Report - higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php

Report Overview

Submitted URL
higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
IP
192.124.249.175
ASN
#30148 SUCURI-SEC
Submitted
2022-09-23 19:51:56
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
62

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.5 kB	23.36.76.226
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	60 kB	34.120.237.76
blackname.biz	745712	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	1.3 kB	3.64.163.50
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	108.156.28.51
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	2.3 kB	192.124.249.36
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.2 kB	142.250.74.3
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	65 kB	142.250.74.163
higginsonconsulting.ca	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	27 kB	275 kB	192.124.249.175
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.148.77.40
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	736 B	2.2 kB	142.250.74.10
ssl.google-analytics.com	275	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	18 kB	142.250.74.104
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	18.165.201.103
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
www.higginsonconsulting.ca	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	496 B	774 B	192.124.249.175

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-23	medium	higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php	Phishing
2022-09-23	medium	www.higginsonconsulting.ca//netfilxwebsupportteampaymentalert/account/login.php	Phishing
2022-09-23	medium	higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/plugins/doptg/libraries/gui/css/jquery.jscrollpane.css?ver=3.5.2	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/plugins/doptg/assets/gui/css/jquery.dop.ThumbnailGallery.css?ver=3.5.2	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/plugins/revslider/rs-plugin/css/captions.css?ver=3.5.2	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/plugins/revslider/rs-plugin/css/settings.css?ver=3.5.2	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/themes/rocco_bak/css/prettyPhoto.css?ver=1.0.1	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/themes/rocco_bak/css/responsiveslides.css?ver=1.0.1	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/themes/rocco_bak/css/jcarousel/skin.css?ver=1.0.1	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/themes/rocco_bak/css/skins/orange/images.css?ver=1.0.1	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.all.css?ver=1.0.1	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.2	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/plugins/doptg/libraries/js/jquery.mousewheel.js?ver=3.5.2	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/themes/rocco_bak/css/responsive.css?ver=1.0.1	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.9.2	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/themes/rocco_bak/js/sliders/responsiveslides.js?ver=1.0.1	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.sortable.min.js?ver=1.9.2	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.mouse.min.js?ver=1.9.2	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.tabs.min.js?ver=1.9.2	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/themes/rocco_bak/js/scripts.js?ver=1.0.1	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/themes/rocco_bak/js/sliders/jquery.jcarousel.min.js?ver=1.0.1	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=3.5.2	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-includes/js/jquery/jquery.js?ver=1.8.3	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/plugins/doptg/assets/js/jquery.dop.ThumbnailGallery.js?ver=3.5.2	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/themes/rocco_bak/style.php?ver=1.0.1	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/socialico-webfont.woff	Phishing
2022-09-23	medium	higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/fontawesome-webfont.woff?v=3.2.1	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.9.2	6.8 kB	2023-03-07	2024-02-06
Pretty URL higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.9.2 IP 192.124.249.175 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:59:29 Last Seen2024-02-06 08:56:17 Times Seen25 Hash a5626b56956b854edc4435086b81e642 251350401086a850c3ed83e8450df66c7041caa4 fae74b1105bc4c2ed8c526a1233891d041807e6926f9493fec20ad840efd2705 Loading...

	higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20	15 kB	2023-03-07	2024-04-21
Pretty URL higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 IP 192.124.249.175 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:55 Last Seen2024-04-21 12:57:42 Times Seen3934 Hash f448c593c242d134e9733a84c7a4d26c 374aa1f8db17575b0e35eabc46ad82062e09106c c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8 Loading...

	higginsonconsulting.ca/wp-content/themes/rocco_bak/js/sliders/responsiveslides.js?ver=1.0.1	9.6 kB	2023-03-07	2024-03-02
Pretty URL higginsonconsulting.ca/wp-content/themes/rocco_bak/js/sliders/responsiveslides.js?ver=1.0.1 IP 192.124.249.175 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:59:29 Last Seen2024-03-02 15:26:49 Times Seen19 Hash 667e13ea5fc1e4e636e383c521d3a0ef 8cb061826c1c121035fd4652bc3f66e8ce9fcf0a c9076f1dcc0388d8f3cb2ad32ec200e980cd5f998113d8f97d9556691a0f9905 Loading...

	higginsonconsulting.ca/wp-includes/js/jquery/jquery.js?ver=1.8.3	94 kB	2023-03-07	2024-04-15
Pretty URL higginsonconsulting.ca/wp-includes/js/jquery/jquery.js?ver=1.8.3 IP 192.124.249.175 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:38:08 Last Seen2024-04-15 16:58:18 Times Seen278 Hash baae1db8cca4abb2265b0a6e01f1beed d24817d13b4626b15e2fd51e49f2312f27ef7be5 41be9b6def9198311ad7b760cdb51ccb0153fdc44f0a39949ed99965492e3e03 Loading...

	higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php	176 B	2023-03-07	2023-03-08
Pretty URL higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php IP 192.124.249.175 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:59:29 Last Seen2023-03-08 19:48:37 Times Seen1 Hash 47dc9c5fe5e87a0c7110bc5526a919ae 331a57d4ff0de21d4ebccdfae79235e89a9da3d6 b266394a3db4804f3a24a9399878b191057f1723bbc2ad672c1b518ca858f1af Loading...

	higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.accordion.min.js?ver=1.9.2	10 kB	2023-03-07	2023-07-18
Pretty URL higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.accordion.min.js?ver=1.9.2 IP 192.124.249.175 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:59:29 Last Seen2023-07-18 10:15:13 Times Seen5 Hash 75ac483f270380c9a0a4e8eb5b6f3dd0 8002287a2fcb885c6e2629e483c91ef9a584ec43 042666f1a590f1f8ed8c1866884e549471773623ac93e3dcab9ad81f4b820aa3 Loading...

	higginsonconsulting.ca/wp-content/themes/rocco_bak/js/scripts.js?ver=1.0.1	12 kB	2023-03-07	2024-03-02
Pretty URL higginsonconsulting.ca/wp-content/themes/rocco_bak/js/scripts.js?ver=1.0.1 IP 192.124.249.175 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:59:29 Last Seen2024-03-02 15:26:49 Times Seen3 Hash af887884fb03e39210cb211e44a001ab dbf4790a0a60b37c1ee1c5f2c4fc84c795206e2d a29f92d596742cac2d843c8eef00bb3fd663c4b3f259ce563e7aa0cda85726de Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 02:33:30 Times Seen37052837 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	higginsonconsulting.ca/wp-content/themes/rocco_bak/js/mfn.menu.js?ver=1.0.1	1.9 kB	2023-03-07	2024-03-02
Pretty URL higginsonconsulting.ca/wp-content/themes/rocco_bak/js/mfn.menu.js?ver=1.0.1 IP 192.124.249.175 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:59:29 Last Seen2024-03-02 15:26:49 Times Seen3 Hash 25783c34d67e23ad5c28cb69ac520b98 895604e4de1d31b123b890546ba1254902b59898 2beb01159f839e68a34efee994ed29c6228800e5eb131e36b62165228559ac66 Loading...

