Report - cv-canadien.com/

Report Overview

Submitted URL
cv-canadien.com/
IP
66.29.146.52
ASN
#22612 NAMECHEAP-NET
Submitted
2023-02-01 22:39:02
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
74

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.89.217.163
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	52 kB	34.120.237.76
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	372 B	21 kB	142.250.74.110
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	605 B	591 B	64.233.162.154
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	1.3 kB	5.7 kB	142.250.74.35
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	385 B	45 kB	142.250.74.72
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	1.4 kB	50 kB	142.250.74.67
translate.googleapis.com	1005	2012-05-31T09:21:21Z	2023-03-13T08:44:18Z	415 B	4.5 kB	216.58.211.10
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	749 B	446 B	216.239.32.36
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	748 B	82 kB	142.250.74.138
translate.google.com	1156	2012-05-30T03:30:32Z	2023-03-13T05:10:57Z	409 B	104 kB	142.250.74.78
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	1.7 kB	4.4 kB	23.36.76.226
cv-canadien.com	unknown	2022-11-11T12:33:19Z	2023-02-01T11:10:40Z	26 kB	900 kB	66.29.146.52
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	340 B	963 B	104.18.32.68
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	4.1 kB	8.4 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-01	medium	cv-canadien.com/	Phishing
2023-02-01	medium	cv-canadien.com/	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/plugins/rate-my-post/public/css/fonts/ratemypost.ttf	Phishing
2023-02-01	medium	cv-canadien.com/wp-includes/css/dist/block-library/style.min.css?ver=81582bdb254a94e4464424087c6479a8	Phishing
2023-02-01	medium	cv-canadien.com/wp-includes/css/classic-themes.min.css?ver=1	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/plugins/rate-my-post/public/css/rate-my-post.css?ver=3.3.9	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.4.0	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/themes/colormag/style.css?ver=2.1.8	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.8	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.17.0	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/themes/colormag/inc/elementor/assets/css/elementor.min.css?ver=2.1.8	Phishing
2023-02-01	medium	cv-canadien.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	Phishing
2023-02-01	medium	cv-canadien.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	Phishing
2023-02-01	medium	cv-canadien.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0	Phishing
2023-02-01	medium	cv-canadien.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5	Phishing
2023-02-01	medium	cv-canadien.com/wp-includes/js/dist/url.min.js?ver=bb0ef862199bcae73aa7	Phishing
2023-02-01	medium	cv-canadien.com/wp-includes/js/dist/api-fetch.min.js?ver=bc0029ca2c943aec5311	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/plugins/rate-my-post/public/js/rate-my-post.js?ver=3.3.9	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/themes/colormag/js/sticky/jquery.sticky.min.js?ver=2.1.8	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/themes/colormag/js/news-ticker/jquery.newsTicker.min.js?ver=2.1.8	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/themes/colormag/js/navigation.min.js?ver=2.1.8	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.1.8	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.1.8	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/uploads/elementor/css/post-58.css?ver=1675097692	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.4.0	Phishing
2023-02-01	medium	cv-canadien.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	Phishing
2023-02-01	medium	cv-canadien.com/wp-includes/js/wp-emoji-release.min.js?ver=81582bdb254a94e4464424087c6479a8	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.10.2	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.10.2	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/themes/colormag/assets/fonts/OpenSans-VariableFont.woff	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/themes/colormag/assets/fonts/OpenSans-Bold.woff	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/themes/colormag/assets/fonts/OpenSans-Regular.woff	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/uploads/complianz/css/banner--optin.css?v=0	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/themes/colormag/assets/fonts/OpenSans-Light.woff	Phishing
2023-02-01	medium	cv-canadien.com/burst-statistics-endpoint.php	Phishing
2023-02-01	medium	cv-canadien.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (44)

	URL	Size	First Seen	Last Seen
	cv-canadien.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.10.2	41 kB	2023-03-13	2024-03-18
Pretty URL cv-canadien.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.10.2 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:25:03 Last Seen2024-03-18 17:02:15 Times Seen724 Hash 7c813774b3ad6027441856fc6aa0e867 bee52fdeac2d55e183daf5de01dec60791156000 156e939ef0d09344b0a460a84974b5e1795d8490caa2e6245ecbd79261aba1fe Loading...

	www.googletagmanager.com/gtag/js?id=G-15TD3EKJ7G&l=dataLayer&cx=c	185 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-15TD3EKJ7G&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:29:50 Last Seen2023-03-13 14:29:50 Times Seen1 Hash 13e71ea768c8a7d12efcb797cef0aebc 6f4bc71caec24648a38e5fc51d5a4f12c326e819 7fcb468adf83472c68b2e2147ca5a0f15aefe27b50d17f69c7d08ea23b7ca319 Loading...

	http:srcdoc	1.2 kB	2023-03-08	2023-04-22
Pretty URL http:srcdoc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:55 Last Seen2023-04-22 02:10:05 Times Seen1280 Hash 1bdd099873761648dd3aa8aad60e2ac3 713e5a99347bd73f3d9c359acd1c885430e22060 0624e7ce1ad63657924f8ca830c5a9a16c721b527ea1b98d2ef471d04348a07d Loading...

	cv-canadien.com/wp-includes/js/wp-emoji-release.min.js?ver=81582bdb254a94e4464424087c6479a8	19 kB	2023-03-07	2024-04-23
Pretty URL cv-canadien.com/wp-includes/js/wp-emoji-release.min.js?ver=81582bdb254a94e4464424087c6479a8 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-23 19:01:07 Times Seen38028 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	cv-canadien.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.10.2	36 kB	2023-03-13	2024-03-18
Pretty URL cv-canadien.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.10.2 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:25:03 Last Seen2024-03-18 17:02:15 Times Seen664 Hash 58a9a8193ae026a49a6ed8935ef6789f 1f2c47a70ee8bdad078143120ac7e8dbd3e45f3a 44eace33fa6e1a77c9a2155721e98d0285a5fe0bbf4b5cedb7d1b29b52b04ae4 Loading...

	cv-canadien.com/	304 B	2023-03-13	2023-03-13
Pretty URL cv-canadien.com/ IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:29:50 Last Seen2023-03-13 14:29:50 Times Seen1 Hash 9016a2976bbe6a2a903104bd4dabc3d2 989e8689fb3b0ce46bc865b6684e9a1c7c23f037 69624d37dcce00a4e1dd877fa12c4a9ded4baac88f3496270d02215250000252 Loading...

	cv-canadien.com/	300 B	2023-03-13	2023-03-13
Pretty URL cv-canadien.com/ IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:29:50 Last Seen2023-03-13 14:29:50 Times Seen1 Hash 911dd8d0e790849acfd4d91266bb42d1 a3ad69fc554c28bddeecda7ed998b1d3fbfccebf 8110508e11b82ceb76a4c35e125843b7374e79a5af152b2b831c436e310c13d7 Loading...

	cv-canadien.com/wp-content/plugins/burst-statistics/helpers/timeme/timeme.min.js?ver=1.3.3	6.4 kB	2023-03-07	2024-04-21
Pretty URL cv-canadien.com/wp-content/plugins/burst-statistics/helpers/timeme/timeme.min.js?ver=1.3.3 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:05 Last Seen2024-04-21 18:22:38 Times Seen1009 Hash 421e614656f7380a73fff0417c2c5c29 3d78737fe7c0436160cda8678e9fdcd84525417b 683c9b0530c613523f1b02a246d7bccaa9f68af46df061f4d9f72c178c01b874 Loading...

	cv-canadien.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-23
Pretty URL cv-canadien.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-23 20:07:10 Times Seen68568 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	cv-canadien.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	6.5 kB	2023-03-07	2024-04-23
Pretty URL cv-canadien.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-23 20:07:10 Times Seen15490 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	cv-canadien.com/wp-includes/js/dist/url.min.js?ver=bb0ef862199bcae73aa7	9.1 kB	2023-03-08	2024-02-24
Pretty URL cv-canadien.com/wp-includes/js/dist/url.min.js?ver=bb0ef862199bcae73aa7 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:29 Last Seen2024-02-24 11:36:51 Times Seen534 Hash 592b9c7153ec0d37ffb333c48c495942 8552783a593944f070d3509bdc0c9a3392df889a 3a5473b62e71d3164b95391e8342e6abe3215428bcaf828a72dc2f23fc540337 Loading...

	cv-canadien.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2	12 kB	2023-03-07	2024-04-23
Pretty URL cv-canadien.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-23 21:55:58 Times Seen52631 Hash 3819c3569da71daec283a75483735f7e ecd40a5cc6f0b76200c454ca880210dc301cfab8 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0 Loading...

