firefox.settings.services.mozilla.com/v1/
18.165.201.103200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.165.201.103:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 19:05:14 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 507372273c5029d1ae2439349f7f1458.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: yxx0RMebzdF1t2YYeELfVFPucup2Bnz6pSuDR-yT6xYzXQYIkmMK9w==
Age: 2791
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16303
Expires: Sat, 24 Sep 2022 00:23:28 GMT
Date: Fri, 23 Sep 2022 19:51:45 GMT
Connection: keep-alive
higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
192.124.249.175302 Found 271 B URL HTTP/1.1 higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
IP 192.124.249.175:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 855bbca0a6b1a72a044894f84fc6e173
a6e4a21f32cdba6f6f430d6c10cdf6f6bacda6c9
790f24dca58a4eff9a93a3f5e1e3a6d5fb480b289a80bdc229bb4b4c5a9f7ddc
Analyzer Verdict Alert fortinet Phishing
GET /netfilxwebsupportteampaymentalert/account/login.php HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: Sucuri/Cloudproxy
Date: Fri, 23 Sep 2022 19:51:46 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 271
Connection: keep-alive
X-Sucuri-ID: 19025
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Location: https://www.higginsonconsulting.ca//netfilxwebsupportteampaymentalert/account/login.php
X-Sucuri-Cache: BYPASS
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
108.156.28.51200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 108.156.28.51:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:13:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 728b6476f3e2317ec8044d22806d4f94.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: HAjOnifZgKcucl0rHk3qMybqT2SzKgZnZrXJR6-3m1b1vp8w1d_7dw==
age: 56323
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 65ec4bd4c3d6b99a4e619c890d649bb7
55937eddde1baeea69342d424d0cccf2ac6d6ec8
b2cc9f7170c7dea4b435276f74b35e940974262ecc2479cf121bff74aa0183e8
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 23 Sep 2022 19:51:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 23 Sep 2022 14:42:54 GMT
Expires: Sat, 24 Sep 2022 14:42:54 GMT
ETag: "55937eddde1baeea69342d424d0cccf2ac6d6ec8"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.165.201.103200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.165.201.103:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 19:33:00 GMT
Expires: Fri, 23 Sep 2022 20:31:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 04bb33465149b34afca4988622dca584.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: 9tJPzanmUmAtJjD_hijjuT0EJgqrI9iSeX2z6jIECIHtQqPpQoxCQA==
Age: 1126
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5023
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:51:46 GMT
Last-Modified: Fri, 23 Sep 2022 18:28:03 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.77.40101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.77.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kU/68f2d+k83BqkzOsV3Vg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /kR6PEPxww8BTQiSfTpDIB3R3mo=
www.higginsonconsulting.ca//netfilxwebsupportteampaymentalert/account/login.php
192.124.249.175301 Moved Permanently 115 B URL HTTP/2 www.higginsonconsulting.ca//netfilxwebsupportteampaymentalert/account/login.php
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 638064cafdb9480bf5f67e7cc087387d
5b068a6a7fab6f543ab04a8c95b3034374be2323
a534f8094c7f3dca3fe2aec3e5ced137dca89852509be71f427aaab6eb26d954
Analyzer Verdict Alert fortinet Phishing
GET //netfilxwebsupportteampaymentalert/account/login.php HTTP/1.1
Host: www.higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 19:51:47 GMT
content-type: text/html; charset=UTF-8
content-length: 115
location: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
x-pingback: http://higginsonconsulting.ca/xmlrpc.php
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: BYPASS
X-Firefox-Spdy: h2
higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
192.124.249.175404 Not Found 4.1 kB URL HTTP/2 higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
IP 192.124.249.175:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1680), with CRLF, LF line terminators
Hash e0c440c9a2ed7c51d5d4ef0ea3735d34
220a528a144d00544070fe6f0c612306a0a6b5d0
6317754ac6e556c875a923ea1d20558b2246a49ebf9edbf8a608b1f168595186
Analyzer Verdict Alert fortinet Phishing
GET /netfilxwebsupportteampaymentalert/account/login.php HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Fri, 23 Sep 2022 19:51:47 GMT
content-type: text/html; charset=UTF-8
content-length: 4058
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
x-pingback: http://higginsonconsulting.ca/xmlrpc.php
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: BYPASS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:51:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:51:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.2
192.124.249.175200 OK 401 B URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.2
IP 192.124.249.175:0
Hash 7ba3deb835ae61e6da97133025b68864
17a0aa9845ed63af73d54b4a28b439463fe959cb
16cd5bbd2f70847bce61e2f4a65233347f0b1ee39ff1db34f18b70cac2b670ac
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:47 GMT
content-type: text/css
content-length: 401
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "10a161b-44f-5e91c9a33dec0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Patua+One&ver=3.5.2
142.250.74.10200 OK 744 B URL HTTP/2 fonts.googleapis.com/css?family=Patua+One&ver=3.5.2
IP 142.250.74.10:0
Hash e62fdfe071ed8d6c273ff417677b61c0
09b0e1b18eb588254c1aacbc40cf157125e0f56a
3d2fdeb16e09293020deca1089b71167fe7c608ddf42baed266bec5c22defd48
GET /css?family=Patua+One&ver=3.5.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Sep 2022 19:51:47 GMT
date: Fri, 23 Sep 2022 19:51:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12787
Expires: Fri, 23 Sep 2022 23:24:54 GMT
Date: Fri, 23 Sep 2022 19:51:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12787
Expires: Fri, 23 Sep 2022 23:24:54 GMT
Date: Fri, 23 Sep 2022 19:51:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12786
Expires: Fri, 23 Sep 2022 23:24:54 GMT
Date: Fri, 23 Sep 2022 19:51:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1985a957e6bc0c15d8489fa731e7f14e
4584bff61bf4d5c9b8fd3b97c048a8e6975e4323
9f3e1fd6e18d85d4f6645d077da643a3bc2cca611d5e85f534ba798102dca243
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7005
x-amzn-requestid: c805d882-7a00-4abd-a239-d8313d7df0c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4aBwEaMIAMF09A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd6d7-6d6a417f10c9628a16d438e1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:42:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7edV0FJytVSpHH-WkCiYzhW1JP4L6i6bpPCq9MTxPdhwFQTryf06BQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:12:22 GMT
etag: "4584bff61bf4d5c9b8fd3b97c048a8e6975e4323"
content-type: image/jpeg
age: 77966
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5ur411n5hU7eWb68iExZCUrhpCybRyTBHCi72ra8dS2kd3UhW8sb1A==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:59:00 GMT
age: 78768
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7606ff88f05062b66970d9805f38987a
d47db5fcd83023b4a8de40a47d4510e183de387a
20f89dd859e5715e27c289040fac6a121248e5b6c06da0a7f186984ffb029eb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8497
x-amzn-requestid: ab65ba93-aad5-4845-b471-c50c14057c47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YvqujEsIoAMF8sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632957f6-6d4635bf713fd25147948c7b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 06:04:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: SZ6p5NLxuGUoEOZujwPbDGwUO0dZgiITud8RWOaSW_VciGRgBidY2A==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 19:36:01 GMT
age: 947
etag: "d47db5fcd83023b4a8de40a47d4510e183de387a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b318ea5c36d2b22b925f7dfe382df5f
0264e73c4cfff0bb255757c7e1c760a5ad3ece80
0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:04:45 GMT
age: 78423
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b877ead4a15221fdd278ef27f281a7ec
48c10714503e8dfdd3e3c3d39b919ef2792f0d15
f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KKYAef15NoI3It5UfVcqhPx50Fr6IK7O2VFasuAILVN9PP8CH1_7Ng==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:58:25 GMT
age: 78803
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f10a12719b387d176497669ba75f0acc
16e42ba7b20555bf5a8615e5f4bb561204aeeb5a
0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 92Pj9IQp3mBJQOW-XuHSK8laPqXOSBOmNbYcm4hSFzc1xqYscQKxMA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:05:08 GMT
age: 78400
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/plugins/doptg/libraries/gui/css/jquery.jscrollpane.css?ver=3.5.2
192.124.249.175200 OK 422 B URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/doptg/libraries/gui/css/jquery.jscrollpane.css?ver=3.5.2
IP 192.124.249.175:0
Hash e1b119e06389d3a2c2e470fa9f10d738
6261229373d6c649e90987b56ac0faf976e6081d
161bc2ef93866f56924fd4800a1e868811bde8ef7db34671aa03c46438e120ff
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/doptg/libraries/gui/css/jquery.jscrollpane.css?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 422
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "33a17e3-54f-5e91c9a33dec0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/plugins/doptg/assets/gui/css/jquery.dop.ThumbnailGallery.css?ver=3.5.2
192.124.249.175200 OK 1.3 kB URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/doptg/assets/gui/css/jquery.dop.ThumbnailGallery.css?ver=3.5.2
IP 192.124.249.175:0
Hash 6b2ef9292d64ad7ed4057a168eb32b42
c719bb671d73ae25bfb2454f98be9d098725c00f
1bd52da52ffc45a9107e56734e85f12b05f77d139b8e022b23541f9b2e33755f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/doptg/assets/gui/css/jquery.dop.ThumbnailGallery.css?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 1328
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "33a16cf-2631-5e91c9a33dec0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0
192.124.249.175200 OK 200 B URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 1a9e55da90589e2482a0a9d1b5d6058b
8e0feee1be3183ab1677b330306495e6ffbf1b5e
755f00cbe0df93719b668435b3822286655cbaaadfe814cbf58e2316922f72db
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 200
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:42 GMT
etag: "33a183e-1ee-5e91c9a61a580-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/plugins/revslider/rs-plugin/css/captions.css?ver=3.5.2
192.124.249.175200 OK 77 B URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/revslider/rs-plugin/css/captions.css?ver=3.5.2
IP 192.124.249.175:0
File type ASCII text, with no line terminators
Hash 0b8a33a46142ea9451254dfd5e3cb7d8
ea1a296aa35dd1800fe1027888f5a0dad292e549
c4c4fdbc6206d4159a351c0c8fdcfbef554ba62b76fdad4e08b18ffc491843af
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/rs-plugin/css/captions.css?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 77
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:43 GMT
etag: "33a14d0-8f-5e91c9a70e7c0-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
192.124.249.175200 OK 450 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash f7546c3f60f4d7ef255e966930dbfb61
4f2128689a01055aec8e5a927cd7cb7e54dbc0d1
b7ece9a0ba51414aee9826dff9b86132dc14586c2e08ab70765e53a3d5f452ab
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/style.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 450
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1e26-465-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/plugins/revslider/rs-plugin/css/settings.css?ver=3.5.2
192.124.249.175200 OK 3.5 kB URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/revslider/rs-plugin/css/settings.css?ver=3.5.2
IP 192.124.249.175:0
Hash 76b5d64779925d43faf5f6e29f46b1e5
fb51b89b13a067f334cf7b626291aff7baabd110
fa188305e25d3a4b9f47d90d1ebdcc2c3041b830c0e1f40b9df2912ac8b12a21
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/rs-plugin/css/settings.css?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 3454
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:43 GMT
etag: "33a14d2-5015-5e91c9a70e7c0-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/prettyPhoto.css?ver=1.0.1
192.124.249.175200 OK 2.6 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/prettyPhoto.css?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with very long lines (402), with CRLF line terminators
Hash 09299afb7472acc712a0895ab3866fb0
f314198284c50628948a46cc739009417d39a901
8c279312ca30ab35d8434407db8f7278c3c155bec18e2f9e26fbbddb279182ae
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/css/prettyPhoto.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 2579
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ead-4e59-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/responsiveslides.css?ver=1.0.1
192.124.249.175200 OK 179 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/responsiveslides.css?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 13598223f778b13c9c5a1be07376df06
6c3844d526fae634ed6b609ee70b2fd146d51436
79f5500a2003b84765c8eafb0c099700275413fb3ba83b85127f6c67870e2dd5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/css/responsiveslides.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 179
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ef9-1e1-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/jcarousel/skin.css?ver=1.0.1
192.124.249.175200 OK 574 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/jcarousel/skin.css?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 555a0feefd2980ab190a986d3b81cb5c
b8b6b5f3cb346a51aa0d82761b0ec1883fa31c48
765f7a4b5b7f44707fecd5767a2c62334ff8092a4664043ead3aafd87d3d07ff
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/css/jcarousel/skin.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 574
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1eca-1246-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/skins/orange/images.css?ver=1.0.1
192.124.249.175200 OK 233 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/skins/orange/images.css?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 59a522d8c34ca616cc6a6f6a9f07039b
d1dd1712b2b4d1ec6682470c84024b1391022943
8e20f1eeee5e27f14eacc3a85042b9e3098da8c5a5cf815a1968d8665fe70e1e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/css/skins/orange/images.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 233
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ef6-312-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.all.css?ver=1.0.1
192.124.249.175200 OK 174 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.all.css?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash bf09227734e54bae4ec52c933490fa36
9cbe23532de44efc5605265b3655138b6d45cfb9
9179abd78c3ca5ee91c621bb66d25576c29b213ab092d3499808bc67c84305e0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/css/ui/jquery.ui.all.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 174
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ec2-12f-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/skins/orange/style.css?ver=1.0.1
192.124.249.175200 OK 1.5 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/skins/orange/style.css?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash d3ebfb9b45ee5c489706bf1f12172f04
123e40d50fe7566aadfd2d90445c8735a2df6b81
5c86e3d59cb5c1ee6c0c52db5a1e6bc0b4c4de2a3d046892f02693730fff0039
GET /wp-content/themes/rocco_bak/css/skins/orange/style.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 1542
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ef8-18fc-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/plugins/doptg/libraries/js/jquery.jscrollpane.min.js?ver=3.5.2
192.124.249.175200 OK 4.6 kB URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/doptg/libraries/js/jquery.jscrollpane.min.js?ver=3.5.2
IP 192.124.249.175:0
File type ASCII text, with very long lines (4028)
Hash 22b2491868634101c9faf6a908946a8b
38538a47715476b8148b3acb5f9c366ff1e026be
d0d997a4d33b83f7f0b09f28be25aba2a59f6591fc2b1dbb18ae74f5aecd01fb
GET /wp-content/plugins/doptg/libraries/js/jquery.jscrollpane.min.js?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 4570
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "33a17b8-3941-5e91c9a33dec0-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.2
192.124.249.175200 OK 2.9 kB URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.2
IP 192.124.249.175:0
Hash fa4542f622b5327612fcfdb953cda397
2974bebb5300f8c951a779acd2f333ff99b22b4c
dfbe7fc2531e8a18764ddb10e5f014585efc77f46bf7edb3346b93535433ee5c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 2937
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "1082055-2bc0-5e91c9a33dec0-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/plugins/doptg/libraries/js/jquery.mousewheel.js?ver=3.5.2
192.124.249.175200 OK 846 B URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/doptg/libraries/js/jquery.mousewheel.js?ver=3.5.2
IP 192.124.249.175:0
Hash 0411153929963e608018761de02885fe
d93fc2bd35fd26e9312ecc92e743639a7f91b716
f668e8cd093d0972b9838b3be7ed6ab2f4c482f923deaef9a31047594a516375
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/doptg/libraries/js/jquery.mousewheel.js?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 846
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "33a17b9-960-5e91c9a33dec0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/responsive.css?ver=1.0.1
192.124.249.175200 OK 2.7 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/responsive.css?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash d2d865b5983c7bc14ee045a32a0190ec
b9be464349f007cc6c37d6b4d3e37228113f0dc9
0efd6c483732e600aacbab1fdc3f1d47a620119d92959825d82836ebff343008
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/css/responsive.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 2691
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1eab-3611-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.9.2
192.124.249.175200 OK 2.4 kB URL HTTP/2 higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.9.2
IP 192.124.249.175:0
File type ASCII text, with very long lines (6594)
Hash eed06e3a48e68678568be5b8d16034f1
5e067964acb3dbf426b2cb19365b3b9ab2e4d94c
8e86f322a4f95ee9129902f1e528d5a5972fd8f785dae30777160234fc1ddecf
GET /wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.9.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 2399
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:26:10 GMT
etag: "16022e1-1a67-5e91c9c0ce480-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
192.124.249.175200 OK 5.5 kB URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
IP 192.124.249.175:0
File type ASCII text, with very long lines (14900)
Hash 6743a2b6116ec15f4976377dba04f208
8965d08b35b43c793d61c52b6e5abadfb54c3e46
af8ff9d1ac6440b5a47e8de5ca1cbdd39bb24f670925592d6faec0a64f873a4e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 5544
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "1082056-3b90-5e91c9a33dec0-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/custom.css?ver=1.0.1
192.124.249.175200 OK 69 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/custom.css?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash bbb8ce1766572603a7777b63b135c9c1
61386c3750a402eb79abab1c15edf95d439ed930
2e38bc6482e21e2a02922c3c4198e5c8c0055768c84d21b6eeff2093c7e13b8c
GET /wp-content/themes/rocco_bak/css/custom.css?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 69
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ed6-47-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.9.2
192.124.249.175200 OK 1.9 kB URL HTTP/2 higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.9.2
IP 192.124.249.175:0
File type ASCII text, with very long lines (4530)
Hash 9921bf89de4819da583daa7afec3236d
b8cc93b18fe70781ee9661cdd02971ff2e8f4766
c152d68f4fef28952125de83e30cfdd25cbcf1a8232a553b134bf962953611d0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.9.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 1906
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:26:10 GMT
etag: "16022d8-1255-5e91c9c0ce480-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/js/sliders/responsiveslides.js?ver=1.0.1
192.124.249.175200 OK 2.4 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/js/sliders/responsiveslides.js?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash cc970b337a5b20fbcc669bd92c2cf632
76f58c3ff40d947069792fd2029a1ac8cbaf35e8
bcefac70c3ea822ae6b120c41dc0f6bc51a70695d507dd6febe8394130dd3167
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/js/sliders/responsiveslides.js?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 2417
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ded-2570-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.sortable.min.js?ver=1.9.2
192.124.249.175200 OK 5.8 kB URL HTTP/2 higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.sortable.min.js?ver=1.9.2
IP 192.124.249.175:0
File type ASCII text, with very long lines (23415)
Hash 6f578f5f7fbd1cf3f547afa0f84d9d0e
de23ecea695ee1999b5c65c5a9036b46cfcdfffa
3edcf19bbb182574229be7be197abfc9be3b580efeb99b75cb2d0102d56b13b1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/jquery.ui.sortable.min.js?ver=1.9.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 5763
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:26:10 GMT
etag: "16022ec-5c1e-5e91c9c0ce480-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.mouse.min.js?ver=1.9.2
192.124.249.175200 OK 843 B URL HTTP/2 higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.mouse.min.js?ver=1.9.2
IP 192.124.249.175:0
File type ASCII text, with very long lines (2700)
Hash 7e0ccdcb77d2752baee9774ee1a24096
8de03b4157e25bcebe0842bd4d30c2331ee77278
dde51cffc43a973abac2c18a04b7408dbd239d3883e0535dcd135d8b19ca3af1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/jquery.ui.mouse.min.js?ver=1.9.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 843
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:26:10 GMT
etag: "16022e3-b30-5e91c9c0ce480-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.tabs.min.js?ver=1.9.2
192.124.249.175200 OK 5.2 kB URL HTTP/2 higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.tabs.min.js?ver=1.9.2
IP 192.124.249.175:0
File type ASCII text, with very long lines (18409)
Hash 462bd945bf9cf4fdba727de5de617afb
558ef3332f74ca7f07b36c8b6348db703de04d7c
89a9c0a6ebdefd7da0d7f522845f6f4c39fc487f26363783a4f1435a2bbdea62
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/jquery.ui.tabs.min.js?ver=1.9.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 5150
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:26:10 GMT
etag: "16022d3-488c-5e91c9c0ce480-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.accordion.min.js?ver=1.9.2
192.124.249.175200 OK 3.0 kB URL HTTP/2 higginsonconsulting.ca/wp-includes/js/jquery/ui/jquery.ui.accordion.min.js?ver=1.9.2
IP 192.124.249.175:0
File type ASCII text, with very long lines (10286)
Hash 58945c8624437d9b8dfc59292bd1e788
e5db82109db2706bb578197306b31dfacd983f61
2bbfd68117fead557a9214ec351cd2666f6b27010eedcb3986459eae1a479e8f
GET /wp-includes/js/jquery/ui/jquery.ui.accordion.min.js?ver=1.9.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 3035
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:26:09 GMT
etag: "16022e8-28d6-5e91c9bfda240-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/js/jquery.plugins.js?ver=1.0.1
192.124.249.175200 OK 12 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/js/jquery.plugins.js?ver=1.0.1
IP 192.124.249.175:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (21776), with CRLF line terminators
Hash 04261b037195d3d12240807615e8c408
d06c3f8582b3cdd394dd0dfaaf46cae78aedc6f5
431f1ddcb3e796b9aed24b897737eaf7c2234562ad509ae58e91b07e6f44b035
GET /wp-content/themes/rocco_bak/js/jquery.plugins.js?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 11662
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1de4-a3da-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/js/scripts.js?ver=1.0.1
192.124.249.175200 OK 2.4 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/js/scripts.js?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 2336ede36af214a26305c8d846c25d93
e48e5196037ab576517af5b25bf8a3c90770e54b
955f1102bb4e1cad8ed5cef3f937539a48a4b959f5afb54f4f9fb9d0feb0b444
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/js/scripts.js?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 2417
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1df2-2e55-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/js/mfn.menu.js?ver=1.0.1
192.124.249.175200 OK 663 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/js/mfn.menu.js?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 37fb84f08067fb24c56500560e55df43
3687ac84a40fd67efdf723e3dcaf86eacc2fed98
a6717e8452369f21fb47b0ab079f15911a39d671de89ed35edc736081bbea9eb
GET /wp-content/themes/rocco_bak/js/mfn.menu.js?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 663
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1df0-78e-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/js/sliders/jquery.jcarousel.min.js?ver=1.0.1
192.124.249.175200 OK 4.3 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/js/sliders/jquery.jcarousel.min.js?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with very long lines (15184), with CRLF line terminators
Hash b9a51e069208c94989ab81ff56505bd4
0597022af7fcc219e266dc83e063a489bc878b75
8e8fc9842982c3f3c20ba03a4d7003b6215104064e3fd3409793399b46d77d48
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/js/sliders/jquery.jcarousel.min.js?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 4292
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1def-3d32-5e91c9abd3300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/uploads/2014/05/Higginson-Consulting-Ltd-Structural-Civil-e1400647779351.jpg
192.124.249.175200 OK 12 kB URL HTTP/2 higginsonconsulting.ca/wp-content/uploads/2014/05/Higginson-Consulting-Ltd-Structural-Civil-e1400647779351.jpg
IP 192.124.249.175:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x82, components 3\012- data
Hash e0bcd55dfd409f781264b22921d7bd3f
c9846d696c332a86caae265f6def6eaab7002dc1
5233c7d0471f9d9f441d19101f33e6798aa613ca5bd1feb60f93537af2523e8f
GET /wp-content/uploads/2014/05/Higginson-Consulting-Ltd-Structural-Civil-e1400647779351.jpg HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: image/jpeg
content-length: 12237
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:53 GMT
etag: "2101723-2fcd-5e91c9b097e40"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/base.css
192.124.249.175200 OK 1.8 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/base.css
IP 192.124.249.175:0
File type ASCII text, with very long lines (483), with CRLF line terminators
Hash 44195593b80fc7d7e6c15afa93b5c23c
6e38ec17cc2cb8499e8bc568b8231b8b8b1fafef
d1e00a3cb2433acc3236fe4b237606e35df6de8e06c412e845edb9b34962e937
GET /wp-content/themes/rocco_bak/css/base.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 1752
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ed4-18dc-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=3.5.2
192.124.249.175200 OK 18 kB URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=3.5.2
IP 192.124.249.175:0
File type Unicode text, UTF-8 text, with very long lines (63134)
Hash 0a4e2e312203185d3467863bbaeb2f50
d6d64d4047c763dbfc499fc8c8e27c43d60050b1
0c09b05432d919c02135ed3c78f0e1a32ed941659cb8131424adaf02707143be
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 18199
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:43 GMT
etag: "33a1494-14750-5e91c9a70e7c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-includes/js/jquery/jquery.js?ver=1.8.3
192.124.249.175200 OK 32 kB URL HTTP/2 higginsonconsulting.ca/wp-includes/js/jquery/jquery.js?ver=1.8.3
IP 192.124.249.175:0
File type ASCII text, with very long lines (65483)
Hash 835ef7a3949c85489ee516fe0efa7184
8915c9f070078522709b8c2c2261d993712da213
f9bcc8788bc3201fe5da1353f7349271ff40d25d7d6b0e6313d84eb2f1e65b08
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.js?ver=1.8.3 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 32380
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:26:10 GMT
etag: "15e2b10-16dda-5e91c9c0ce480-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/buttons.css
192.124.249.175200 OK 296 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/buttons.css
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash bceb23ff7b1c614fe36da80ae821ba03
e71450f5d54abd1da9fe39c0f278f6da9bb5a1e5
556a26e3cd1d64ba0abd72f2a8f6d75d4a6bcdd06e80d8ded86bfde79995dae5
GET /wp-content/themes/rocco_bak/css/buttons.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 296
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ed5-5e8-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/plugins/doptg/assets/js/jquery.dop.ThumbnailGallery.js?ver=3.5.2
192.124.249.175200 OK 19 kB URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/doptg/assets/js/jquery.dop.ThumbnailGallery.js?ver=3.5.2
IP 192.124.249.175:0
Hash a7740212ae2560b2e8449596abb8a892
47d6767b4d83a90d4cbf3af8f52e63ec40a95923
2330ed7e0f1796e5fabe3c04d3a5349d7e069c2299ac4dbbf6af026bc93e5901
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/doptg/assets/js/jquery.dop.ThumbnailGallery.js?ver=3.5.2 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: application/javascript
content-length: 19315
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:39 GMT
etag: "33a16aa-3bd1d-5e91c9a33dec0-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/layout.css
192.124.249.175200 OK 4.9 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/layout.css
IP 192.124.249.175:0
File type ASCII text, with very long lines (322), with CRLF line terminators
Hash d754ce32ce6b77b92cf6a589a128b8ed
2562b51cb2e0dc316482e9d16864118d6287eb12
d03121b02653b2cfdd4e31cb040c812479f7b0f0788cdb7998358cae28b789de
GET /wp-content/themes/rocco_bak/css/layout.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 4865
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1efa-6487-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/variables.css
192.124.249.175200 OK 993 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/variables.css
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash c5a38add175e1432bd83e3d4250426a6
4666fae46a3f1cb6399fd1a22d3c227f68f39c91
af7b605a2e70ad861b8139b35fa765473350f86e4040bc4267511d76031f2a2c
GET /wp-content/themes/rocco_bak/css/variables.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 993
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ed3-d29-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/animations.css
192.124.249.175200 OK 451 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/animations.css
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 24c512bcef02a5d35864309bb576d4af
226801ff841b0dc7ff63d76112dd643917ed824a
0ca3c68a095b120e3d77ffcacbfcbdfd72bb6f6e2ac8631a8d6f265db99ba261
GET /wp-content/themes/rocco_bak/css/animations.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 451
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1efb-d49-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/shortcodes.css
192.124.249.175200 OK 4.4 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/shortcodes.css
IP 192.124.249.175:0
File type ASCII text, with very long lines (374), with CRLF line terminators
Hash 3162fa9b023969890daae49c9939ea82
1aac64dfea97b575eaa62edf8bc94e7b64e9cf4c
3e362c76566e2462d22dcfb1b93cb40685870c1f4be07942aadc9587903e0d2a
GET /wp-content/themes/rocco_bak/css/shortcodes.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 4449
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ec7-616b-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/style.php?ver=1.0.1
192.124.249.175200 OK 435 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/style.php?ver=1.0.1
IP 192.124.249.175:0
File type ASCII text, with CRLF, LF line terminators
Hash 3004372ccabdaa97c781c2ae0d088ebe
79b55a27197d9407513072b224aaecabcfe756d4
a78e20253a0b11a9406c26aceb6d0665daf087c2026402efbd04c49afc64d323
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/style.php?ver=1.0.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/netfilxwebsupportteampaymentalert/account/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css;;charset=UTF-8
content-length: 435
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:51:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://higginsonconsulting.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 08:31:01 GMT
expires: Wed, 20 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 300047
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:51:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/fonts.css
192.124.249.175200 OK 74 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/fonts.css
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 1673be58e25f55a64019ccc58d17cd83
ffcdce3a2ea5260ac83b7b854370a57e38645620
76550bdc643c361f88456b4bfbb3c0b004aafe432b8fe0b11efdc823fb605584
GET /wp-content/themes/rocco_bak/css/fonts.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 74
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ed1-68-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.theme.css
192.124.249.175200 OK 2.5 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.theme.css
IP 192.124.249.175:0
File type ASCII text, with very long lines (551), with CRLF line terminators
Hash e57c78e0db86b9c8746686405afd32be
99f8acb007e6b005db65cbb8062fe58389856ffd
1d60a0422bf23ed0c5ff2864351d7c34c634d33170d18efa57bdc8198edec3c7
GET /wp-content/themes/rocco_bak/css/ui/jquery.ui.theme.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.all.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 2500
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ec4-4558-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.base.css
192.124.249.175200 OK 59 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.base.css
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 95d9b175d68f759b284287f8d423445e
c0ed993b74c6edb3b84e33d6d6280e699b7ade74
1070d5e76acdddb578ac78f78fc1307ad56854540eb666c2ad63df31708e8432
GET /wp-content/themes/rocco_bak/css/ui/jquery.ui.base.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.all.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 59
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ec3-6f-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/socialico.css
192.124.249.175200 OK 280 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/socialico.css
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 8e5cda2e5bf597df40a70ba5d88b6f41
40cd25374a03ddb297556d2341bcc8042bdfe839
031cf9a5dc3051f3612bd5f2e1a9e8256868e0cb890c726d8d482c98fb8a960d
GET /wp-content/themes/rocco_bak/fonts/socialico.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/css/fonts.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:49 GMT
content-type: text/css
content-length: 280
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1e17-25b-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/fontawesome.css
192.124.249.175200 OK 5.1 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/fontawesome.css
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash ce027665d8cc392b68e150f2236b77a3
2f8eb2b114736504bcf591b3e91abaa0a1504dce
346ff2d5e383af296f4187cad6ad0795e05945506f1bf5b7847a9a38752e9fe0
GET /wp-content/themes/rocco_bak/fonts/fontawesome.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/css/fonts.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:49 GMT
content-type: text/css
content-length: 5058
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1e11-700a-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.core.css
192.124.249.175200 OK 514 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.core.css
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 7b1cdf0501848a4cde4f1ab7c711c411
5c7b84ab713dcd80d665e8826717725cfb06ab22
98055596fffc8ffd35e43f14d9a23dea220d395a07c6612895092eeb16371404
GET /wp-content/themes/rocco_bak/css/ui/jquery.ui.core.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:49 GMT
content-type: text/css
content-length: 514
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ec5-54c-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.accordion.css
192.124.249.175200 OK 534 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.accordion.css
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 8df64f1a3321e8cbfbf0a3face05f861
270eda94e12ab37f9e9628634ab7f403dbc17d4b
40fb67b1a45c4113fec9b21b3e7f5ab8629f2827f06a6c9149968a57b7f1be9b
GET /wp-content/themes/rocco_bak/css/ui/jquery.ui.accordion.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:49 GMT
content-type: text/css
content-length: 534
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ec0-6db-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.tabs.css
192.124.249.175200 OK 454 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.tabs.css
IP 192.124.249.175:0
File type ASCII text, with CRLF line terminators
Hash 62ac12ed7068722ea5bd665316fe6897
c88f32fb666b51ba79e7f1c430666ab11e27b89c
c38ad616141f71d0d2bb7c9f6f3ae6438fdaadcecf0ecf99ae09ad32b4b05348
GET /wp-content/themes/rocco_bak/css/ui/jquery.ui.tabs.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/css/ui/jquery.ui.base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:49 GMT
content-type: text/css
content-length: 454
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ec6-5ac-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17820, version 1.0\012- data
Hash 3d5107abaf7bf4df5478bd04625c0929
b04d394caabf6ea3e500b74781dc2bfd54f3c18d
9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31
GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://higginsonconsulting.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 19:07:15 GMT
expires: Tue, 19 Sep 2023 19:07:15 GMT
cache-control: public, max-age=31536000
age: 348274
last-modified: Mon, 15 Aug 2022 18:13:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/plugins/recent-tweets-widget/assets/tweet.png
192.124.249.175200 OK 1.3 kB URL HTTP/2 higginsonconsulting.ca/wp-content/plugins/recent-tweets-widget/assets/tweet.png
IP 192.124.249.175:0
File type PNG image data, 24 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 5131e10e2f4a1401999782c93d2fe338
debcd9c415053681c744e987a9616a489f4a7f75
a2062bdf8870d01bdef61bbf7cd4581a9845c0ca97e2cf4afc06b498c3c62c32
GET /wp-content/plugins/recent-tweets-widget/assets/tweet.png HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:49 GMT
content-type: image/png
content-length: 1316
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:42 GMT
etag: "33a183a-524-5e91c9a61a580"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/socialico-webfont.woff
192.124.249.175200 OK 21 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/socialico-webfont.woff
IP 192.124.249.175:0
File type Web Open Font Format, TrueType, length 21152, version 1.0\012- data
Hash 7d981a73f596299e73019e42361f4cec
3bc26443c5f17ed229e9ee16f074ca3f4d2e6bf3
5499c273b501aedecb05a514aea7783a88be973f8a6854e4228f80bb21abf84f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/fonts/socialico-webfont.woff HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/socialico.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:49 GMT
content-type: font/woff
content-length: 21152
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1e15-52a0-5e91c9abd3300"
accept-ranges: bytes
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/fontawesome-webfont.woff?v=3.2.1
192.124.249.175200 OK 44 kB URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/fontawesome-webfont.woff?v=3.2.1
IP 192.124.249.175:0
File type Web Open Font Format, TrueType, length 43572, version 1.0\012- data
Hash b683029bafe0305ac2234038a03e1541
12f8c193902e99348493ace32e498031bf79b654
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rocco_bak/fonts/fontawesome-webfont.woff?v=3.2.1 HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/fonts/fontawesome.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:49 GMT
content-type: font/woff
content-length: 43572
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1e1b-aa34-5e91c9abd3300"
accept-ranges: bytes
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:51:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/ga.js
142.250.74.104200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.104:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Fri, 23 Sep 2022 18:17:11 GMT
expires: Fri, 23 Sep 2022 20:17:11 GMT
cache-control: public, max-age=7200
age: 5678
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:51:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=457192136&utmhn=higginsonconsulting.ca&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Page%20Not%20Found%20-%20Higginson%20Consulting%20Ltd.Higginson%20Consulting%20Ltd.&utmhid=334369099&utmr=-&utmp=%2Fnetfilxwebsupportteampaymentalert%2Faccount%2Flogin.php&utmht=1663962708865&utmac=UA-38159246-1&utmcc=__utma%3D22406946.23362400.1663962709.1663962709.1663962709.1%3B%2B__utmz%3D22406946.1663962709.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=80533762&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.104200 OK 35 B URL HTTP/2 ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=457192136&utmhn=higginsonconsulting.ca&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Page%20Not%20Found%20-%20Higginson%20Consulting%20Ltd.Higginson%20Consulting%20Ltd.&utmhid=334369099&utmr=-&utmp=%2Fnetfilxwebsupportteampaymentalert%2Faccount%2Flogin.php&utmht=1663962708865&utmac=UA-38159246-1&utmcc=__utma%3D22406946.23362400.1663962709.1663962709.1663962709.1%3B%2B__utmz%3D22406946.1663962709.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=80533762&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.104:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=457192136&utmhn=higginsonconsulting.ca&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Page%20Not%20Found%20-%20Higginson%20Consulting%20Ltd.Higginson%20Consulting%20Ltd.&utmhid=334369099&utmr=-&utmp=%2Fnetfilxwebsupportteampaymentalert%2Faccount%2Flogin.php&utmht=1663962708865&utmac=UA-38159246-1&utmcc=__utma%3D22406946.23362400.1663962709.1663962709.1663962709.1%3B%2B__utmz%3D22406946.1663962709.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=80533762&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Fri, 23 Sep 2022 19:51:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/uploads/2013/09/favicon.ico
192.124.249.175200 OK 613 B URL HTTP/2 higginsonconsulting.ca/wp-content/uploads/2013/09/favicon.ico
IP 192.124.249.175:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash fab484210178c71ddd0675e78f7364d8
8f1b643f4d83268f15ded454a2e35bb97d9347fa
194d3e4b0fe6a26263d119f9e715982b15c10c71c84c8bc33d265f2e5a3d24a6
GET /wp-content/uploads/2013/09/favicon.ico HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:50 GMT
content-type: image/x-icon
content-length: 613
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:51 GMT
etag: "19e2f67-47e-5e91c9aeaf9c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
blackname.biz/?pu=mjqtknzqmi5ha3ddf42tsnbu
3.64.163.50200 OK 0 B URL HTTP/2 blackname.biz/?pu=mjqtknzqmi5ha3ddf42tsnbu
IP 3.64.163.50:0
GET /?pu=mjqtknzqmi5ha3ddf42tsnbu HTTP/1.1
Host: blackname.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Fri, 23 Sep 2022 19:51:47 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
etag: W/"19689b49e937c87a57ed4d961164d3cf"
cache-control: max-age=0, private, must-revalidate
set-cookie: bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=CfPXI0gQ3NEEOXoi5Gp5%2FalnyAihFsEWmsRKsU5vtRoqou2ASMY0pTIDXPfA%2FWEcjY7S2dVMWTW8LgdsQ6AQJJDz21AVkixh6hmFt3XSWiHgZCIIJWpPyGAJOIoaVNyU2%2FYDBf4QDIGN8qmFiauqJQ9VjOvmDQJ0r3%2BZTj4849cfI%2FafgXfhNU4sMzilNoeqHoAcZhAuG18MRpWYtm68QtJT0CT7%2FU7gufY4VrpmoOjAsmgRIw8rDMam3J5EV3KJxXXDwws5r%2BPBcYxLgUlJVDnLVrEECbD5V3b0EVHOLCLrJYU1j0WqJMWN5u91V0rv9IWSBDm1J54otWON77opTbw4m8h0%2BGOnmW%2FW6BsM55TrTi%2F1DPDQuXJ1mYMQPIOMsaZn%2BIzY6DSk6LaRAgpSy5wRNb8ZSP0g9Yb9UChAjBaUojWnXMgu3dczi0yzbuC1ruyDQvRNrFSommPpBi2YHQ%3D%3D--UpWp5liNVv0YLOlO--iHwCs4AFFDPi%2F4ESPAdgLg%3D%3D; path=/; secure; HttpOnly
x-request-id: b5149ee9-a42d-47b0-98f8-3a1c22d5023b
x-runtime: 0.081487
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C400italic%2C700&ver=3.5.2
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C400italic%2C700&ver=3.5.2
IP 142.250.74.10:0
GET /css?family=Open+Sans%3A300%2C400%2C400italic%2C700&ver=3.5.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Sep 2022 19:51:47 GMT
date: Fri, 23 Sep 2022 19:51:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
higginsonconsulting.ca/wp-content/themes/rocco_bak/css/grid.css
192.124.249.175200 OK 0 B URL HTTP/2 higginsonconsulting.ca/wp-content/themes/rocco_bak/css/grid.css
IP 192.124.249.175:0
GET /wp-content/themes/rocco_bak/css/grid.css HTTP/1.1
Host: higginsonconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higginsonconsulting.ca/wp-content/themes/rocco_bak/style.css?ver=1.0.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:51:48 GMT
content-type: text/css
content-length: 745
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 20 Sep 2022 14:25:48 GMT
etag: "33a1ed0-a31-5e91c9abd3300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2