	ssl.google-analytics.com/ga.js	46 kB	2023-03-07	2024-04-16
Pretty URL ssl.google-analytics.com/ga.js IP 142.250.74.104 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-16 23:24:27 Times Seen3495 Hash e9372f0ebbcf71f851e3d321ef2a8e5a 2c7d19d1af7d97085c977d1b69dcb8b84483d87c 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Loading...

	higginsonconsulting.ca/wp-content/plugins/doptg/libraries/js/jquery.jscrollpane.min.js?ver=3.5.2	15 kB	2023-03-07	2024-03-13
Pretty URL higginsonconsulting.ca/wp-content/plugins/doptg/libraries/js/jquery.jscrollpane.min.js?ver=3.5.2 IP 192.124.249.175 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:59:29 Last Seen2024-03-13 05:54:25 Times Seen33 Hash fe325fc698a0b5107bb11506ac33ec16 faf9a815ab6a0b9041774425470d771a0bda28ad 3ae1b2c36627866f1f70d8be1be315f27444176071df46b166e125db8de80b38 Loading...

	higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.sortable.min.js?ver=1.9.2	24 kB	2023-03-07	2023-06-18
Pretty URL higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.sortable.min.js?ver=1.9.2 IP 192.124.249.175 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:59:29 Last Seen2023-06-18 12:37:33 Times Seen3 Hash 4a6b8c51735314ad669b4a73eab51726 60b9597c76a958a7e4be4865f92c5b357b62df0e dfd77f358a37909c607e797d2d47866d83eed5f1e6b7fac9b2b2380083f3b231 Loading...

	higginsonconsulting.ca/wp-content/themes/rocco_bak/js/sliders/jquery.jcarousel.min.js?ver=1.0.1	16 kB	2023-03-07	2024-03-02
Pretty URL higginsonconsulting.ca/wp-content/themes/rocco_bak/js/sliders/jquery.jcarousel.min.js?ver=1.0.1 IP 192.124.249.175 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:10 Last Seen2024-03-02 15:26:49 Times Seen65 Hash 98a2178c0b1ee06a4b87d251e2966a50 295e95234c3efbe995a3dc9bfc19a6153cb205f1 bc50a5b047393737e06d2b9df4e7f1c94758dcf4f4d925060b8aaef01931f2dd Loading...

	higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.tabs.min.js?ver=1.9.2	19 kB	2023-03-07	2023-07-18
Pretty URL higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.tabs.min.js?ver=1.9.2 IP 192.124.249.175 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:59:29 Last Seen2023-07-18 10:15:13 Times Seen5 Hash 490d0168365536638cb63e97b69494b1 4fab4ffa0470e8aaa25a005861460b834ea08730 65c760214342f34e5c43358fc95b0751d60e102742882e56c80d348f99660874 Loading...

	higginsonconsulting.ca/wp-content/themes/rocco_bak/js/jquery.plugins.js?ver=1.0.1	42 kB	2023-03-07	2024-03-02
Pretty URL higginsonconsulting.ca/wp-content/themes/rocco_bak/js/jquery.plugins.js?ver=1.0.1 IP 192.124.249.175 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:59:29 Last Seen2024-03-02 15:26:49 Times Seen3 Hash e6ef45f6cdd806b64b51d4e0de58c03d b91246d9364d51b35f1d840e42b6b53c5fe49ba7 0b6c27d8d994799f7f6163987c48e2834d07f4a57ab0f767e217da22c8d582cc Loading...

	higginsonconsulting.ca/wp-content/plugins/doptg/assets/js/jquery.dop.ThumbnailGallery.js?ver=3.5.2	245 kB	2023-03-07	2024-02-26
Pretty URL higginsonconsulting.ca/wp-content/plugins/doptg/assets/js/jquery.dop.ThumbnailGallery.js?ver=3.5.2 IP 192.124.249.175 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:59:29 Last Seen2024-02-26 16:06:09 Times Seen4 Hash d4205cee79e758c4dd4f2090cbc5a366 e9770f16f200e923e63c0e3f993b1e116efec1d9 54deb788d739c1295d0db5ef8521c390536e2c2de42d76a6f6dea104ca67df24 Loading...

	higginsonconsulting.ca/wp-content/plugins/doptg/libraries/js/jquery.mousewheel.js?ver=3.5.2	2.4 kB	2023-03-07	2024-04-09
Pretty URL higginsonconsulting.ca/wp-content/plugins/doptg/libraries/js/jquery.mousewheel.js?ver=3.5.2 IP 192.124.249.175 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:40:36 Last Seen2024-04-09 14:11:08 Times Seen290 Hash b8a3ea9e7aad0c0299dbe5cfe5ede202 a16dd268abef04ccf737103524ccb7eb8ad7dc5a cdbdff46d80b04005fd57facd6a0c73b58da2b0abf21e296be23ece88ac0b278 Loading...

	higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.9.2	4.7 kB	2023-03-07	2024-02-05
Pretty URL higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.9.2 IP 192.124.249.175 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:59:29 Last Seen2024-02-05 06:51:37 Times Seen20 Hash f8d56d3c5539aa7af2a7d5c3b8769fad 3814fc76dba1a75f97359c56f0ca45e3c39c771b 0d8914a2109382d978b616ee5b8892be0554de32ce561670731d34516d9f2f59 Loading...

	higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php	409 B	2023-03-07	2023-03-08
Pretty URL higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php IP 192.124.249.175 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:59:29 Last Seen2023-03-08 19:48:37 Times Seen1 Hash 1793c3e59a7e46bcc09012825a462711 56e7fb6847553ed503f8a99b7e3bc87c8327f6bc db2a89ad415204365dd33afa7fd467e6c215629aa3a5ee37b6bdde6522d4a642 Loading...

	higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php	123 B	2023-03-07	2024-03-02
Pretty URL higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php IP 192.124.249.175 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:59:29 Last Seen2024-03-02 15:26:48 Times Seen5 Hash 616f588cc57322b39d00d0b608415cb1 ea7a6103b2b42c4ea633c877c93d58ca304317d0 cd2c1751302e08c3773525e41e40588ff4d991f2aaf8be34789ff4f8ece4068d Loading...

	higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.2	11 kB	2023-03-07	2024-03-03
Pretty URL higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.2 IP 192.124.249.175 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:42 Last Seen2024-03-03 00:17:48 Times Seen230 Hash 1d527f00884c10d039ad419be8179814 2c69685855da5ab49da766318d0eb959da615308 3dbc832de930e5b39820c0fc94f59c8c89b134dbbe02c7e4dc31aeda65d604de Loading...

	higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.mouse.min.js?ver=1.9.2	2.9 kB	2023-03-07	2024-02-05
Pretty URL higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.mouse.min.js?ver=1.9.2 IP 192.124.249.175 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:59:29 Last Seen2024-02-05 06:51:37 Times Seen13 Hash 2b09e33474c5641d8b63eaf28e870a66 c52e0269a58dc5eef363952bb18975ca2f4579a7 36d26bdbb977292affda96acdfe1f695f99b4af7eeccd8d9f7427053e73ade8a Loading...

HTTP Transactions (87)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

18.165.201.103

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
18.165.201.103:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 19:05:14 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 507372273c5029d1ae2439349f7f1458.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: yxx0RMebzdF1t2YYeELfVFPucup2Bnz6pSuDR-yT6xYzXQYIkmMK9w==
Age: 2791

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16303
Expires: Sat, 24 Sep 2022 00:23:28 GMT
Date: Fri, 23 Sep 2022 19:51:45 GMT
Connection: keep-alive

higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php

192.124.249.175

302 Found

271 B

URL HTTP/1.1
higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
271 B (271 bytes)
Hash
855bbca0a6b1a72a044894f84fc6e173
a6e4a21f32cdba6f6f430d6c10cdf6f6bacda6c9
790f24dca58a4eff9a93a3f5e1e3a6d5fb480b289a80bdc229bb4b4c5a9f7ddc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /netfilxwebsupportteampaymentalert/account/login.php HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: Sucuri/Cloudproxy
Date: Fri, 23 Sep 2022 19:51:46 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 271
Connection: keep-alive
X-Sucuri-ID: 19025
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Location: https://www.higginsonconsulting.ca//netfilxwebsupportteampaymentalert/account/login.php
X-Sucuri-Cache: BYPASS

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

108.156.28.51

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
108.156.28.51:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:13:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 728b6476f3e2317ec8044d22806d4f94.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: HAjOnifZgKcucl0rHk3qMybqT2SzKgZnZrXJR6-3m1b1vp8w1d_7dw==
age: 56323
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.36

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.36:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
65ec4bd4c3d6b99a4e619c890d649bb7
55937eddde1baeea69342d424d0cccf2ac6d6ec8
b2cc9f7170c7dea4b435276f74b35e940974262ecc2479cf121bff74aa0183e8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 23 Sep 2022 19:51:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 23 Sep 2022 14:42:54 GMT
Expires: Sat, 24 Sep 2022 14:42:54 GMT
ETag: "55937eddde1baeea69342d424d0cccf2ac6d6ec8"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

18.165.201.103

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
18.165.201.103:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 19:33:00 GMT
Expires: Fri, 23 Sep 2022 20:31:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 04bb33465149b34afca4988622dca584.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: 9tJPzanmUmAtJjD_hijjuT0EJgqrI9iSeX2z6jIECIHtQqPpQoxCQA==
Age: 1126

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5023
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:51:46 GMT
Last-Modified: Fri, 23 Sep 2022 18:28:03 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.148.77.40

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.77.40:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kU/68f2d+k83BqkzOsV3Vg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /kR6PEPxww8BTQiSfTpDIB3R3mo=

www.higginsonconsulting.ca//netfilxwebsupportteampaymentalert/account/login.php

192.124.249.175

301 Moved Permanently

115 B

URL HTTP/2
www.higginsonconsulting.ca//netfilxwebsupportteampaymentalert/account/login.php
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
115 B (115 bytes)
Hash
638064cafdb9480bf5f67e7cc087387d
5b068a6a7fab6f543ab04a8c95b3034374be2323
a534f8094c7f3dca3fe2aec3e5ced137dca89852509be71f427aaab6eb26d954

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //netfilxwebsupportteampaymentalert/account/login.php HTTP/1.1
Host: www.higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 19:51:47 GMT
content-type: text/html; charset=UTF-8
content-length: 115
location: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
x-pingback: http://higginsonconsulting.ca/xmlrpc.php
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: BYPASS
X-Firefox-Spdy: h2

higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php

192.124.249.175

404 Not Found

4.1 kB

URL HTTP/2
higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1680), with CRLF, LF line terminators
Size
4.1 kB (4058 bytes)
Hash
e0c440c9a2ed7c51d5d4ef0ea3735d34
220a528a144d00544070fe6f0c612306a0a6b5d0
6317754ac6e556c875a923ea1d20558b2246a49ebf9edbf8a608b1f168595186

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /netfilxwebsupportteampaymentalert/account/login.php HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Fri, 23 Sep 2022 19:51:47 GMT
content-type: text/html; charset=UTF-8
content-length: 4058
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
x-pingback: http://higginsonconsulting.ca/xmlrpc.php
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: BYPASS
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:51:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:51:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.2

192.124.249.175

200 OK

401 B

URL HTTP/2
higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.2
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text
Size
401 B (401 bytes)
Hash
7ba3deb835ae61e6da97133025b68864
17a0aa9845ed63af73d54b4a28b439463fe959cb
16cd5bbd2f70847bce61e2f4a65233347f0b1ee39ff1db34f18b70cac2b670ac

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:47 GMT
content-type: text/css
content-length: 401
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "10a161b-44f-5e91c9a33dec0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Patua+One&ver=3.5.2

142.250.74.10

200 OK

744 B

URL HTTP/2
fonts.googleapis.com/css?family=Patua+One&ver=3.5.2
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
744 B (744 bytes)
Hash
e62fdfe071ed8d6c273ff417677b61c0
09b0e1b18eb588254c1aacbc40cf157125e0f56a
3d2fdeb16e09293020deca1089b71167fe7c608ddf42baed266bec5c22defd48

HTTP Headers

GET /css?family=Patua+One&ver=3.5.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Sep 2022 19:51:47 GMT
date: Fri, 23 Sep 2022 19:51:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12787
Expires: Fri, 23 Sep 2022 23:24:54 GMT
Date: Fri, 23 Sep 2022 19:51:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12787
Expires: Fri, 23 Sep 2022 23:24:54 GMT
Date: Fri, 23 Sep 2022 19:51:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12786
Expires: Fri, 23 Sep 2022 23:24:54 GMT
Date: Fri, 23 Sep 2022 19:51:48 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7005 bytes)
Hash
1985a957e6bc0c15d8489fa731e7f14e
4584bff61bf4d5c9b8fd3b97c048a8e6975e4323
9f3e1fd6e18d85d4f6645d077da643a3bc2cca611d5e85f534ba798102dca243

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7005
x-amzn-requestid: c805d882-7a00-4abd-a239-d8313d7df0c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4aBwEaMIAMF09A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd6d7-6d6a417f10c9628a16d438e1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:42:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7edV0FJytVSpHH-WkCiYzhW1JP4L6i6bpPCq9MTxPdhwFQTryf06BQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:12:22 GMT
etag: "4584bff61bf4d5c9b8fd3b97c048a8e6975e4323"
content-type: image/jpeg
age: 77966
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8029 bytes)
Hash
02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5ur411n5hU7eWb68iExZCUrhpCybRyTBHCi72ra8dS2kd3UhW8sb1A==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:59:00 GMT
age: 78768
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8497 bytes)
Hash
7606ff88f05062b66970d9805f38987a
d47db5fcd83023b4a8de40a47d4510e183de387a
20f89dd859e5715e27c289040fac6a121248e5b6c06da0a7f186984ffb029eb2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8497
x-amzn-requestid: ab65ba93-aad5-4845-b471-c50c14057c47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YvqujEsIoAMF8sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632957f6-6d4635bf713fd25147948c7b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 06:04:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: SZ6p5NLxuGUoEOZujwPbDGwUO0dZgiITud8RWOaSW_VciGRgBidY2A==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 19:36:01 GMT
age: 947
etag: "d47db5fcd83023b4a8de40a47d4510e183de387a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5340 bytes)
Hash
3b318ea5c36d2b22b925f7dfe382df5f
0264e73c4cfff0bb255757c7e1c760a5ad3ece80
0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:04:45 GMT
age: 78423
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10127 bytes)
Hash
b877ead4a15221fdd278ef27f281a7ec
48c10714503e8dfdd3e3c3d39b919ef2792f0d15
f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KKYAef15NoI3It5UfVcqhPx50Fr6IK7O2VFasuAILVN9PP8CH1_7Ng==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:58:25 GMT
age: 78803
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (14579 bytes)
Hash
f10a12719b387d176497669ba75f0acc
16e42ba7b20555bf5a8615e5f4bb561204aeeb5a
0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 92Pj9IQp3mBJQOW-XuHSK8laPqXOSBOmNbYcm4hSFzc1xqYscQKxMA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:05:08 GMT
age: 78400
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/plugins/doptg/libraries/gui/css/jquery.jscrollpane.css?ver=3.5.2

192.124.249.175

200 OK

422 B

URL HTTP/2
higginsonconsulting.ca/wp-content/plugins/doptg/libraries/gui/css/jquery.jscrollpane.css?ver=3.5.2
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text
Size
422 B (422 bytes)
Hash
e1b119e06389d3a2c2e470fa9f10d738
6261229373d6c649e90987b56ac0faf976e6081d
161bc2ef93866f56924fd4800a1e868811bde8ef7db34671aa03c46438e120ff

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/doptg/libraries/gui/css/jquery.jscrollpane.css?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 422
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "33a17e3-54f-5e91c9a33dec0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/plugins/doptg/assets/gui/css/jquery.dop.ThumbnailGallery.css?ver=3.5.2

192.124.249.175

200 OK

1.3 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/plugins/doptg/assets/gui/css/jquery.dop.ThumbnailGallery.css?ver=3.5.2
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
Unicode text, UTF-8 text
Size
1.3 kB (1328 bytes)
Hash
6b2ef9292d64ad7ed4057a168eb32b42
c719bb671d73ae25bfb2454f98be9d098725c00f
1bd52da52ffc45a9107e56734e85f12b05f77d139b8e022b23541f9b2e33755f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/doptg/assets/gui/css/jquery.dop.ThumbnailGallery.css?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 1328
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "33a16cf-2631-5e91c9a33dec0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0

192.124.249.175

200 OK

200 B

URL HTTP/2
higginsonconsulting.ca/wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
200 B (200 bytes)
Hash
1a9e55da90589e2482a0a9d1b5d6058b
8e0feee1be3183ab1677b330306495e6ffbf1b5e
755f00cbe0df93719b668435b3822286655cbaaadfe814cbf58e2316922f72db

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 200
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:42 GMT
etag: "33a183e-1ee-5e91c9a61a580-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/plugins/revslider/rs-plugin/css/captions.css?ver=3.5.2

192.124.249.175

200 OK

77 B

URL HTTP/2
higginsonconsulting.ca/wp-content/plugins/revslider/rs-plugin/css/captions.css?ver=3.5.2
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
0b8a33a46142ea9451254dfd5e3cb7d8
ea1a296aa35dd1800fe1027888f5a0dad292e549
c4c4fdbc6206d4159a351c0c8fdcfbef554ba62b76fdad4e08b18ffc491843af

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/revslider/rs-plugin/css/captions.css?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 77
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:43 GMT
etag: "33a14d0-8f-5e91c9a70e7c0-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1

192.124.249.175

200 OK

450 B

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
450 B (450 bytes)
Hash
f7546c3f60f4d7ef255e966930dbfb61
4f2128689a01055aec8e5a927cd7cb7e54dbc0d1
b7ece9a0ba51414aee9826dff9b86132dc14586c2e08ab70765e53a3d5f452ab

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/rocco_bak/style.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 450
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1e26-465-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/plugins/revslider/rs-plugin/css/settings.css?ver=3.5.2

192.124.249.175

200 OK

3.5 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/plugins/revslider/rs-plugin/css/settings.css?ver=3.5.2
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text
Size
3.5 kB (3454 bytes)
Hash
76b5d64779925d43faf5f6e29f46b1e5
fb51b89b13a067f334cf7b626291aff7baabd110
fa188305e25d3a4b9f47d90d1ebdcc2c3041b830c0e1f40b9df2912ac8b12a21

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/revslider/rs-plugin/css/settings.css?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 3454
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:43 GMT
etag: "33a14d2-5015-5e91c9a70e7c0-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/css/prettyPhoto.css?ver=1.0.1

192.124.249.175

200 OK

2.6 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/prettyPhoto.css?ver=1.0.1
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (402), with CRLF line terminators
Size
2.6 kB (2579 bytes)
Hash
09299afb7472acc712a0895ab3866fb0
f314198284c50628948a46cc739009417d39a901
8c279312ca30ab35d8434407db8f7278c3c155bec18e2f9e26fbbddb279182ae

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/rocco_bak/css/prettyPhoto.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 2579
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ead-4e59-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/css/responsiveslides.css?ver=1.0.1

192.124.249.175

200 OK

179 B

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/responsiveslides.css?ver=1.0.1
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
179 B (179 bytes)
Hash
13598223f778b13c9c5a1be07376df06
6c3844d526fae634ed6b609ee70b2fd146d51436
79f5500a2003b84765c8eafb0c099700275413fb3ba83b85127f6c67870e2dd5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/rocco_bak/css/responsiveslides.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 179
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ef9-1e1-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/css/jcarousel/skin.css?ver=1.0.1

192.124.249.175

200 OK

574 B

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/jcarousel/skin.css?ver=1.0.1
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
574 B (574 bytes)
Hash
555a0feefd2980ab190a986d3b81cb5c
b8b6b5f3cb346a51aa0d82761b0ec1883fa31c48
765f7a4b5b7f44707fecd5767a2c62334ff8092a4664043ead3aafd87d3d07ff

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/rocco_bak/css/jcarousel/skin.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 574
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1eca-1246-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/css/skins/orange/images.css?ver=1.0.1

192.124.249.175

200 OK

233 B

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/skins/orange/images.css?ver=1.0.1
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
233 B (233 bytes)
Hash
59a522d8c34ca616cc6a6f6a9f07039b
d1dd1712b2b4d1ec6682470c84024b1391022943
8e20f1eeee5e27f14eacc3a85042b9e3098da8c5a5cf815a1968d8665fe70e1e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/rocco_bak/css/skins/orange/images.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 233
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ef6-312-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.all.css?ver=1.0.1

192.124.249.175

200 OK

174 B

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.all.css?ver=1.0.1
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
174 B (174 bytes)
Hash
bf09227734e54bae4ec52c933490fa36
9cbe23532de44efc5605265b3655138b6d45cfb9
9179abd78c3ca5ee91c621bb66d25576c29b213ab092d3499808bc67c84305e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/rocco_bak/css/ui/jquery.ui.all.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 174
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ec2-12f-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/css/skins/orange/style.css?ver=1.0.1

192.124.249.175

200 OK

1.5 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/skins/orange/style.css?ver=1.0.1
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
1.5 kB (1542 bytes)
Hash
d3ebfb9b45ee5c489706bf1f12172f04
123e40d50fe7566aadfd2d90445c8735a2df6b81
5c86e3d59cb5c1ee6c0c52db5a1e6bc0b4c4de2a3d046892f02693730fff0039

HTTP Headers

GET /wp-content/themes/rocco_bak/css/skins/orange/style.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 1542
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ef8-18fc-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/plugins/doptg/libraries/js/jquery.jscrollpane.min.js?ver=3.5.2

192.124.249.175

200 OK

4.6 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/plugins/doptg/libraries/js/jquery.jscrollpane.min.js?ver=3.5.2
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (4028)
Size
4.6 kB (4570 bytes)
Hash
22b2491868634101c9faf6a908946a8b
38538a47715476b8148b3acb5f9c366ff1e026be
d0d997a4d33b83f7f0b09f28be25aba2a59f6591fc2b1dbb18ae74f5aecd01fb

HTTP Headers

GET /wp-content/plugins/doptg/libraries/js/jquery.jscrollpane.min.js?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 4570
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "33a17b8-3941-5e91c9a33dec0-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.2

192.124.249.175

200 OK

2.9 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.2
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text
Size
2.9 kB (2937 bytes)
Hash
fa4542f622b5327612fcfdb953cda397
2974bebb5300f8c951a779acd2f333ff99b22b4c
dfbe7fc2531e8a18764ddb10e5f014585efc77f46bf7edb3346b93535433ee5c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 2937
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "1082055-2bc0-5e91c9a33dec0-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/plugins/doptg/libraries/js/jquery.mousewheel.js?ver=3.5.2

192.124.249.175

200 OK

846 B

URL HTTP/2
higginsonconsulting.ca/wp-content/plugins/doptg/libraries/js/jquery.mousewheel.js?ver=3.5.2
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text
Size
846 B (846 bytes)
Hash
0411153929963e608018761de02885fe
d93fc2bd35fd26e9312ecc92e743639a7f91b716
f668e8cd093d0972b9838b3be7ed6ab2f4c482f923deaef9a31047594a516375

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/doptg/libraries/js/jquery.mousewheel.js?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 846
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "33a17b9-960-5e91c9a33dec0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/css/responsive.css?ver=1.0.1

192.124.249.175

200 OK

2.7 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/responsive.css?ver=1.0.1
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
2.7 kB (2691 bytes)
Hash
d2d865b5983c7bc14ee045a32a0190ec
b9be464349f007cc6c37d6b4d3e37228113f0dc9
0efd6c483732e600aacbab1fdc3f1d47a620119d92959825d82836ebff343008

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/rocco_bak/css/responsive.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 2691
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1eab-3611-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.9.2

192.124.249.175

200 OK

2.4 kB

URL HTTP/2
higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.9.2
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (6594)
Size
2.4 kB (2399 bytes)
Hash
eed06e3a48e68678568be5b8d16034f1
5e067964acb3dbf426b2cb19365b3b9ab2e4d94c
8e86f322a4f95ee9129902f1e528d5a5972fd8f785dae30777160234fc1ddecf

HTTP Headers

GET /wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.9.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 2399
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:26:10 GMT
etag: "16022e1-1a67-5e91c9c0ce480-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20

192.124.249.175

200 OK

5.5 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (14900)
Size
5.5 kB (5544 bytes)
Hash
6743a2b6116ec15f4976377dba04f208
8965d08b35b43c793d61c52b6e5abadfb54c3e46
af8ff9d1ac6440b5a47e8de5ca1cbdd39bb24f670925592d6faec0a64f873a4e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 5544
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "1082056-3b90-5e91c9a33dec0-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/css/custom.css?ver=1.0.1

192.124.249.175

200 OK

69 B

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/custom.css?ver=1.0.1
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
69 B (69 bytes)
Hash
bbb8ce1766572603a7777b63b135c9c1
61386c3750a402eb79abab1c15edf95d439ed930
2e38bc6482e21e2a02922c3c4198e5c8c0055768c84d21b6eeff2093c7e13b8c

HTTP Headers

GET /wp-content/themes/rocco_bak/css/custom.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 69
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ed6-47-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.9.2

192.124.249.175

200 OK

1.9 kB

URL HTTP/2
higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.9.2
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (4530)
Size
1.9 kB (1906 bytes)
Hash
9921bf89de4819da583daa7afec3236d
b8cc93b18fe70781ee9661cdd02971ff2e8f4766
c152d68f4fef28952125de83e30cfdd25cbcf1a8232a553b134bf962953611d0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.9.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 1906
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:26:10 GMT
etag: "16022d8-1255-5e91c9c0ce480-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/js/sliders/responsiveslides.js?ver=1.0.1

192.124.249.175

200 OK

2.4 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/js/sliders/responsiveslides.js?ver=1.0.1
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
2.4 kB (2417 bytes)
Hash
cc970b337a5b20fbcc669bd92c2cf632
76f58c3ff40d947069792fd2029a1ac8cbaf35e8
bcefac70c3ea822ae6b120c41dc0f6bc51a70695d507dd6febe8394130dd3167

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/rocco_bak/js/sliders/responsiveslides.js?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 2417
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ded-2570-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.sortable.min.js?ver=1.9.2

192.124.249.175

200 OK

5.8 kB

URL HTTP/2
higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.sortable.min.js?ver=1.9.2
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (23415)
Size
5.8 kB (5763 bytes)
Hash
6f578f5f7fbd1cf3f547afa0f84d9d0e
de23ecea695ee1999b5c65c5a9036b46cfcdfffa
3edcf19bbb182574229be7be197abfc9be3b580efeb99b75cb2d0102d56b13b1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/ui/jquery.ui.sortable.min.js?ver=1.9.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 5763
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:26:10 GMT
etag: "16022ec-5c1e-5e91c9c0ce480-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.mouse.min.js?ver=1.9.2

192.124.249.175

200 OK

843 B

URL HTTP/2
higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.mouse.min.js?ver=1.9.2
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (2700)
Size
843 B (843 bytes)
Hash
7e0ccdcb77d2752baee9774ee1a24096
8de03b4157e25bcebe0842bd4d30c2331ee77278
dde51cffc43a973abac2c18a04b7408dbd239d3883e0535dcd135d8b19ca3af1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/ui/jquery.ui.mouse.min.js?ver=1.9.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 843
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:26:10 GMT
etag: "16022e3-b30-5e91c9c0ce480-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.tabs.min.js?ver=1.9.2

192.124.249.175

200 OK

5.2 kB

URL HTTP/2
higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.tabs.min.js?ver=1.9.2
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (18409)
Size
5.2 kB (5150 bytes)
Hash
462bd945bf9cf4fdba727de5de617afb
558ef3332f74ca7f07b36c8b6348db703de04d7c
89a9c0a6ebdefd7da0d7f522845f6f4c39fc487f26363783a4f1435a2bbdea62

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/ui/jquery.ui.tabs.min.js?ver=1.9.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 5150
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:26:10 GMT
etag: "16022d3-488c-5e91c9c0ce480-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.accordion.min.js?ver=1.9.2