	cv-canadien.com/	1.0 kB	2023-03-07	2024-03-28
Pretty URL cv-canadien.com/ IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25:40 Last Seen2024-03-28 20:06:02 Times Seen261 Hash 62a4d70875d26057492474afb0be1ad6 d4c15881cbf604ea06ca90f0fb69fbe5053f693a d98ebca6401a7e4e190fca820a3268ff35b9b4dfb08911d793cd07e7d082845e Loading...

	cv-canadien.com/wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.1.8	1.8 kB	2023-03-07	2024-03-24
Pretty URL cv-canadien.com/wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.1.8 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:35 Last Seen2024-03-24 15:29:31 Times Seen375 Hash 7db023435c6f3a6de71502760337a7c6 ba79e4445507d934e6be6905e67bd994a87f2332 8994924c0f3ab4474ee0a7c04417ad84933c4467cc9192fcb60b9774f15f5990 Loading...

	cv-canadien.com/	908 B	2023-03-13	2023-03-13
Pretty URL cv-canadien.com/ IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:29:50 Last Seen2023-03-13 14:29:50 Times Seen1 Hash 686e35f31dc130a05905d684b3626ad9 506238addd9f79028c89b8ee1913ea3fbf7d8600 1978d866fe7883e745cb6d6038f224bf06d50c58cf3e6c6def177fbd874f51b1 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	cv-canadien.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-23
Pretty URL cv-canadien.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-23 20:07:10 Times Seen31793 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	cv-canadien.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae	10 kB	2023-03-08	2024-04-23
Pretty URL cv-canadien.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:32 Last Seen2024-04-23 20:07:10 Times Seen25607 Hash 8cd696505481e74ffee89b4995f37379 ee9aad199ef2bc60a3460f4c52f37d22907b2ec9 01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874 Loading...

	cv-canadien.com/wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=2.1.8	24 kB	2023-03-07	2024-03-24
Pretty URL cv-canadien.com/wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=2.1.8 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:35 Last Seen2024-03-24 15:29:31 Times Seen422 Hash e41f2a4b95a648db78703b837706d18f ab706ee38566accffda0511b9144a0c7108d4deb 0157d11106d6b70289099fd1ce1f7bea3a9dfbb46cee3994edb07ce765bb92fc Loading...

	cv-canadien.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	21 kB	2023-03-08	2024-04-23
Pretty URL cv-canadien.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-23 20:07:07 Times Seen9801 Hash 034bd11ecaf6fb9240d905245e42e202 ff136c394ed95badfc0107fb98a890dcff642828 ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651 Loading...

	cv-canadien.com/wp-content/themes/colormag/js/navigation.min.js?ver=2.1.8	1.6 kB	2023-03-07	2024-03-24
Pretty URL cv-canadien.com/wp-content/themes/colormag/js/navigation.min.js?ver=2.1.8 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:35 Last Seen2024-03-24 15:29:31 Times Seen367 Hash 9bb51bfce5c3adf7131480f2dce72224 95199bf629fbf044d37388172525281697ac5952 5b84335d42b38d3122349f53b20dd6a5cb0f45d1e45e5683fd572bcdda8c04a2 Loading...

	cv-canadien.com/	2.0 kB	2023-03-13	2023-03-13
Pretty URL cv-canadien.com/ IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:29:50 Last Seen2023-03-13 14:29:50 Times Seen1 Hash b62fedbb01ecb1ef8c3fa6e54155f831 de547f3b9fc050d741540c7e63592cdc9459e2ad 6172d43d9b1c0967a37a85aa149fe00eea59bed82e8ee5cc19550ca9668914b5 Loading...

	cv-canadien.com/wp-content/plugins/burst-statistics/assets/js/build/burst.min.js?ver=1.3.3	6.4 kB	2023-03-13	2024-04-21
Pretty URL cv-canadien.com/wp-content/plugins/burst-statistics/assets/js/build/burst.min.js?ver=1.3.3 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:26:04 Last Seen2024-04-21 18:22:38 Times Seen360 Hash 4c3f3f5d10114e10819e4a58182cb34e ae06698f481e5c221441cd1aa6953dc072c52b65 0896749d7e0eb4b3b39171fb412d88bb2ac93612cf5141657ea7323cf99bbb6d Loading...

	cv-canadien.com/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.4.0	39 kB	2023-03-13	2024-04-03
Pretty URL cv-canadien.com/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.4.0 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:15:40 Last Seen2024-04-03 11:15:56 Times Seen88 Hash 0de3f744bf1ed7688134dd4959c85662 2c59e51bdc54ca9f545d4d27b1934efaff26b592 4b088de01655598d7049499be8785f0bea01e0091a178700e2e5e42f55666d35 Loading...

	cv-canadien.com/	1.0 kB	2023-03-13	2023-03-13
Pretty URL cv-canadien.com/ IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:29:50 Last Seen2023-03-13 14:29:50 Times Seen1 Hash 4bd917e4e8236ca1b80c5b12b537e0c0 8faa7f085ace8ca65c08afdcfa746a62f1146c5c 747dadf6b5bae9c9f120b37e543236f99bc26c552734ad0f8d3292bad04740c8 Loading...

	cv-canadien.com/wp-content/themes/colormag/js/news-ticker/jquery.newsTicker.min.js?ver=2.1.8	3.4 kB	2023-03-07	2024-03-18
Pretty URL cv-canadien.com/wp-content/themes/colormag/js/news-ticker/jquery.newsTicker.min.js?ver=2.1.8 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:36 Last Seen2024-03-18 19:42:54 Times Seen131 Hash 4578bbe2adf531cee4bec6a19c4b81c1 8d26f0b81f8a7a62e3e1ab143a96ad9668801450 830afbea215ec452ea905a7e4705cf3ea2bad82c2278f755791d85be2d5e2eb1 Loading...

	cv-canadien.com/wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.1.8	325 B	2023-03-07	2024-04-18
Pretty URL cv-canadien.com/wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.1.8 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:13 Last Seen2024-04-18 02:28:11 Times Seen1857 Hash 06f019a6ff09db6b297570940eec1d5d 872efe186950ce534aad341e7030fe24f7c672dc 53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536 Loading...

	cv-canadien.com/wp-content/themes/colormag/js/colormag-custom.min.js?ver=2.1.8	3.0 kB	2023-03-08	2024-02-25
Pretty URL cv-canadien.com/wp-content/themes/colormag/js/colormag-custom.min.js?ver=2.1.8 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:47:08 Last Seen2024-02-25 23:50:31 Times Seen232 Hash 5f8687f238134479052763db1c08af7e 40df2fb06dc772a9ea86a5e706f43c858efea3e5 aeef31c70dd1e009fba6965ac0510518bc1fc7c99323dc712b204e9dc74d747f Loading...

	translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2	80 kB	2023-03-13	2023-03-13
Pretty URL translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2 IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:29:50 Last Seen2023-03-13 14:29:50 Times Seen1 Hash 63142ff64cdaf43131d0016f7cf1cec1 d3f3fd2c08d1b94a8f77a7edc542c004fca0b1ca 7185ea916365bd6202d82a845b20b65cbae189c83248a8424a6e1b7483a014a5 Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.YyskdsiEoiw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrOC7xxlHSStBnZbZdqheUGpkxWzA/m=el_main	212 kB	2023-03-13	2023-11-20
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.YyskdsiEoiw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrOC7xxlHSStBnZbZdqheUGpkxWzA/m=el_main IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:49:31 Last Seen2023-11-20 19:22:46 Times Seen3 Hash 51c6544434ef8690aaad39058385a5aa bcf5889a5ead27646b433c97fdcc77d00bf8f1ff 3e6cd25df04ebc9b9101d7f131cc765c10a3f88dabc2487e1a06f48ce8a767b6 Loading...

	cv-canadien.com/wp-content/plugins/rate-my-post/public/js/rate-my-post.js?ver=3.3.9	24 kB	2023-03-07	2023-12-14
Pretty URL cv-canadien.com/wp-content/plugins/rate-my-post/public/js/rate-my-post.js?ver=3.3.9 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:20 Last Seen2023-12-14 10:02:48 Times Seen41 Hash 2021aa4268421c1d200e879e8f37572d 230cd8bf661b755b1f06c71c6be7585ec0d0fcd2 2248d914ed026123d24771f29b755d88e8da4026dbc22de4277aba8dff11fa67 Loading...

	cv-canadien.com/	375 B	2023-03-13	2023-03-13
Pretty URL cv-canadien.com/ IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:29:50 Last Seen2023-03-13 14:29:50 Times Seen1 Hash 601418c57966f3e12dd68ce10e31ac9d 32be5df6e6261dce47c6dddc719792aea639b26a 724ee53df134054defb8b6652c190d2316bd0a2b1468924ed9113bd4fd21090a Loading...

	cv-canadien.com/	1.7 kB	2023-03-07	2024-03-28
Pretty URL cv-canadien.com/ IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25:40 Last Seen2024-03-28 20:06:02 Times Seen249 Hash 73983cc4e7bc0018534ba903e45dae44 cf56a28ec326070f367de5acca8ca3c283b70856 a3f9b1aa57878b44f1bdaa56a48a4d4a64007d6761655214654fab9a99c90f90 Loading...

	cv-canadien.com/	592 B	2023-03-13	2023-03-13
Pretty URL cv-canadien.com/ IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:29:50 Last Seen2023-03-13 14:29:50 Times Seen1 Hash 7053a8426bf9a6619721b67f4403fccd c712220bcd4a1ddeadbb661f7d480b8bfe8b9be7 45363055449350a76be9049f15c6ff7bc1f922ca3c3111cadd9b5c7b83162546 Loading...

	translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback	17 kB	2023-03-07	2024-04-23
Pretty URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-23 20:52:06 Times Seen14143 Hash a3eefe14b1b4698460d992bd1673a26b a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4 87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067 Loading...

	cv-canadien.com/wp-includes/js/dist/api-fetch.min.js?ver=bc0029ca2c943aec5311	5.3 kB	2023-03-07	2024-04-21
Pretty URL cv-canadien.com/wp-includes/js/dist/api-fetch.min.js?ver=bc0029ca2c943aec5311 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:10 Last Seen2024-04-21 16:07:42 Times Seen2581 Hash a1a09ff7531304767f85729061aecf3a a088b7f0da099a17b0f26ddaff8edaf94dd2fe3f 0598e98bc97e5b9aeb32aa40cae407814d13a7333e055071107519d7b4fcb0d7 Loading...

	cv-canadien.com/wp-content/themes/colormag/js/sticky/jquery.sticky.min.js?ver=2.1.8	4.2 kB	2023-03-07	2024-03-24
Pretty URL cv-canadien.com/wp-content/themes/colormag/js/sticky/jquery.sticky.min.js?ver=2.1.8 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:53 Last Seen2024-03-24 15:29:31 Times Seen189 Hash c0c1278d7d95029ab72cd52243fd2be4 fc20db8cd50a6bd5076aae39905b553637e1b024 f9f94cc2cf984a2a8df89c1250c04396bc950e577b4143d5539ca88fb46de91b Loading...

	www.googletagmanager.com/gtag/js?id=UA-250011826-1	112 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=UA-250011826-1 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:29:50 Last Seen2023-03-13 14:29:50 Times Seen1 Hash db73613d5ec2a17523bfd8414d7fcad7 1584e1f366e488759d22fdfbc0fc4c2d790b72da eedd58a08f671e28bab6bab1163c6e1be7930d66ea279e0c95741b9689223621 Loading...

	cv-canadien.com/	2.2 kB	2023-03-13	2023-03-13
Pretty URL cv-canadien.com/ IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:29:50 Last Seen2023-03-13 14:29:50 Times Seen1 Hash 35ce79fcefb731c8090449988d8acc30 a0bc14e0d2b0608b9991a04c6657d4b6e6375587 2fe57006d99c9be2fcc8d0f2b19191f8c32e97313e7b88532bd4ea271acf3ea6 Loading...

	cv-canadien.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.10.2	5.0 kB	2023-03-13	2024-03-18
Pretty URL cv-canadien.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.10.2 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:25:03 Last Seen2024-03-18 17:02:15 Times Seen647 Hash c290200bd5d7b9e15b087618bf39172f 8de107a9b54e7835b8caaf439518a8a1ab48fa72 17aff4ecac7872511ee02b177dbb417d10170cff4f4f34c546838ecb3d93e2ac Loading...

	cv-canadien.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5	4.9 kB	2023-03-07	2024-04-23
Pretty URL cv-canadien.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-23 20:07:10 Times Seen24380 Hash b33ab4d5dcf02436276a717e9d1b7c18 f47b9a9c41b3b11c9dffabca22945727c3ec6566 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134 Loading...

	cv-canadien.com/	68 B	2023-03-07	2024-04-23
Pretty URL cv-canadien.com/ IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-23 21:10:41 Times Seen22439 Hash d30f13da1f424ee0383b76edc55881e1 7e348a5f57ab13eedbc4ed917cdeee5bb9f9bd46 cf01a621447e67a81629bc28276677c86c48fd72c44cba83a82448574aadfd60 Loading...

	cv-canadien.com/	398 B	2023-03-08	2024-03-28
Pretty URL cv-canadien.com/ IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:59:51 Last Seen2024-03-28 20:06:02 Times Seen12 Hash b56da0a17361349d6e3b318a60a3301f 759d9df300951af7678080817e344923d3d3fbd6 6feb82e05ff503e741bd62ad79988d0e3ba341010a0e320f0959210d4d77c59e Loading...

	cv-canadien.com/	1.6 kB	2023-03-07	2024-03-14
Pretty URL cv-canadien.com/ IP 66.29.146.52 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:05 Last Seen2024-03-14 11:01:06 Times Seen157 Hash 2ecac6b161cf12ee34bb408070b69f93 7f6a2f65812fabe770c88743237700513adda8e0 c518045f30a82a2095b9644c42dac220d916292eb9666325850b2e23eada5e68 Loading...

HTTP Transactions (99)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5549
Expires: Thu, 02 Feb 2023 00:11:20 GMT
Date: Wed, 01 Feb 2023 22:38:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3532
Expires: Wed, 01 Feb 2023 23:37:43 GMT
Date: Wed, 01 Feb 2023 22:38:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19256
Expires: Thu, 02 Feb 2023 03:59:47 GMT
Date: Wed, 01 Feb 2023 22:38:51 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 22:36:02 GMT
content-type: application/json
age: 169
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: gL8RAm9Dsn12Vvoxl6j4I6DZz4J3rtziKx6tliy1MJBfXhnOMYBx+C3EcZgTIZJ99Km4nvRNZGnKv/padB4DXw==
x-amz-request-id: CZPHVDBCJ2VBWHDB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 21:51:43 GMT
age: 2828
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

cv-canadien.com/

66.29.146.52

301 Moved Permanently

707 B

URL HTTP/1.1
cv-canadien.com/
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 01 Feb 2023 22:38:51 GMT
server: LiteSpeed
location: https://cv-canadien.com/
x-turbo-charged-by: LiteSpeed

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 22:38:51 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 21:49:05 GMT
age: 2987
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13981
Expires: Thu, 02 Feb 2023 02:31:53 GMT
Date: Wed, 01 Feb 2023 22:38:52 GMT
Connection: keep-alive

push.services.mozilla.com/

52.89.217.163

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.217.163:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 96ictqGzYwlMVLTH4ErQEA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OMZ27qiUiKhHYYeH8CQaBWrymvQ=

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
aeb0275c026a5569a04dfb5b25776bdc
ca7de881cc847706554c7ffb306443c3711df706
790e6adca3ebca19020b567d15d084f7651eed605c2eb28d9b30e18274f1be22

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 22:38:52 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 10:10:13 GMT
Expires: Wed, 08 Feb 2023 10:10:12 GMT
Etag: "ca7de881cc847706554c7ffb306443c3711df706"
Cache-Control: max-age=559279,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792e2e0768e70b4d-OSL

cv-canadien.com/

66.29.146.52

200 OK

28 kB

URL HTTP/2
cv-canadien.com/
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Size
28 kB (28203 bytes)
Hash
b7d736051560e84db919bf3b1d4bd6d0
ae145999f76341cb425832f600a251b3c72c2c16
cb7f275ceddc00587cd2b2f3682b3cd9692ade4896c79ac90a18b130e073317f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
link: <https://cv-canadien.com/wp-json/>; rel="https://api.w.org/", <https://cv-canadien.com/wp-json/wp/v2/pages/58>; rel="alternate"; type="application/json", <https://cv-canadien.com/>; rel=shortlink
etag: "1885-1675279956;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 28203
date: Wed, 01 Feb 2023 22:38:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:38:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:38:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-250011826-1

142.250.74.72

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-250011826-1
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
44 kB (43951 bytes)
Hash
e2eefa2d4fc5485cf5f23b0980f7b696
a628c27e005f32e791aec0132b08f37468c97967
c8138aa75fd4a2c2a016ae3d454fe2b08b43037288c858464409c155e5ec137b

HTTP Headers

GET /gtag/js?id=UA-250011826-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 Feb 2023 22:38:53 GMT
expires: Wed, 01 Feb 2023 22:38:53 GMT
cache-control: private, max-age=900
last-modified: Wed, 01 Feb 2023 22:06:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43951
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:38:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:38:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cv-canadien.com/wp-content/plugins/rate-my-post/public/css/fonts/ratemypost.ttf

66.29.146.52

200 OK

4.8 kB

URL HTTP/2
cv-canadien.com/wp-content/plugins/rate-my-post/public/css/fonts/ratemypost.ttf
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, ratemypost \012- data
Size
4.8 kB (4824 bytes)
Hash
5772d7b0d9851e23e062eafadaf7729f
c774ae6a5da5dd14342db3281735dc2812da1d3d
40d4cb30d26c1301383bc7445dd80bf4e3279374d2ff74c771aa4c3db182358f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/rate-my-post/public/css/fonts/ratemypost.ttf HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: font/ttf
last-modified: Mon, 26 Dec 2022 16:07:38 GMT
accept-ranges: bytes
content-length: 4824
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=81582bdb254a94e4464424087c6479a8

66.29.146.52

200 OK

237 B

URL HTTP/2
cv-canadien.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=81582bdb254a94e4464424087c6479a8
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
237 B (237 bytes)
Hash
83042c9c72bc38390b52906120f81c35
98a9789c05c0f981dca01d2c3622b5e458ba7589
a193b2efbe3e706cc8c633fff822f5a64eb0ee5f692c4a3495f3c7e58e8b7637

HTTP Headers

GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: text/css
last-modified: Thu, 24 Nov 2022 15:53:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 237
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-includes/css/dist/block-library/style.min.css?ver=81582bdb254a94e4464424087c6479a8

66.29.146.52

200 OK

12 kB

URL HTTP/2
cv-canadien.com/wp-includes/css/dist/block-library/style.min.css?ver=81582bdb254a94e4464424087c6479a8
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (47826)
Size
12 kB (11616 bytes)
Hash
c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 07:15:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-includes/css/classic-themes.min.css?ver=1

66.29.146.52

200 OK

217 B

URL HTTP/2
cv-canadien.com/wp-includes/css/classic-themes.min.css?ver=1
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
217 B (217 bytes)
Hash
95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 23:15:16 GMT
accept-ranges: bytes
content-length: 217
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/plugins/rate-my-post/public/css/rate-my-post.css?ver=3.3.9

66.29.146.52

200 OK

2.1 kB

URL HTTP/2
cv-canadien.com/wp-content/plugins/rate-my-post/public/css/rate-my-post.css?ver=3.3.9
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (10488), with no line terminators
Size
2.1 kB (2053 bytes)
Hash
f071fd2002681282a02969a870cec0ec
d4fb7029b1c69d8991c249f3f124cd4aa59f2a49
4167fdd976e55d990ce8e0e1a7e8279ee14288efc23e458c2c8b5e8b0881df01

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/rate-my-post/public/css/rate-my-post.css?ver=3.3.9 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: text/css
last-modified: Mon, 26 Dec 2022 16:07:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2053
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.4.0

66.29.146.52

200 OK

618 B

URL HTTP/2
cv-canadien.com/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.4.0
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2853), with no line terminators
Size
618 B (618 bytes)
Hash
98d80503c8ce24c7e656bad0ceceb02e
aa9899fbc756e18c9a4198e248c809fe35cb3b75
b76f8d52824edc02e69802f0e89c6982646f484b38dd73b1a2b705d11f7437f8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.4.0 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: text/css
last-modified: Wed, 01 Feb 2023 19:25:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 618
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/themes/colormag/style.css?ver=2.1.8

66.29.146.52

200 OK

16 kB

URL HTTP/2
cv-canadien.com/wp-content/themes/colormag/style.css?ver=2.1.8
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (1034)
Size
16 kB (15992 bytes)
Hash
cffd2e8b7274bf0c8334818220f85985
c85b80b1b4d15972425be90b35e8733624954fc9
59925a81b6afea6987ba66e0fec548b7b332526d1e9201f97da6bc0d3881d5ed

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/colormag/style.css?ver=2.1.8 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: text/css
last-modified: Wed, 11 Jan 2023 16:21:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15992
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.8

66.29.146.52

200 OK

6.7 kB

URL HTTP/2
cv-canadien.com/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.8
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (30837), with CRLF line terminators
Size
6.7 kB (6662 bytes)
Hash
af94de112f872240400faa4d859afd4b
58109d2d58c247a433eeddf2438008f6f3cd6bbe
c5d4fcc37b38d8db04ca2b16288fe49f93f25c4659bda6db2e07c30af6a2c437

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.8 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: text/css
last-modified: Wed, 22 Jun 2022 16:16:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6662
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.17.0

66.29.146.52

200 OK

3.6 kB

URL HTTP/2
cv-canadien.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.17.0
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (19277)
Size
3.6 kB (3637 bytes)
Hash
3c0f49bba64d313ff17530aee3e0de3a
2cec8e2b5dce97ec1c602a371470c3b1ad54d34a
35e45af37030e367c7a247b7cf2e5f188e80067a9fa919814ae91c635dafb89b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.17.0 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: text/css
last-modified: Sun, 29 Jan 2023 17:24:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3637
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.10.2

66.29.146.52

200 OK

12 kB

URL HTTP/2
cv-canadien.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.10.2
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65496)
Size
12 kB (12476 bytes)
Hash
c39640bb479c4857c6ec4dd26636b367
4d8c9484936fc69b19f12a3b345575aaf0ca7bc7
2249bca034c488f312ed7d67f0727f13000e75e37819937c8389fd7c036afc0e

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.10.2 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: text/css
last-modified: Sun, 29 Jan 2023 17:24:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12476
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/uploads/elementor/css/post-5.css?ver=1675014383

66.29.146.52

200 OK

305 B

URL HTTP/2
cv-canadien.com/wp-content/uploads/elementor/css/post-5.css?ver=1675014383
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1099), with no line terminators
Size
305 B (305 bytes)
Hash
e3b7f7b655899a792f7e395d7fa63179
b3dd18bedc9c9ec0205231f1acd62d4bf182cd54
de7ac20202fbd72ad6a224d47c8e4f07f8d0acdc3079621af2b738af42d390fb

HTTP Headers

GET /wp-content/uploads/elementor/css/post-5.css?ver=1675014383 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: text/css
last-modified: Sun, 29 Jan 2023 17:46:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 305
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/themes/colormag/inc/elementor/assets/css/elementor.min.css?ver=2.1.8

66.29.146.52

200 OK

1.6 kB

URL HTTP/2
cv-canadien.com/wp-content/themes/colormag/inc/elementor/assets/css/elementor.min.css?ver=2.1.8
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (15566), with no line terminators
Size
1.6 kB (1611 bytes)
Hash
c03ba9f873e1e3afa3075bb618c0b819
69c2395c4c3693a08e3f949cb9e235509e7f45f1
fddcb4e52d366500f9912fbd18551be5d76b4a8deedf61d491680123ac47f5f3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/colormag/inc/elementor/assets/css/elementor.min.css?ver=2.1.8 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: text/css
last-modified: Wed, 16 Dec 2020 12:46:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1611
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/uploads/elementor/css/global.css?ver=1675014383

66.29.146.52

200 OK

888 B

URL HTTP/2
cv-canadien.com/wp-content/uploads/elementor/css/global.css?ver=1675014383
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6697)
Size
888 B (888 bytes)
Hash
5736d5c3b8bcff15f66ed7af569d543d
19d6ac12c0c3d80c255c65219d23e11ec73ca031
297f19d0956dce90da0fbabb2450e5dc7e7f276f20b6b3f12ffbaf665faeae99

HTTP Headers

GET /wp-content/uploads/elementor/css/global.css?ver=1675014383 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: text/css
last-modified: Sun, 29 Jan 2023 17:46:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 888
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

66.29.146.52

200 OK

30 kB

URL HTTP/2
cv-canadien.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65447)
Size
30 kB (30324 bytes)
Hash
3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 23:46:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3872
Expires: Wed, 01 Feb 2023 23:43:25 GMT
Date: Wed, 01 Feb 2023 22:38:53 GMT
Connection: keep-alive

cv-canadien.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

66.29.146.52

200 OK

4.0 kB

URL HTTP/2
cv-canadien.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11126)
Size
4.0 kB (3995 bytes)
Hash
7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/plugins/burst-statistics/helpers/timeme/timeme.min.js?ver=1.3.3

66.29.146.52

200 OK

1.8 kB

URL HTTP/2
cv-canadien.com/wp-content/plugins/burst-statistics/helpers/timeme/timeme.min.js?ver=1.3.3
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6448), with no line terminators
Size
1.8 kB (1831 bytes)
Hash
a5606b4ef203499b565c0201b182959d
4de8efbd1e5ca94550793f8bb352d0e143336ae5
265789002984de853cbb9041479061f2313d1088e5c934277928ba044bc74469

HTTP Headers

GET /wp-content/plugins/burst-statistics/helpers/timeme/timeme.min.js?ver=1.3.3 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Wed, 01 Feb 2023 19:25:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1831
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

66.29.146.52

200 OK

2.4 kB

URL HTTP/2
cv-canadien.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6475), with no line terminators
Size
2.4 kB (2354 bytes)
Hash
4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2354
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

66.29.146.52

200 OK

6.3 kB

URL HTTP/2
cv-canadien.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Size
6.3 kB (6335 bytes)
Hash
fecbc00e8af71d8cfb678cd811c7cb2e
44e5dd77f62cb5c67271442b75cdff10d45f2f8d
d6f03fb4728d0c23251451df8d66b5107d3c87458dc624aacfbad437e99d01f1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 01:13:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6335
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5

66.29.146.52

200 OK

1.6 kB

URL HTTP/2
cv-canadien.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4875)
Size
1.6 kB (1575 bytes)
Hash
06a8ac0e71976bc143cfa7861a31169d
def6031fe13259bf17752661832d815e37068bf2
e6f42d97e7299522bbb002364128fdf72cd22263ca72c5edc41dcd8f4672cd33

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1575
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae

66.29.146.52

200 OK

3.7 kB

URL HTTP/2
cv-canadien.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
data
Size
3.7 kB (3717 bytes)
Hash
f7acc55c5b34188d3e66c5f2ecf3ba80
802270f7a221e406af63d622d364b119d912c15b
826c4e13764f5bf1bd0a17f2e693d943f8605df1024815f67f43694f4338b713

HTTP Headers

GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Sat, 24 Sep 2022 05:25:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3717
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-includes/js/dist/url.min.js?ver=bb0ef862199bcae73aa7

66.29.146.52

200 OK

3.4 kB

URL HTTP/2
cv-canadien.com/wp-includes/js/dist/url.min.js?ver=bb0ef862199bcae73aa7
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (8629)
Size
3.4 kB (3402 bytes)
Hash
aee920a079e33e27f9d0cf3362f1b621
41d678f58cffb40b7e74542dde9e72503b655850
218ab403e8a86c62125bd41079127ce8df0933894916c82c1f53b6e60ebf05f8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/url.min.js?ver=bb0ef862199bcae73aa7 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 21:00:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3402
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-includes/js/dist/api-fetch.min.js?ver=bc0029ca2c943aec5311

66.29.146.52

200 OK

2.1 kB

URL HTTP/2
cv-canadien.com/wp-includes/js/dist/api-fetch.min.js?ver=bc0029ca2c943aec5311
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (5290)
Size
2.1 kB (2147 bytes)
Hash
868729f289be6bac8fae47a9f9985624
67de4735f5f9e5e22f50d511134369120c350b81
8f045f1e8c2f8257a489a0010d8658148f4808f6ea59833526ba78dc1e05a4aa

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/api-fetch.min.js?ver=bc0029ca2c943aec5311 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Wed, 13 Apr 2022 00:42:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2147
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/plugins/burst-statistics/assets/js/build/burst.min.js?ver=1.3.3

66.29.146.52

200 OK

2.6 kB

URL HTTP/2
cv-canadien.com/wp-content/plugins/burst-statistics/assets/js/build/burst.min.js?ver=1.3.3
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6370), with no line terminators
Size
2.6 kB (2615 bytes)
Hash
95ce9e10b79758aec27f55a2866a9e54
52fd0b38262c57f3c53f6a4b2354109041ef3022
9e65e7def31927f4a12a420ce8f7bfdaef8d177ddc02fb429762b59ffde1e5bf

HTTP Headers

GET /wp-content/plugins/burst-statistics/assets/js/build/burst.min.js?ver=1.3.3 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Wed, 01 Feb 2023 19:25:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2615
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/uploads/2022/11/cropped-cv-canadien-gratuit-word.png

66.29.146.52

200 OK

15 kB

URL HTTP/2
cv-canadien.com/wp-content/uploads/2022/11/cropped-cv-canadien-gratuit-word.png
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 392 x 97, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (14889 bytes)
Hash
1cae369bd9513322147d300a36a1840d
4cdec5e943b60cf0cbbe7a60e2fdb55573d586a1
7a505d78c05f8a4000ca1fcd01f0e318e7b4f5284d3e6beeb8d4dd2dc0f421ab

HTTP Headers

GET /wp-content/uploads/2022/11/cropped-cv-canadien-gratuit-word.png HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: image/png
last-modified: Sun, 13 Nov 2022 20:28:38 GMT
accept-ranges: bytes
content-length: 14889
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/plugins/gtranslate/flags/24/fr.png

66.29.146.52

200 OK

637 B

URL HTTP/2
cv-canadien.com/wp-content/plugins/gtranslate/flags/24/fr.png
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
637 B (637 bytes)
Hash
930f08c6829077e96cf25d58f26bd6d3
0dfa244548435053bbebd2ed5914e2785f0f3dc3
594f333e3a8fe65a0466e4f9c140dab97e6b6a073579edf130a87b86614d7ec8

HTTP Headers

GET /wp-content/plugins/gtranslate/flags/24/fr.png HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: image/png
last-modified: Thu, 24 Nov 2022 15:53:08 GMT
accept-ranges: bytes
content-length: 637
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/uploads/2022/11/cv_canadien_gratuit_word-.png

66.29.146.52

200 OK

16 kB

URL HTTP/2
cv-canadien.com/wp-content/uploads/2022/11/cv_canadien_gratuit_word-.png
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 392 x 97, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (16192 bytes)
Hash
2c387e23a46584aa3b0414b53270b21d
e4b34aea469b88692e64b37be9540134f881a279
58b0aacd6eaa7af65fd128381d7f96e8d09650944cdce30a854a801eddee251f

HTTP Headers

GET /wp-content/uploads/2022/11/cv_canadien_gratuit_word-.png HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: image/png
last-modified: Sun, 13 Nov 2022 21:47:46 GMT
accept-ranges: bytes
content-length: 16192
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4f8260f-0039-4dd4-be49-93afef573ecb.jpeg

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4f8260f-0039-4dd4-be49-93afef573ecb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (5011 bytes)
Hash
3c56d08c13f357f91a14309b48d75e88
739ff0319e25b99fbf69b6a1c12159d4dda7549b
7f2a2004b2b587a18e99bae5ef216de0a0a12f4ab8e7c817df8eb8aa41f4be73

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4f8260f-0039-4dd4-be49-93afef573ecb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5011
x-amzn-requestid: 0760d4c6-1e6b-4e68-8c90-37229f8110e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5JE0AIAMFn8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6d-43fb25a727dd969b6219bd6f;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CWfxfWc7d8PGIAtD2kmys5PAmsudrBlMjqy7NsmzUl50QAQd_UfXCA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:20 GMT
age: 2313
etag: "739ff0319e25b99fbf69b6a1c12159d4dda7549b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79ec7db4-9aef-4e9e-a8d9-431c9085df2a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11552 bytes)
Hash
b0ca0ccee69fbee57aac373f94120bb4
5d6309502ffd0c33f6199d46f0d14d0a22e3c752
bed9d4689ff57fa636ee08dab3eef3cdf6c4e0a7103e5185151afe8ddfb755f2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79ec7db4-9aef-4e9e-a8d9-431c9085df2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11552
x-amzn-requestid: 611f63cb-f058-493b-ac86-7e268b866fd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTvG9VIAMFgPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc17-78de7563537b111924100346;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lHLm3IkJRn59US_8SXKXQnNDUiCLIWnQ7QN-DWB3jkot9Ub3b6FUgA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:01:11 GMT
age: 2262
etag: "5d6309502ffd0c33f6199d46f0d14d0a22e3c752"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5561 bytes)
Hash
d910c24f5a6108cb74103cd70692a703
9fe648fa464e46d16f685aca1704f3414eda4107
5cbe5e571e62555225621440203ae24a3b8c41ac7f49b6b731bc2c94e620797f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5561
x-amzn-requestid: 76ca969b-a840-4d5c-97c1-2dfd93b8f630
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKYE3-IAMFqbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-2729fe22420bcc0563c39aff;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: E91BIw8QT3vXXQY8GIPpnRqnTZV4paZ3wynf7UjLnjeIfwS0tiC1Gg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:07 GMT
age: 1606
etag: "9fe648fa464e46d16f685aca1704f3414eda4107"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9600 bytes)
Hash
3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 02:29:58 GMT
age: 72535
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5061 bytes)
Hash
0224e848c34cb32cf932ed99dfd8468a
31c1abac8979bca5a998a6649ca3e6f59c0fb2f5
f93d5a69758e57d4d2b0d307ce98ad5ea8d86b825108873e8ea5bc36567dc5c0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5061
x-amzn-requestid: a266acae-8f1e-4cd7-b93b-e40aa5393521
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdUpGcmoAMF16Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc1d-1fbae7785fccc58f71c1b3e9;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PevXZz9rkBo3Cy6EooCVOpSoHyeKHMoYFjKRrvDld34WFWXzOmpANQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:11:31 GMT
age: 1642
etag: "31c1abac8979bca5a998a6649ca3e6f59c0fb2f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3cca56-2e75-4efc-8090-c33c65a99f80.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8944 bytes)
Hash
b9af1fd56c0de8f128ddce88d49c1b4d
e3bb3d4950f7c0267f4476eef21872da332831aa
908153182f76362ff329803d9c11c06c66181e85e8e51dabd927f1f1ac630d5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3cca56-2e75-4efc-8090-c33c65a99f80.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8944
x-amzn-requestid: 07495184-ede8-485c-94e8-5302ec348ea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: freiLHRPoAMFYbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dade0d-275437a54eceb40e302a7f55;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:47:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 86qoRJHXcrnBGi3REMF5q3ANzKdqEs5F3yFUBmiIt6SCbBVnhGe2Kw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:58:57 GMT
age: 2396
etag: "e3bb3d4950f7c0267f4476eef21872da332831aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/plugins/rate-my-post/public/js/rate-my-post.js?ver=3.3.9

66.29.146.52

200 OK

4.8 kB

URL HTTP/2
cv-canadien.com/wp-content/plugins/rate-my-post/public/js/rate-my-post.js?ver=3.3.9
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (22835)
Size
4.8 kB (4824 bytes)
Hash
1bbfc0d6df4e62f6d8a9c95eb1f9f44d
1d312d9e839e32f3f3a4d071d799eadb3c781e1f
0def8cfb57cec1ca6e5b9b1104e33eaeaf0123807750f9fcbba6961ab6d9fca8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/rate-my-post/public/js/rate-my-post.js?ver=3.3.9 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Mon, 26 Dec 2022 16:07:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4824
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=2.1.8

66.29.146.52

200 OK

5.9 kB

URL HTTP/2
cv-canadien.com/wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=2.1.8
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (23954), with no line terminators
Size
5.9 kB (5908 bytes)
Hash
59217161cbd6d50301170bd667da31ee
9eb8976f6c02a76fefebac9b69a12ab806357d44
41ba9af5b5992ad12e75ada169b367676db7b6dcfbdece6891ff8ad380e4cb06

HTTP Headers

GET /wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=2.1.8 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Wed, 16 Dec 2020 12:46:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5908
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/themes/colormag/js/sticky/jquery.sticky.min.js?ver=2.1.8

66.29.146.52

200 OK

1.3 kB

URL HTTP/2
cv-canadien.com/wp-content/themes/colormag/js/sticky/jquery.sticky.min.js?ver=2.1.8
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4231), with no line terminators
Size
1.3 kB (1344 bytes)
Hash
5a1f0752223d339effb5bb2563adb7b0
040397c6ae605d0203b0aca781535f1f49c910a5
43730276c2c0b894c66c57abcd1a8b2ac3016f0ace10534c696fc21f2f745e0a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/colormag/js/sticky/jquery.sticky.min.js?ver=2.1.8 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Wed, 16 Dec 2020 12:46:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1344
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/themes/colormag/js/news-ticker/jquery.newsTicker.min.js?ver=2.1.8

66.29.146.52

200 OK

997 B

URL HTTP/2
cv-canadien.com/wp-content/themes/colormag/js/news-ticker/jquery.newsTicker.min.js?ver=2.1.8
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (3437), with no line terminators
Size
997 B (997 bytes)
Hash
bad36a5d7b141e5a0d6a738e79c0a2bd
e9cd7f6c77df280c159b2da1c1600e021e12a68a
7e42052b64907e0d47dc55000948e54e83c14bda752758be6a534de1eacc132f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/colormag/js/news-ticker/jquery.newsTicker.min.js?ver=2.1.8 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Wed, 16 Dec 2020 12:46:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 997
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/themes/colormag/js/navigation.min.js?ver=2.1.8

66.29.146.52

200 OK

537 B

URL HTTP/2
cv-canadien.com/wp-content/themes/colormag/js/navigation.min.js?ver=2.1.8
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1567), with no line terminators
Size
537 B (537 bytes)
Hash
229c5fa0870b8622f19a2d73346e4a29
f6c00b11f54845bfbaf321e63c2ae8558084dfcc
8cdba91e28e7338c133b343294a885507d8ac9891c3dcba8352b7cdfea70614d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/colormag/js/navigation.min.js?ver=2.1.8 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Wed, 16 Dec 2020 12:46:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 537
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.1.8

66.29.146.52

200 OK

635 B

URL HTTP/2
cv-canadien.com/wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.1.8
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (1754), with no line terminators
Size
635 B (635 bytes)
Hash
096bd1b26c4742ce2479189f1e9f7e43
26fcdf5e37f4d6e2705ef997f21799426888020d
9b8df0ee89287ff1a180c3bc3d01c63240d3467af28078c2f9bafbed3c76361e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.1.8 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Wed, 16 Dec 2020 12:46:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 635
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.1.8

66.29.146.52

200 OK

171 B

URL HTTP/2
cv-canadien.com/wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.1.8
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (325), with no line terminators
Size
171 B (171 bytes)
Hash
7d9e5d360e2896a1f2b65b20d8b1ffe0
4c1a57c2d65ff7fbba6898607b5ce11589c23096
4922045fd59fc46a4bd5a09703b5e65bae933e0b65ce634e1362f02f637fa6f0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.1.8 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Wed, 16 Dec 2020 12:46:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 171
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/uploads/elementor/css/post-58.css?ver=1675097692

66.29.146.52

200 OK

1.2 kB

URL HTTP/2
cv-canadien.com/wp-content/uploads/elementor/css/post-58.css?ver=1675097692
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (16141), with no line terminators
Size
1.2 kB (1163 bytes)
Hash
42ba5fd1a34a6c74eff8b2e4fef65a7c
d5cc4b0d638da1f056cb501e60ef1a6185bac847
4690e130326f522711a59f89eec745f7b772e63ef93618a57b0d75e4ac7e34da

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/elementor/css/post-58.css?ver=1675097692 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: text/css
last-modified: Mon, 30 Jan 2023 16:54:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1163
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/themes/colormag/js/colormag-custom.min.js?ver=2.1.8

66.29.146.52

200 OK

1.0 kB

URL HTTP/2
cv-canadien.com/wp-content/themes/colormag/js/colormag-custom.min.js?ver=2.1.8
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (3042), with no line terminators
Size
1.0 kB (1018 bytes)
Hash
e529e4d7eb1dcab1405a65dcc4836f58
93debdb595fdc54ae80ed63b68d0123d25391a52
55c4fce114c9d1a60f263ba1193d922388a61ef98a0fec9483daf99932f9295d

HTTP Headers

GET /wp-content/themes/colormag/js/colormag-custom.min.js?ver=2.1.8 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 15:43:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1018
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.4.0

66.29.146.52

200 OK

9.8 kB

URL HTTP/2
cv-canadien.com/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.4.0
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (38801), with no line terminators
Size
9.8 kB (9777 bytes)
Hash
9db1fb6f1d87aa0e81e0bdb861acb35c
f3aeaf31a596da4b1c478237dd4eabd320d102fe
abc13eed4549c694a9bec9e924c739c1ca26fab84c0e0de0a724c1de9de8667b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.4.0 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Wed, 01 Feb 2023 19:25:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9777
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

66.29.146.52

200 OK

6.8 kB

URL HTTP/2
cv-canadien.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (8189)
Size
6.8 kB (6800 bytes)
Hash
3d0ff0f6731d9cef860af9a5a0e3ce62
13aed444304d782039e261475c8b4450b83e743e
e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Sat, 24 Sep 2022 05:25:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6800
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-includes/js/wp-emoji-release.min.js?ver=81582bdb254a94e4464424087c6479a8

66.29.146.52

200 OK

4.6 kB

URL HTTP/2
cv-canadien.com/wp-includes/js/wp-emoji-release.min.js?ver=81582bdb254a94e4464424087c6479a8
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (15660)
Size
4.6 kB (4619 bytes)
Hash
0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

66.29.146.52

200 OK

2.9 kB

URL HTTP/2
cv-canadien.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (12198), with no line terminators
Size
2.9 kB (2867 bytes)
Hash
869caa171b68cbec9fee5abbfb944ee8
f237e485e41f88b77384cfdb880f9d5a8f46eac8
25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Wed, 11 Jan 2017 21:35:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2867
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.10.2

66.29.146.52

200 OK

11 kB

URL HTTP/2
cv-canadien.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.10.2
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (35829)
Size
11 kB (11096 bytes)
Hash
447dc76408e16d1fbc4c071967f28392
b0467f0e3a25a97ecabccfc17c89276a72483b8a
dbfbf4a0a9d71f9cf8bc76780c1a38891168df8b3cc316a86af32221a981cc6a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.10.2 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Sun, 29 Jan 2023 17:24:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11096
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.10.2

66.29.146.52

200 OK

12 kB

URL HTTP/2
cv-canadien.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.10.2
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (40802)
Size
12 kB (11791 bytes)
Hash
2b95f873e96342f896b6459eb1c67c89
0550889dc4878dc32e24482e31d105a7be47c058
cf73a9888abe7a2ff21b3d98dde8cbc144dbb480c59a0c5d5630b98040d1b2aa

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.10.2 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Sun, 29 Jan 2023 17:24:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11791
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.10.2

66.29.146.52

200 OK

2.1 kB

URL HTTP/2
cv-canadien.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.10.2
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4974)
Size
2.1 kB (2076 bytes)
Hash
316fade9eb33df78871e920be739bf9e
778dfc36f72cfb8f3b841425e45894612ff1df60
e4a0ece161237c5ae01a42fb944c74b4872455b9b1c9605506fb7f1296c2ac6c

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.10.2 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:53 GMT
content-type: application/javascript
last-modified: Sun, 29 Jan 2023 17:24:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2076
date: Wed, 01 Feb 2023 22:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:38:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:38:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.67

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cv-canadien.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 120588
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:38:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.67

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cv-canadien.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 07:51:59 GMT
expires: Thu, 01 Feb 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 53215
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.67

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cv-canadien.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 261414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:38:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cv-canadien.com/wp-content/themes/colormag/assets/fonts/OpenSans-VariableFont.woff

66.29.146.52

200 OK

80 kB

URL HTTP/2
cv-canadien.com/wp-content/themes/colormag/assets/fonts/OpenSans-VariableFont.woff
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format, TrueType, length 80196, version 3.0\012- data
Size
80 kB (80196 bytes)
Hash
8d5902c75e6f6373b10b9a5aaad64821
cf35548f4f6a03fc63544a78703e61e00fae45a9
01860d2273448228ae1e9f7b7150e82bdcf98896938cccd44815f4c1c856204c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/colormag/assets/fonts/OpenSans-VariableFont.woff HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cv-canadien.com/wp-content/themes/colormag/style.css?ver=2.1.8
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:54 GMT
content-type: font/woff
last-modified: Tue, 18 Oct 2022 15:43:40 GMT
accept-ranges: bytes
content-length: 80196
date: Wed, 01 Feb 2023 22:38:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/themes/colormag/assets/fonts/OpenSans-Bold.woff

66.29.146.52

200 OK

78 kB

URL HTTP/2
cv-canadien.com/wp-content/themes/colormag/assets/fonts/OpenSans-Bold.woff
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format, TrueType, length 78156, version 3.0\012- data
Size
78 kB (78156 bytes)
Hash
1a592f9655ac68db7ba196134e938d74
8edc1a005636480304808fd9393c49ecae3d7e23
a1434cb9eee1f618cfa38f76759c919e606679bb2beb2cadd62964361c43a741

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/colormag/assets/fonts/OpenSans-Bold.woff HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cv-canadien.com/wp-content/themes/colormag/style.css?ver=2.1.8
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:54 GMT
content-type: font/woff
last-modified: Tue, 18 Oct 2022 15:43:40 GMT
accept-ranges: bytes
content-length: 78156
date: Wed, 01 Feb 2023 22:38:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/themes/colormag/assets/fonts/OpenSans-Regular.woff

66.29.146.52

200 OK

80 kB

URL HTTP/2
cv-canadien.com/wp-content/themes/colormag/assets/fonts/OpenSans-Regular.woff
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format, TrueType, length 80280, version 3.0\012- data
Size
80 kB (80280 bytes)
Hash
dec1ef467e5034d2562db22cf413034a
63eecb1133924bb8ec787a509a1e9e9afe8fb5bc
543ceb846af6fbfff9fc58f1e53994f3f191116c51ca95de3ce75d675c50ea66

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/colormag/assets/fonts/OpenSans-Regular.woff HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cv-canadien.com/wp-content/themes/colormag/style.css?ver=2.1.8
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:54 GMT
content-type: font/woff
last-modified: Tue, 18 Oct 2022 15:43:40 GMT
accept-ranges: bytes
content-length: 80280
date: Wed, 01 Feb 2023 22:38:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/uploads/complianz/css/banner--optin.css?v=0

66.29.146.52

404 Not Found

14 kB

URL HTTP/2
cv-canadien.com/wp-content/uploads/complianz/css/banner--optin.css?v=0
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Size
14 kB (14258 bytes)
Hash
86b02307b973a0c1028a902d27758602
1e3a7f62ec64286f8fa03a1f25d62858d63e75ed
ce3d3a1159da25c79a13e8192cca4e9d2131f0e8a722eedadf19f2a52b5b2f96

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/complianz/css/banner--optin.css?v=0 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://cv-canadien.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 14258
date: Wed, 01 Feb 2023 22:38:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0

66.29.146.52

200 OK

77 kB

URL HTTP/2
cv-canadien.com/wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cv-canadien.com/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.8
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:54 GMT
content-type: font/woff2
last-modified: Wed, 16 Dec 2020 12:46:28 GMT
accept-ranges: bytes
content-length: 77160
date: Wed, 01 Feb 2023 22:38:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1

142.250.74.138

200 OK

82 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
data
Size
82 kB (81746 bytes)
Hash
93ab8626f7db03bf61dc43b3fa0c29eb
f9cd554addfe73a512343f2f38f3289d43aa1b85
ee9b17e1e1af5687f79f6910885218ec7088f7a40b8b9267145b28420741199f

HTTP Headers

GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 Feb 2023 22:38:53 GMT
date: Wed, 01 Feb 2023 22:38:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/themes/colormag/assets/fonts/OpenSans-Light.woff

66.29.146.52

200 OK

80 kB

URL HTTP/2
cv-canadien.com/wp-content/themes/colormag/assets/fonts/OpenSans-Light.woff
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format, TrueType, length 80036, version 3.0\012- data
Size
80 kB (80036 bytes)
Hash
365a45b28097e68225020dd9417bedf9
121a925f5f435619c2d0bb6c5026f4eda2b6edfb
cf336209cd00b79ed36399d1877aa0c2f50cb7e75b38592fdbcf80bf4ac153bb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/colormag/assets/fonts/OpenSans-Light.woff HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cv-canadien.com/wp-content/themes/colormag/style.css?ver=2.1.8
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:54 GMT
content-type: font/woff
last-modified: Tue, 18 Oct 2022 15:43:40 GMT
accept-ranges: bytes
content-length: 80036
date: Wed, 01 Feb 2023 22:38:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/uploads/2022/11/Currciulum-vitea-canadien-1.jpg

66.29.146.52

200 OK

37 kB

URL HTTP/2
cv-canadien.com/wp-content/uploads/2022/11/Currciulum-vitea-canadien-1.jpg
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 579x819, components 3\012- data
Size
37 kB (37327 bytes)
Hash
6cc8dad39e59c6da0dd705813b0088e6
61b56dc9b2d11db4f1fde4add410bbf5ca19b74b
0bf1aca010f39b67da94a5232536f418f5da3285360eca8e6253625ce67b68ed

HTTP Headers

GET /wp-content/uploads/2022/11/Currciulum-vitea-canadien-1.jpg HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Cookie: burst_uid=7e401518e16270c5f99e9f06cfcc71f4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:54 GMT
content-type: image/jpeg
last-modified: Mon, 21 Nov 2022 19:15:17 GMT
accept-ranges: bytes
content-length: 37327
date: Wed, 01 Feb 2023 22:38:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/burst-statistics-endpoint.php

66.29.146.52

200 OK

0 B

URL HTTP/2
cv-canadien.com/burst-statistics-endpoint.php
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /burst-statistics-endpoint.php HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 303
Origin: https://cv-canadien.com
Connection: keep-alive
Referer: https://cv-canadien.com/
Cookie: burst_uid=7e401518e16270c5f99e9f06cfcc71f4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-length: 0
date: Wed, 01 Feb 2023 22:38:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js

66.29.146.52

200 OK

601 B

URL HTTP/2
cv-canadien.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1320)
Size
601 B (601 bytes)
Hash
baebeaaad12150bc7a948ae974ad2433
3c7dbb93de4e299e97bb9d89c89c3c0cacf5dace
9e1bffa89afb6bf8ecba7204e2dd48b5e9b09aec2d8e90c58d22b6237bf4d12c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Cookie: burst_uid=7e401518e16270c5f99e9f06cfcc71f4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:54 GMT
content-type: application/javascript
last-modified: Sun, 29 Jan 2023 17:24:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 601
date: Wed, 01 Feb 2023 22:38:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/uploads/2022/11/Cv-Canadien-gratuit-4-1.jpg

66.29.146.52

200 OK

86 kB

URL HTTP/2
cv-canadien.com/wp-content/uploads/2022/11/Cv-Canadien-gratuit-4-1.jpg
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 662x936, components 3\012- data
Size
86 kB (86463 bytes)
Hash
1c60869f939696ac43e3c44721cc2e24
cad661f2b9bf0c7b1faf77b36667d79042b014df
42f5dcb91f659c6f2668524b9444f72a0c7cc598d9abb5df26f1095fc393c9e6

HTTP Headers

GET /wp-content/uploads/2022/11/Cv-Canadien-gratuit-4-1.jpg HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Cookie: burst_uid=7e401518e16270c5f99e9f06cfcc71f4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:54 GMT
content-type: image/jpeg
last-modified: Mon, 21 Nov 2022 19:28:06 GMT
accept-ranges: bytes
content-length: 86463
date: Wed, 01 Feb 2023 22:38:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/uploads/2022/12/Exemple-cv-canadien-word-quebec.jpg

66.29.146.52

200 OK

91 kB

URL HTTP/2
cv-canadien.com/wp-content/uploads/2022/12/Exemple-cv-canadien-word-quebec.jpg
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 530x749, components 3\012- data
Size
91 kB (90979 bytes)
Hash
db1bbae2e8d8b542ea10535d7f40b698
d1c3b8f9a6845198dc1aef834f4a1411def5c67a
c0ad58415aa0a1a3a6226d93d794dd8cd5c77892de21e60786335c319ea995c7

HTTP Headers

GET /wp-content/uploads/2022/12/Exemple-cv-canadien-word-quebec.jpg HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Cookie: burst_uid=7e401518e16270c5f99e9f06cfcc71f4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:54 GMT
content-type: image/jpeg
last-modified: Fri, 02 Dec 2022 18:15:46 GMT
accept-ranges: bytes
content-length: 90979
date: Wed, 01 Feb 2023 22:38:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 01 Feb 2023 21:44:08 GMT
expires: Wed, 01 Feb 2023 23:44:08 GMT
cache-control: public, max-age=7200
age: 3287
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:38:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:38:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:38:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cv-canadien.com/wp-content/uploads/2023/01/canada-1.jpg

66.29.146.52

200 OK

9.2 kB

URL HTTP/2
cv-canadien.com/wp-content/uploads/2023/01/canada-1.jpg
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left], baseline, precision 8, 56x49, components 3\012- data
Size
9.2 kB (9177 bytes)
Hash
22860b40557e9222331932a5f5e80d39
8737d17db7e46670801b56d23e11802d6f1b69da
5c9dbfd67e3284f04afdb8a2cd0a1958e4e7ca07c65684956ac9d4ac70e76856

HTTP Headers

GET /wp-content/uploads/2023/01/canada-1.jpg HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Cookie: burst_uid=7e401518e16270c5f99e9f06cfcc71f4; _ga_15TD3EKJ7G=GS1.1.1675291158.1.0.1675291158.0.0.0; _ga=GA1.1.1462030902.1675291158
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:55 GMT
content-type: image/jpeg
last-modified: Mon, 30 Jan 2023 09:45:15 GMT
accept-ranges: bytes
content-length: 9177
date: Wed, 01 Feb 2023 22:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-250011826-1&cid=1462030902.1675291158&jid=601161483&gjid=1629209183&_gid=368953203.1675291159&_u=YCDACUAABAAAACAAI~&z=860817709

64.233.162.154

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-250011826-1&cid=1462030902.1675291158&jid=601161483&gjid=1629209183&_gid=368953203.1675291159&_u=YCDACUAABAAAACAAI~&z=860817709
IP
64.233.162.154:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-250011826-1&cid=1462030902.1675291158&jid=601161483&gjid=1629209183&_gid=368953203.1675291159&_u=YCDACUAABAAAACAAI~&z=860817709 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://cv-canadien.com
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://cv-canadien.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 01 Feb 2023 22:38:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

translate.googleapis.com/translate_static/css/translateelement.css

216.58.211.10

200 OK

3.6 kB

URL HTTP/2
translate.googleapis.com/translate_static/css/translateelement.css
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (22967)
Size
3.6 kB (3632 bytes)
Hash
f7bf2121608909b56672e6398ac2335c
864ef3bac46b08ab6609fad23f00d5f09815647d
b9d3a8600d9b6edf9c71b793c42782282ecfb01e2026e0128608b949e91e152c

HTTP Headers

GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3632
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 21:52:00 GMT
expires: Wed, 01 Feb 2023 22:52:00 GMT
cache-control: public, max-age=3600
age: 2815
last-modified: Mon, 09 Jan 2023 20:58:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

142.250.74.78

200 OK

103 kB

URL HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2385)
Size
103 kB (103004 bytes)
Hash
daa50543080fd1457a04685dfa530761
c5c9b930f94cb9c41b4d8c4b0ff84f2fd23c289f
18c35946356c65385d3d262aa5741de15f032b24c7d14d26bbf4f37b4eb2dcc8

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 Feb 2023 22:38:55 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+101; expires=Fri, 31-Jan-2025 22:38:55 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:38:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.google-analytics.com/g/collect?v=2&tid=G-15TD3EKJ7G&gtm=2oe1u0&_p=268540399&gdid=dZTNiMT&cid=1462030902.1675291158&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675291158&sct=1&seg=0&dl=https%3A%2F%2Fcv-canadien.com%2F&dt=Exemple%20et%20Mod%C3%A8le%20de%20CV%20Canadien%20Gratuit%20%C3%A0%20T%C3%A9l%C3%A9charger%20en%202023&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-15TD3EKJ7G&gtm=2oe1u0&_p=268540399&gdid=dZTNiMT&cid=1462030902.1675291158&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675291158&sct=1&seg=0&dl=https%3A%2F%2Fcv-canadien.com%2F&dt=Exemple%20et%20Mod%C3%A8le%20de%20CV%20Canadien%20Gratuit%20%C3%A0%20T%C3%A9l%C3%A9charger%20en%202023&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-15TD3EKJ7G&gtm=2oe1u0&_p=268540399&gdid=dZTNiMT&cid=1462030902.1675291158&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675291158&sct=1&seg=0&dl=https%3A%2F%2Fcv-canadien.com%2F&dt=Exemple%20et%20Mod%C3%A8le%20de%20CV%20Canadien%20Gratuit%20%C3%A0%20T%C3%A9l%C3%A9charger%20en%202023&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cv-canadien.com
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://cv-canadien.com
date: Wed, 01 Feb 2023 22:38:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/product/1x/translate_24dp.png

142.250.74.35

200 OK

846 B

URL HTTP/2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
846 B (846 bytes)
Hash
e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

HTTP Headers

GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 12:53:47 GMT
expires: Tue, 30 Jan 2024 12:53:47 GMT
cache-control: public, max-age=31536000
age: 207908
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

142.250.74.35

200 OK

910 B

URL HTTP/2
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
910 B (910 bytes)
Hash
efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

HTTP Headers

GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 07:32:15 GMT
expires: Mon, 29 Jan 2024 07:32:15 GMT
cache-control: public, max-age=31536000
age: 313600
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.35

200 OK

1.8 kB

URL HTTP/2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 16:07:41 GMT
expires: Tue, 30 Jan 2024 16:07:41 GMT
cache-control: public, max-age=31536000
age: 196274
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cv-canadien.com/wp-content/uploads/2023/01/cv-canadien-gratuit-cv-canada-cv-immigration-canada-2.jpg

66.29.146.52

200 OK

0 B

URL HTTP/2
cv-canadien.com/wp-content/uploads/2023/01/cv-canadien-gratuit-cv-canada-cv-immigration-canada-2.jpg
IP
66.29.146.52:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2023/01/cv-canadien-gratuit-cv-canada-cv-immigration-canada-2.jpg HTTP/1.1
Host: cv-canadien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cv-canadien.com/
Cookie: burst_uid=7e401518e16270c5f99e9f06cfcc71f4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 22:38:54 GMT
content-type: image/jpeg
last-modified: Mon, 23 Jan 2023 19:11:14 GMT
accept-ranges: bytes
content-length: 128561
date: Wed, 01 Feb 2023 22:38:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (44)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML