://app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b
162.247.241.2204 No Content 0 B URL HTTP/1.1 bam-cell.nr-data.net/ins/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=870&ck=1&ref=https://app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b
IP 162.247.241.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ins/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=870&ck=1&ref=https://app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b HTTP/1.1
Host: bam-cell.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 2103
Origin: https://app.hubspot.com
Connection: keep-alive
Referer: https://app.hubspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 02 Dec 2022 06:13:33 GMT
Connection: keep-alive
CF-Ray: 7731ead13f420b06-OSL
Access-Control-Allow-Origin: https://app.hubspot.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjCKFETYD8uAaU3DF77uoE4z6q1%2FuZpAyeqdS41TWR2xCXuGwDOo8g5xbaHYDi%2FleeEpE4rRbkYfo%2FjN9gqx02YmNjTsHJn97gA58K%2FLSDbhV%2BZzJsw2ZhdRHGwQkrGBbkZ1i2Vs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
bam-cell.nr-data.net/events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=875&ck=1&ref=https://app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b
162.247.241.2200 OK 24 B URL HTTP/1.1 bam-cell.nr-data.net/events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=875&ck=1&ref=https://app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b
IP 162.247.241.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=875&ck=1&ref=https://app.hubspot.com/conversations-visitor/5921771/threads/utk/d157961626d44d478778b1d231ac304b HTTP/1.1
Host: bam-cell.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1034
Origin: https://app.hubspot.com
Connection: keep-alive
Referer: https://app.hubspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:13:33 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 7731ead15cffb4f1-OSL
Access-Control-Allow-Origin: https://app.hubspot.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDInW5P8xxTf%2FfcnqcQZ04yns1ubC7eBeI44t0VFjiWS%2FO4gQ79FQVcxaHl4VCFa57D%2Bx2cBVQMI23ygzjdpJARtQfwwhwkOB8oSnPojtQnBhZ3UQ96WLGJ6HMhIw6%2BcN6llCQVY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
px.ads.linkedin.com/collect?v=2&fmt=js&pid=1217346&time=1669961611206&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=1217346&time=1669961611206&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=1217346&time=1669961611206&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1217346%26time%3D1669961611206%26url%3Dhttps%253A%252F%252Faureumcs.ca%252Fmenu%252Finc%252Fen-us%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQJ6CUjVwI6xUQAAAYTRd_8givGoXmPF-gZh627rnmn_nyO7x2KQSvLHx2VYqJ-AlIPbrUQxVCRWaw; Max-Age=2592000; Expires=Sun, 01 Jan 2023 06:13:33 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQKt9GyfrPe0cAAAAYTRd_8g9r-29JmJl9DmttwT5tLny1_0ziWFLHhSEkALyxfS04_lMduToTuXVN-4jh17Bg; Max-Age=2592000; Expires=Sun, 01 Jan 2023 06:13:33 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&70fc07eb-bac4-4172-8471-f925fa4c7f00"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 02-Dec-2023 06:13:33 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2427:u=1:x=1:i=1669961613:t=1670048013:v=2:sig=AQHa1MTAnFYgnOzVadouGaxH_OcZYktG"; Expires=Sat, 03 Dec 2022 06:13:33 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXu0jy8eBWR3mE4yDbrbA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 6A5A0E858B6A4DF994645DD2DB23242A Ref B: OSL30EDGE0311 Ref C: 2022-12-02T06:13:33Z
date: Fri, 02 Dec 2022 06:13:32 GMT
content-length: 0
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1217346%26time%3D1669961611206%26url%3Dhttps%253A%252F%252Faureumcs.ca%252Fmenu%252Finc%252Fen-us%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1217346%26time%3D1669961611206%26url%3Dhttps%253A%252F%252Faureumcs.ca%252Fmenu%252Finc%252Fen-us%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1217346%26time%3D1669961611206%26url%3Dhttps%253A%252F%252Faureumcs.ca%252Fmenu%252Finc%252Fen-us%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aureumcs.ca/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1217346&time=1669961611206&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&19062639-fe7e-440a-8a55-61056e7693eb"; Domain=.linkedin.com; Expires=Sat, 02-Dec-2023 06:13:33 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20221202061333230441be-b17b-44bc-8498-e5a82c421d80AQFoOhhuop7rsH25LUIrKVDtUu_p9Rvl"; Domain=.www.linkedin.com; Expires=Sat, 02-Dec-2023 06:13:33 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2Njk5NjE2MTM7MjswMjFgy6vdIeyjO9P/uADjDREi/hmhN1x2DKN7rheMNypucA==; Domain=.linkedin.com; Expires=Wed, 31 May 2023 06:13:33 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2383:u=1:x=1:i=1669961613:t=1670048013:v=2:sig=AQGxPlu3f3hEwkztHlMbOj-CrUxkWTxK"; Expires=Sat, 03 Dec 2022 06:13:33 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com onyx.www.linkedin.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXu0jy/MBfy4Eh1BaWTPQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: FF1B62FB8EFD49D6BD83DD3C8FBD6420 Ref B: OSL30EDGE0311 Ref C: 2022-12-02T06:13:33Z
date: Fri, 02 Dec 2022 06:13:32 GMT
content-length: 0
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=1217346&time=1669961611206&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=1217346&time=1669961611206&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=1217346&time=1669961611206&url=https%3A%2F%2Faureumcs.ca%2Fmenu%2Finc%2Fen-us&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aureumcs.ca/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&040ef8b4-b2b8-47c2-8a72-fe43b354a28c"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 02-Dec-2023 06:13:33 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2427:u=1:x=1:i=1669961613:t=1670048013:v=2:sig=AQHa1MTAnFYgnOzVadouGaxH_OcZYktG"; Expires=Sat, 03 Dec 2022 06:13:33 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXu0jzCOL4OnxclLOTXeQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 52D43E8171A641F7A409FC176FEE30E6 Ref B: OSL30EDGE0311 Ref C: 2022-12-02T06:13:33Z
date: Fri, 02 Dec 2022 06:13:33 GMT
content-length: 0
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 58a28fc1cbcacdb07b3ca175281982b5
9bc47ee49fc070d0997e49a719bd9758685ad583
d3bfcf749c4652cb29f7c82a5d7ba940bd607f9060e49c1c40a112eb3e625bd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6564
x-amzn-requestid: e2875cf3-3915-43a5-a724-4de2ca03de56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepHOiIAMFTFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-5f7e2a3f609d54a609a12670;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mwGAEu-gPXY5Opwd972VbBA6l33dNk7bPFSyZmciaplQKj2ZuTkQSg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 30342
etag: "9bc47ee49fc070d0997e49a719bd9758685ad583"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
js.hs-scripts.com/5921771.js?integration=wordpress&ver=5.1.15
104.17.210.204200 OK 0 B URL HTTP/2 js.hs-scripts.com/5921771.js?integration=wordpress&ver=5.1.15
IP 104.17.210.204:0
GET /5921771.js?integration=wordpress&ver=5.1.15 HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:31 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B1FEAC321F8D50BA8C145AFC827B80A04A9535DAF000000000000000000
cache-control: public, max-age=60
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 9c8a7f06-2bbe-45ff-aee2-3f0a8b398072
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://aureumcs.ca
last-modified: Fri, 02 Dec 2022 02:59:29 GMT
cf-cache-status: EXPIRED
expires: Fri, 02 Dec 2022 06:14:31 GMT
server: cloudflare
cf-ray: 7731eac389e7b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.hs-analytics.net/analytics/1669961400000/5921771.js
104.17.70.176200 OK 0 B URL HTTP/2 js.hs-analytics.net/analytics/1669961400000/5921771.js
IP 104.17.70.176:0
GET /analytics/1669961400000/5921771.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:32 GMT
content-type: text/javascript
x-amz-id-2: l91WAskxdGMa7/dwWIdEkJY0rqs+2eT32KM8R7OHA1CSgIUjSbMLCuls8F6bxGp7Txkm6AqMG9w=
x-amz-request-id: 60FEQXF4RM11KEYZ
last-modified: Thu, 01 Dec 2022 14:19:45 GMT
etag: W/"6e24e4be7b6b242ecfb3075fc1b70069"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
vary: origin, Accept-Encoding
expires: Fri, 02 Dec 2022 06:18:32 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 7731eacceaaa0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
js-na1.hs-scripts.com/5921771.js
104.17.210.204200 OK 0 B URL HTTP/2 js-na1.hs-scripts.com/5921771.js
IP 104.17.210.204:0
GET /5921771.js HTTP/1.1
Host: js-na1.hs-scripts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:33 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B385CECA4F1312F7C510DF4A34CA93E3C3E07F0BD000000000000000000
cache-control: public, max-age=30
vary: origin, Accept-Encoding
x-hubspot-correlation-id: e4b3f640-891f-478c-8c81-4308b35e36f0
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://aureumcs.ca
last-modified: Fri, 02 Dec 2022 02:59:33 GMT
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 7731eacf9b1cb4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/1217346/domain/aureumcs.ca/token
54.230.111.78200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/1217346/domain/aureumcs.ca/token
IP 54.230.111.78:0
GET /partner/1217346/domain/aureumcs.ca/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://aureumcs.ca
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Fri, 02 Dec 2022 05:31:15 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hsJfwWZK7sze_P23q2kYhdlt635vbVlfrM1iGKbSDXZg6ElLjxLg3A==
age: 2538
X-Firefox-Spdy: h2
static.hsappstatic.net/conversations-visitor-ui/static-1.13423/sass/visitor.css
104.17.9.210200 OK 0 B URL HTTP/2 static.hsappstatic.net/conversations-visitor-ui/static-1.13423/sass/visitor.css
IP 104.17.9.210:0
GET /conversations-visitor-ui/static-1.13423/sass/visitor.css HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.hubspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:32 GMT
content-type: text/css
x-amz-replication-status: COMPLETED
last-modified: Tue, 11 Oct 2022 21:17:02 GMT
etag: W/"c57c59b19d20eb0d9c642bee666f5dc3"
x-amz-server-side-encryption: AES256
x-amz-version-id: urNCaUDe5_HA94fS9Bt7NjD5nB3OIUV8
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p9zRajP0RxCOkQb5QeJUkAQ33fKG2m2HTXXJSkWGrRP8ISzWIvT5lg==
cf-cache-status: HIT
age: 1952660
expires: Sat, 02 Dec 2023 06:13:32 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnrxQzxOs9p23T%2FBafkciZ6nK7KocK2XzlIKr2mZw9IwxeYSsqSTAn1ruFcQS4fSy4KIV7vPBPtUHYMhTvWPdtJ1fkhgje3EbKkfhFK3t0yvk8FxgjFVNTideL%2Ft1EralXU8kEWAC68%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7731eacd2e811c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.hsappstatic.net/conversations-visitor-ui/static-1.13861/i18n-data-data-locales-en-us.js
104.17.9.210200 OK 0 B URL HTTP/2 static.hsappstatic.net/conversations-visitor-ui/static-1.13861/i18n-data-data-locales-en-us.js
IP 104.17.9.210:0
GET /conversations-visitor-ui/static-1.13861/i18n-data-data-locales-en-us.js HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.hubspot.com
Connection: keep-alive
Referer: https://app.hubspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:32 GMT
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET
access-control-max-age: 3000
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Tue, 22 Nov 2022 16:53:39 GMT
etag: W/"a1dec623914000bd4a908273f8980145"
x-amz-server-side-encryption: AES256
x-amz-version-id: N1YNpHsPesqdzMzbM3L1yATKJIWFsXmQ
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 d42e11d52edd8bb7c6c82444d8414824.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: D9ketAJd2yxQ0UIM_x9FKrg93rcVrhzxQpfvIMl1zWtZ4V0HQm2v3w==
cf-cache-status: HIT
age: 313129
expires: Sat, 02 Dec 2023 06:13:32 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SEKjsAWJhRf6nitpKTxXCOn14Rv%2FPHCn%2Bgw2OaO7%2Bn1K67tqF6jG29KYIWhcihwZu58LpgHHBCEHAx72fnYdk4a0kYLRmW6CoqdFx0IkUnoGd8fV1Fz1Cz3sLpSrEjQ74mPb%2FllX9Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7731eace5c4ab51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.hsappstatic.net/head-dlb/static-1.245/bundle.production.js
104.17.9.210200 OK 0 B URL HTTP/2 static.hsappstatic.net/head-dlb/static-1.245/bundle.production.js
IP 104.17.9.210:0
GET /head-dlb/static-1.245/bundle.production.js HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.hubspot.com
Connection: keep-alive
Referer: https://app.hubspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:32 GMT
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET
access-control-max-age: 3000
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Mon, 07 Nov 2022 16:12:00 GMT
etag: W/"d0d928e20b2bebe8d43d510597af50e3"
x-amz-server-side-encryption: AES256
x-amz-version-id: cXTDvGuwbPuMrVAW0W63IbeHNqDKyRYR
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: S4R_IdlMnmvqWOtzIw-ci7tFaeL0xuHQK1KLCodI6dVIrQAAnYes2w==
cf-cache-status: HIT
age: 2112635
expires: Sat, 02 Dec 2023 06:13:32 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8071MSi7Bp%2Bi%2BRRGWvpwUXhgBn1FAOza%2Butj9xFTue33wEAxZdqGkqMxqU5c9%2FHtKd%2Bsglhzq7UbQBpIw46GOYMJhcUpZGztTC8cUH7OIKKexsYiMjUk%2BR2I14oq6JVXiVw5p8aUWXY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7731eacd2b42b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=5921771
104.17.200.204200 OK 0 B URL HTTP/2 api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=5921771
IP 104.17.200.204:0
GET /hs-script-loader-public/v1/config/pixel/json?portalId=5921771 HTTP/1.1
Host: api.hubapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aureumcs.ca
Connection: keep-alive
Referer: https://aureumcs.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:32 GMT
content-type: application/json;charset=utf-8
cf-ray: 7731eace0a80b521-OSL
access-control-allow-origin: https://aureumcs.ca
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-max-age: 180
x-hubspot-correlation-id: 0d479022-088c-4f92-9b4f-7f5dd3f093dd
x-trace: 2B3C94BB2E35D77FDEE05CA65143886876C1423400000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v72AoZUfFCNcRB5igcHXPMQo5pcxTcEvRGu3wErN1gYtuUs%2FGuP8To7t79QBn6x1GOZOiFrPqfQGPmtMQ6UOsum4vp4l9Dy6bs61HhoukPOH9Ajq6IG4pjzFbuInd84y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.hsappstatic.net/hubspot-dlb/static-1.332/bundle.production.js
104.17.9.210200 OK 0 B URL HTTP/2 static.hsappstatic.net/hubspot-dlb/static-1.332/bundle.production.js
IP 104.17.9.210:0
GET /hubspot-dlb/static-1.332/bundle.production.js HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.hubspot.com
Connection: keep-alive
Referer: https://app.hubspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:32 GMT
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET
access-control-max-age: 3000
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Nov 2022 18:32:01 GMT
etag: W/"d9e371a943207738b889e588b0560980"
x-amz-server-side-encryption: AES256
x-amz-version-id: 5fbvyIgmgfc2EQptzTy6EeP9FKqExCxl
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 d3e98d8cca4d16199794e4f4191b942c.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P1
x-amz-cf-id: naSDQwZ9VJ4ROhVJChetMaHntgnK8_i3abTiF3wlqsaSUoObvUFWcg==
cf-cache-status: HIT
age: 1938182
expires: Sat, 02 Dec 2023 06:13:32 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2LF2wIIxotM3ZPfodxDH7KjLBOkE%2FZjn1zNHv5u5qoljm7zcUj5jLzzY3znAx4LyHiugFJEeTBajfZa47E%2FrKr2vQxAa9qQdYmx8ewUMUDXpm613Bb2t6LU9POWeCBxDoNPm3CIzRo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7731eacd2b44b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.hsappstatic.net/conversations-visitor-ui/static-1.13883/bundles/visitor.js
104.17.9.210200 OK 0 B URL HTTP/2 static.hsappstatic.net/conversations-visitor-ui/static-1.13883/bundles/visitor.js
IP 104.17.9.210:0
GET /conversations-visitor-ui/static-1.13883/bundles/visitor.js HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.hubspot.com
Connection: keep-alive
Referer: https://app.hubspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:13:32 GMT
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET
access-control-max-age: 3000
access-control-allow-credentials: true
x-amz-replication-status: COMPLETED
last-modified: Mon, 28 Nov 2022 14:47:44 GMT
etag: W/"b1140ae6da34d559f022466fda7d28d6"
x-amz-server-side-encryption: AES256
x-amz-version-id: 7ZfHprd_ObMXyNfnYPduQjpX3IqGPD5C
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 58899c559ea4c71daeb5333a74914042.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: s4kzo1i2gi1HQvtrMG6Tudlckrw2fnwWizqbCAXcJxLOoC29hhTgAA==
cf-cache-status: HIT
age: 313134
expires: Sat, 02 Dec 2023 06:13:32 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8JvrTt4L9Q2KLiJqHFNvhi7c6LQmktJiVI2Sc4yLO3Zk%2FGJ68btwvkfJ%2Fui6vFXzWwiWZ8HRSo8QGUO5fd2vTz5HjKUx94E4TR5CrZOxXl3DdLYUkppG1GS%2Fes9YbPHDQZsE8sYe%2FM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7731eacd2b46b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2