192.124.249.175

200 OK

3.0 kB

URL HTTP/2
higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.accordion.min.js?ver=1.9.2
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (10286)
Size
3.0 kB (3035 bytes)
Hash
58945c8624437d9b8dfc59292bd1e788
e5db82109db2706bb578197306b31dfacd983f61
2bbfd68117fead557a9214ec351cd2666f6b27010eedcb3986459eae1a479e8f

HTTP Headers

GET /wp-includes/js/jquery/ui/jquery.ui.accordion.min.js?ver=1.9.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 3035
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:26:09 GMT
etag: "16022e8-28d6-5e91c9bfda240-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/js/jquery.plugins.js?ver=1.0.1

192.124.249.175

200 OK

12 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/js/jquery.plugins.js?ver=1.0.1
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
HTML document, Unicode text, UTF-8 text, with very long lines (21776), with CRLF line terminators
Size
12 kB (11662 bytes)
Hash
04261b037195d3d12240807615e8c408
d06c3f8582b3cdd394dd0dfaaf46cae78aedc6f5
431f1ddcb3e796b9aed24b897737eaf7c2234562ad509ae58e91b07e6f44b035

HTTP Headers

GET /wp-content/themes/rocco_bak/js/jquery.plugins.js?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 11662
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1de4-a3da-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/js/scripts.js?ver=1.0.1

192.124.249.175

200 OK

2.4 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/js/scripts.js?ver=1.0.1
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
2.4 kB (2417 bytes)
Hash
2336ede36af214a26305c8d846c25d93
e48e5196037ab576517af5b25bf8a3c90770e54b
955f1102bb4e1cad8ed5cef3f937539a48a4b959f5afb54f4f9fb9d0feb0b444

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/rocco_bak/js/scripts.js?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 2417
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1df2-2e55-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/js/mfn.menu.js?ver=1.0.1

192.124.249.175

200 OK

663 B

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/js/mfn.menu.js?ver=1.0.1
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
663 B (663 bytes)
Hash
37fb84f08067fb24c56500560e55df43
3687ac84a40fd67efdf723e3dcaf86eacc2fed98
a6717e8452369f21fb47b0ab079f15911a39d671de89ed35edc736081bbea9eb

HTTP Headers

GET /wp-content/themes/rocco_bak/js/mfn.menu.js?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 663
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1df0-78e-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/js/sliders/jquery.jcarousel.min.js?ver=1.0.1

192.124.249.175

200 OK

4.3 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/js/sliders/jquery.jcarousel.min.js?ver=1.0.1
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (15184), with CRLF line terminators
Size
4.3 kB (4292 bytes)
Hash
b9a51e069208c94989ab81ff56505bd4
0597022af7fcc219e266dc83e063a489bc878b75
8e8fc9842982c3f3c20ba03a4d7003b6215104064e3fd3409793399b46d77d48

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/rocco_bak/js/sliders/jquery.jcarousel.min.js?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 4292
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1def-3d32-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/uploads/2014/05/Higginson-Consulting-Ltd-Structural-Civil-e1400647779351.jpg

192.124.249.175

200 OK

12 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/uploads/2014/05/Higginson-Consulting-Ltd-Structural-Civil-e1400647779351.jpg
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x82, components 3\012- data
Size
12 kB (12237 bytes)
Hash
e0bcd55dfd409f781264b22921d7bd3f
c9846d696c332a86caae265f6def6eaab7002dc1
5233c7d0471f9d9f441d19101f33e6798aa613ca5bd1feb60f93537af2523e8f

HTTP Headers

GET /wp-content/uploads/2014/05/Higginson-Consulting-Ltd-Structural-Civil-e1400647779351.jpg HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: image/jpeg
content-length: 12237
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:53 GMT
etag: "2101723-2fcd-5e91c9b097e40"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/css/base.css

192.124.249.175

200 OK

1.8 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/base.css
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (483), with CRLF line terminators
Size
1.8 kB (1752 bytes)
Hash
44195593b80fc7d7e6c15afa93b5c23c
6e38ec17cc2cb8499e8bc568b8231b8b8b1fafef
d1e00a3cb2433acc3236fe4b237606e35df6de8e06c412e845edb9b34962e937

HTTP Headers

GET /wp-content/themes/rocco_bak/css/base.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 1752
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ed4-18dc-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=3.5.2

192.124.249.175

200 OK

18 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=3.5.2
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
Unicode text, UTF-8 text, with very long lines (63134)
Size
18 kB (18199 bytes)
Hash
0a4e2e312203185d3467863bbaeb2f50
d6d64d4047c763dbfc499fc8c8e27c43d60050b1
0c09b05432d919c02135ed3c78f0e1a32ed941659cb8131424adaf02707143be

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 18199
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:43 GMT
etag: "33a1494-14750-5e91c9a70e7c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-includes/js/jquery/jquery.js?ver=1.8.3

192.124.249.175

200 OK

32 kB

URL HTTP/2
higginsonconsulting.ca/wp-includes/js/jquery/jquery.js?ver=1.8.3
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (65483)
Size
32 kB (32380 bytes)
Hash
835ef7a3949c85489ee516fe0efa7184
8915c9f070078522709b8c2c2261d993712da213
f9bcc8788bc3201fe5da1353f7349271ff40d25d7d6b0e6313d84eb2f1e65b08

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.js?ver=1.8.3 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 32380
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:26:10 GMT
etag: "15e2b10-16dda-5e91c9c0ce480-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/css/buttons.css

192.124.249.175

200 OK

296 B

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/buttons.css
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
296 B (296 bytes)
Hash
bceb23ff7b1c614fe36da80ae821ba03
e71450f5d54abd1da9fe39c0f278f6da9bb5a1e5
556a26e3cd1d64ba0abd72f2a8f6d75d4a6bcdd06e80d8ded86bfde79995dae5

HTTP Headers

GET /wp-content/themes/rocco_bak/css/buttons.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 296
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ed5-5e8-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/plugins/doptg/assets/js/jquery.dop.ThumbnailGallery.js?ver=3.5.2

192.124.249.175

200 OK

19 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/plugins/doptg/assets/js/jquery.dop.ThumbnailGallery.js?ver=3.5.2
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
Unicode text, UTF-8 text
Size
19 kB (19315 bytes)
Hash
a7740212ae2560b2e8449596abb8a892
47d6767b4d83a90d4cbf3af8f52e63ec40a95923
2330ed7e0f1796e5fabe3c04d3a5349d7e069c2299ac4dbbf6af026bc93e5901

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/doptg/assets/js/jquery.dop.ThumbnailGallery.js?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 19315
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "33a16aa-3bd1d-5e91c9a33dec0-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/css/layout.css

192.124.249.175

200 OK

4.9 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/layout.css
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (322), with CRLF line terminators
Size
4.9 kB (4865 bytes)
Hash
d754ce32ce6b77b92cf6a589a128b8ed
2562b51cb2e0dc316482e9d16864118d6287eb12
d03121b02653b2cfdd4e31cb040c812479f7b0f0788cdb7998358cae28b789de

HTTP Headers

GET /wp-content/themes/rocco_bak/css/layout.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 4865
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1efa-6487-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/css/variables.css

192.124.249.175

200 OK

993 B

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/variables.css
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
993 B (993 bytes)
Hash
c5a38add175e1432bd83e3d4250426a6
4666fae46a3f1cb6399fd1a22d3c227f68f39c91
af7b605a2e70ad861b8139b35fa765473350f86e4040bc4267511d76031f2a2c

HTTP Headers

GET /wp-content/themes/rocco_bak/css/variables.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 993
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ed3-d29-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/css/animations.css

192.124.249.175

200 OK

451 B

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/animations.css
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
451 B (451 bytes)
Hash
24c512bcef02a5d35864309bb576d4af
226801ff841b0dc7ff63d76112dd643917ed824a
0ca3c68a095b120e3d77ffcacbfcbdfd72bb6f6e2ac8631a8d6f265db99ba261

HTTP Headers

GET /wp-content/themes/rocco_bak/css/animations.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 451
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1efb-d49-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/css/shortcodes.css

192.124.249.175

200 OK

4.4 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/shortcodes.css
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (374), with CRLF line terminators
Size
4.4 kB (4449 bytes)
Hash
3162fa9b023969890daae49c9939ea82
1aac64dfea97b575eaa62edf8bc94e7b64e9cf4c
3e362c76566e2462d22dcfb1b93cb40685870c1f4be07942aadc9587903e0d2a

HTTP Headers

GET /wp-content/themes/rocco_bak/css/shortcodes.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 4449
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ec7-616b-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/style.php?ver=1.0.1

192.124.249.175

200 OK

435 B

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/style.php?ver=1.0.1
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF, LF line terminators
Size
435 B (435 bytes)
Hash
3004372ccabdaa97c781c2ae0d088ebe
79b55a27197d9407513072b224aaecabcfe756d4
a78e20253a0b11a9406c26aceb6d0665daf087c2026402efbd04c49afc64d323

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/rocco_bak/style.php?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css;;charset=UTF-8
content-length: 435
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:51:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://higginsonconsulting.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 08:31:01 GMT
expires: Wed, 20 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 300047
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:51:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

higginsonconsulting.ca/wp-content/themes/rocco_bak/css/fonts.css

192.124.249.175

200 OK

74 B

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/fonts.css
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
74 B (74 bytes)
Hash
1673be58e25f55a64019ccc58d17cd83
ffcdce3a2ea5260ac83b7b854370a57e38645620
76550bdc643c361f88456b4bfbb3c0b004aafe432b8fe0b11efdc823fb605584

HTTP Headers

GET /wp-content/themes/rocco_bak/css/fonts.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 74
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ed1-68-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.theme.css

192.124.249.175

200 OK

2.5 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.theme.css
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (551), with CRLF line terminators
Size
2.5 kB (2500 bytes)
Hash
e57c78e0db86b9c8746686405afd32be
99f8acb007e6b005db65cbb8062fe58389856ffd
1d60a0422bf23ed0c5ff2864351d7c34c634d33170d18efa57bdc8198edec3c7

HTTP Headers

GET /wp-content/themes/rocco_bak/css/ui/jquery.ui.theme.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.all.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 2500
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ec4-4558-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.base.css

192.124.249.175

200 OK

59 B

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.base.css
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
59 B (59 bytes)
Hash
95d9b175d68f759b284287f8d423445e
c0ed993b74c6edb3b84e33d6d6280e699b7ade74
1070d5e76acdddb578ac78f78fc1307ad56854540eb666c2ad63df31708e8432

HTTP Headers

GET /wp-content/themes/rocco_bak/css/ui/jquery.ui.base.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.all.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 59
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ec3-6f-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/socialico.css

192.124.249.175

200 OK

280 B

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/socialico.css
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
280 B (280 bytes)
Hash
8e5cda2e5bf597df40a70ba5d88b6f41
40cd25374a03ddb297556d2341bcc8042bdfe839
031cf9a5dc3051f3612bd5f2e1a9e8256868e0cb890c726d8d482c98fb8a960d

HTTP Headers

GET /wp-content/themes/rocco_bak/fonts/socialico.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/css/fonts.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:49 GMT
content-type: text/css
content-length: 280
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1e17-25b-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/fontawesome.css

192.124.249.175

200 OK

5.1 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/fontawesome.css
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
5.1 kB (5058 bytes)
Hash
ce027665d8cc392b68e150f2236b77a3
2f8eb2b114736504bcf591b3e91abaa0a1504dce
346ff2d5e383af296f4187cad6ad0795e05945506f1bf5b7847a9a38752e9fe0

HTTP Headers

GET /wp-content/themes/rocco_bak/fonts/fontawesome.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/css/fonts.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:49 GMT
content-type: text/css
content-length: 5058
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1e11-700a-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.core.css

192.124.249.175

200 OK

514 B

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.core.css
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
514 B (514 bytes)
Hash
7b1cdf0501848a4cde4f1ab7c711c411
5c7b84ab713dcd80d665e8826717725cfb06ab22
98055596fffc8ffd35e43f14d9a23dea220d395a07c6612895092eeb16371404

HTTP Headers

GET /wp-content/themes/rocco_bak/css/ui/jquery.ui.core.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:49 GMT
content-type: text/css
content-length: 514
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ec5-54c-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.accordion.css

192.124.249.175

200 OK

534 B

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.accordion.css
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
534 B (534 bytes)
Hash
8df64f1a3321e8cbfbf0a3face05f861
270eda94e12ab37f9e9628634ab7f403dbc17d4b
40fb67b1a45c4113fec9b21b3e7f5ab8629f2827f06a6c9149968a57b7f1be9b

HTTP Headers

GET /wp-content/themes/rocco_bak/css/ui/jquery.ui.accordion.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:49 GMT
content-type: text/css
content-length: 534
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ec0-6db-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.tabs.css

192.124.249.175

200 OK

454 B

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.tabs.css
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
454 B (454 bytes)
Hash
62ac12ed7068722ea5bd665316fe6897
c88f32fb666b51ba79e7f1c430666ab11e27b89c
c38ad616141f71d0d2bb7c9f6f3ae6438fdaadcecf0ecf99ae09ad32b4b05348

HTTP Headers

GET /wp-content/themes/rocco_bak/css/ui/jquery.ui.tabs.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:49 GMT
content-type: text/css
content-length: 454
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ec6-5ac-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

142.250.74.163

200 OK

18 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17820, version 1.0\012- data
Size
18 kB (17820 bytes)
Hash
3d5107abaf7bf4df5478bd04625c0929
b04d394caabf6ea3e500b74781dc2bfd54f3c18d
9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31

HTTP Headers

GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://higginsonconsulting.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 19:07:15 GMT
expires: Tue, 19 Sep 2023 19:07:15 GMT
cache-control: public, max-age=31536000
age: 348274
last-modified: Mon, 15 Aug 2022 18:13:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/plugins/recent-tweets-widget/assets/tweet.png

192.124.249.175

200 OK

1.3 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/plugins/recent-tweets-widget/assets/tweet.png
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 24 x 18, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1316 bytes)
Hash
5131e10e2f4a1401999782c93d2fe338
debcd9c415053681c744e987a9616a489f4a7f75
a2062bdf8870d01bdef61bbf7cd4581a9845c0ca97e2cf4afc06b498c3c62c32

HTTP Headers

GET /wp-content/plugins/recent-tweets-widget/assets/tweet.png HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:49 GMT
content-type: image/png
content-length: 1316
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:42 GMT
etag: "33a183a-524-5e91c9a61a580"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/socialico-webfont.woff

192.124.249.175

200 OK

21 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/socialico-webfont.woff
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
Web Open Font Format, TrueType, length 21152, version 1.0\012- data
Size
21 kB (21152 bytes)
Hash
7d981a73f596299e73019e42361f4cec
3bc26443c5f17ed229e9ee16f074ca3f4d2e6bf3
5499c273b501aedecb05a514aea7783a88be973f8a6854e4228f80bb21abf84f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/rocco_bak/fonts/socialico-webfont.woff HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/socialico.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:49 GMT
content-type: font/woff
content-length: 21152
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1e15-52a0-5e91c9abd3300"
accept-ranges: bytes
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/fontawesome-webfont.woff?v=3.2.1

192.124.249.175

200 OK

44 kB

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/fontawesome-webfont.woff?v=3.2.1
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
Web Open Font Format, TrueType, length 43572, version 1.0\012- data
Size
44 kB (43572 bytes)
Hash
b683029bafe0305ac2234038a03e1541
12f8c193902e99348493ace32e498031bf79b654
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/rocco_bak/fonts/fontawesome-webfont.woff?v=3.2.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/fontawesome.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:49 GMT
content-type: font/woff
content-length: 43572
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1e1b-aa34-5e91c9abd3300"
accept-ranges: bytes
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:51:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ssl.google-analytics.com/ga.js

142.250.74.104

200 OK

17 kB

URL HTTP/2
ssl.google-analytics.com/ga.js
IP
142.250.74.104:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1305)
Size
17 kB (17168 bytes)
Hash
01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

HTTP Headers

GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Fri, 23 Sep 2022 18:17:11 GMT
expires: Fri, 23 Sep 2022 20:17:11 GMT
cache-control: public, max-age=7200
age: 5678
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:51:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=457192136&utmhn=higginsonconsulting.ca&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Page%20Not%20Found%20-%20Higginson%20Consulting%20Ltd.Higginson%20Consulting%20Ltd.&utmhid=334369099&utmr=-&utmp=%2Fnetfilxwebsupportteampaymentalert%2Faccount%2Flogin.php&utmht=1663962708865&utmac=UA-38159246-1&utmcc=__utma%3D22406946.23362400.1663962709.1663962709.1663962709.1%3B%2B__utmz%3D22406946.1663962709.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=80533762&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

142.250.74.104

200 OK

35 B

URL HTTP/2
ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=457192136&utmhn=higginsonconsulting.ca&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Page%20Not%20Found%20-%20Higginson%20Consulting%20Ltd.Higginson%20Consulting%20Ltd.&utmhid=334369099&utmr=-&utmp=%2Fnetfilxwebsupportteampaymentalert%2Faccount%2Flogin.php&utmht=1663962708865&utmac=UA-38159246-1&utmcc=__utma%3D22406946.23362400.1663962709.1663962709.1663962709.1%3B%2B__utmz%3D22406946.1663962709.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=80533762&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP
142.250.74.104:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=457192136&utmhn=higginsonconsulting.ca&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Page%20Not%20Found%20-%20Higginson%20Consulting%20Ltd.Higginson%20Consulting%20Ltd.&utmhid=334369099&utmr=-&utmp=%2Fnetfilxwebsupportteampaymentalert%2Faccount%2Flogin.php&utmht=1663962708865&utmac=UA-38159246-1&utmcc=__utma%3D22406946.23362400.1663962709.1663962709.1663962709.1%3B%2B__utmz%3D22406946.1663962709.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=80533762&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
date: Fri, 23 Sep 2022 19:51:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/uploads/2013/09/favicon.ico

192.124.249.175

200 OK

613 B

URL HTTP/2
higginsonconsulting.ca/wp-content/uploads/2013/09/favicon.ico
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
613 B (613 bytes)
Hash
fab484210178c71ddd0675e78f7364d8
8f1b643f4d83268f15ded454a2e35bb97d9347fa
194d3e4b0fe6a26263d119f9e715982b15c10c71c84c8bc33d265f2e5a3d24a6

HTTP Headers

GET /wp-content/uploads/2013/09/favicon.ico HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:50 GMT
content-type: image/x-icon
content-length: 613
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:51 GMT
etag: "19e2f67-47e-5e91c9aeaf9c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

blackname.biz/?pu=mjqtknzqmi5ha3ddf42tsnbu

3.64.163.50

200 OK

0 B

URL HTTP/2
blackname.biz/?pu=mjqtknzqmi5ha3ddf42tsnbu
IP
3.64.163.50:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?pu=mjqtknzqmi5ha3ddf42tsnbu HTTP/1.1
Host: blackname.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty
date: Fri, 23 Sep 2022 19:51:47 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
etag: W/"19689b49e937c87a57ed4d961164d3cf"
cache-control: max-age=0, private, must-revalidate
set-cookie: bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=CfPXI0gQ3NEEOXoi5Gp5%2FalnyAihFsEWmsRKsU5vtRoqou2ASMY0pTIDXPfA%2FWEcjY7S2dVMWTW8LgdsQ6AQJJDz21AVkixh6hmFt3XSWiHgZCIIJWpPyGAJOIoaVNyU2%2FYDBf4QDIGN8qmFiauqJQ9VjOvmDQJ0r3%2BZTj4849cfI%2FafgXfhNU4sMzilNoeqHoAcZhAuG18MRpWYtm68QtJT0CT7%2FU7gufY4VrpmoOjAsmgRIw8rDMam3J5EV3KJxXXDwws5r%2BPBcYxLgUlJVDnLVrEECbD5V3b0EVHOLCLrJYU1j0WqJMWN5u91V0rv9IWSBDm1J54otWON77opTbw4m8h0%2BGOnmW%2FW6BsM55TrTi%2F1DPDQuXJ1mYMQPIOMsaZn%2BIzY6DSk6LaRAgpSy5wRNb8ZSP0g9Yb9UChAjBaUojWnXMgu3dczi0yzbuC1ruyDQvRNrFSommPpBi2YHQ%3D%3D--UpWp5liNVv0YLOlO--iHwCs4AFFDPi%2F4ESPAdgLg%3D%3D; path=/; secure; HttpOnly
x-request-id: b5149ee9-a42d-47b0-98f8-3a1c22d5023b
x-runtime: 0.081487
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C400italic%2C700&ver=3.5.2

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C400italic%2C700&ver=3.5.2
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans%3A300%2C400%2C400italic%2C700&ver=3.5.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Sep 2022 19:51:47 GMT
date: Fri, 23 Sep 2022 19:51:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

higginsonconsulting.ca/wp-content/themes/rocco_bak/css/grid.css

192.124.249.175

200 OK

0 B

URL HTTP/2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/grid.css
IP
192.124.249.175:0
ASN
#30148 SUCURI-SEC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/rocco_bak/css/grid.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 745
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ed0-a31-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP