r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03ba1c19530391f28dcb5c049ab66e99
a1b89c652e5406b1981704d1973ac1c820ec584d
9c78f93d5d5c96391e480ecad78b4a6a30fb33fdc61acc7799fe3401c62a1292
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C78F93D5D5C96391E480ECAD78B4A6A30FB33FDC61ACC7799FE3401C62A1292"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3664
Expires: Tue, 21 Feb 2023 21:25:13 GMT
Date: Tue, 21 Feb 2023 20:24:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 13d4983fb8a0ee2cb855663cc9d8f6a0
1f85fc46435f86d7f414e310670c9afe27ea9532
f4bc8150273c4fc6e90c9df8e074823a78dc8409bfcc00616265e24d7d663498
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4BC8150273C4FC6E90C9DF8E074823A78DC8409BFCC00616265E24D7D663498"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4763
Expires: Tue, 21 Feb 2023 21:43:32 GMT
Date: Tue, 21 Feb 2023 20:24:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Feb 2023 19:38:08 GMT
content-type: application/json
age: 2761
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48b5fafb12e15fbede4669b549518d50
ee82e527d3c45ebbc1865cd56b93e1be5ac933db
94036245b7831c01d3112f661bd909369c9b3af89ab37be7fb07f2254a7df7d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94036245B7831C01D3112F661BD909369C9B3AF89AB37BE7FB07F2254A7DF7D5"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4591
Expires: Tue, 21 Feb 2023 21:40:40 GMT
Date: Tue, 21 Feb 2023 20:24:09 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Zpt5Ur5dmT8DeyLC8JY0GrtpCXhfKhenuuH5MqSJEu6htP8slNyUE0TAmFu6n0u9aQF0YFOzjYREYyC3q9Vsew==
x-amz-request-id: 7GS5ABWPVMH3EYJQ
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 21 Feb 2023 20:22:54 GMT
age: 75
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
radbusiness.ca/ne/emsonosi
50.87.146.49302 Found 231 B URL HTTP/1.1 radbusiness.ca/ne/emsonosi
IP 50.87.146.49:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 686b7f5edc45a16b05c5c36c75d00ab1
7d76ff440a2cedf3f805a28e0715e34646899553
fbc7def2c8244c8bba538b26d3b584f87ecf67e75c07ab045a8cdc7ac6578c34
Analyzer Verdict Alert fortinet Malware
NIDS Severity Alert suricata high ThreatFox payload delivery (url - confidence level: 75%)
GET /ne/emsonosi HTTP/1.1
Host: radbusiness.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 21 Feb 2023 20:24:09 GMT
Server: Apache
Location: http://radbusiness.ca/cgi-sys/suspendedpage.cgi
Content-Length: 231
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Feb 2023 20:24:09 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Last-Modified, Alert, Backoff, Content-Type, Pragma, Expires, Cache-Control, Retry-After, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 21 Feb 2023 20:20:35 GMT
age: 214
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
radbusiness.ca/cgi-sys/suspendedpage.cgi
50.87.146.49200 OK 316 B URL HTTP/1.1 radbusiness.ca/cgi-sys/suspendedpage.cgi
IP 50.87.146.49:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c96d062f610bf41835838bb5c2e6ff8d
46bfa6eda475f3bc4ecbedefa29b347c0434ae6e
2d354ba05648b5fc4146d922364c915c15a997fa817b59b9200bebb9c2788d31
GET /cgi-sys/suspendedpage.cgi HTTP/1.1
Host: radbusiness.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 21 Feb 2023 20:24:09 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 316
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94d194d4728ee415fb180610c25cb8cb
9b6a935fd24c43f427d6377d2d278592dcbcb372
cada2d0987669f945549c8f526568c04c4e0a3b662fb2c3efd30efe3a40e2577
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CADA2D0987669F945549C8F526568C04C4E0A3B662FB2C3EFD30EFE3A40E2577"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4568
Expires: Tue, 21 Feb 2023 21:40:18 GMT
Date: Tue, 21 Feb 2023 20:24:10 GMT
Connection: keep-alive
radbusiness.ca/favicon.ico
50.87.146.49302 Found 231 B URL HTTP/1.1 radbusiness.ca/favicon.ico
IP 50.87.146.49:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 686b7f5edc45a16b05c5c36c75d00ab1
7d76ff440a2cedf3f805a28e0715e34646899553
fbc7def2c8244c8bba538b26d3b584f87ecf67e75c07ab045a8cdc7ac6578c34
GET /favicon.ico HTTP/1.1
Host: radbusiness.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radbusiness.ca/cgi-sys/suspendedpage.cgi
HTTP/1.1 302 Found
Date: Tue, 21 Feb 2023 20:24:10 GMT
Server: Apache
Location: http://radbusiness.ca/cgi-sys/suspendedpage.cgi
Content-Length: 231
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
iyfhshsp.com/?dn=referer_detect&pid=5POL4F2O4
208.91.196.46200 OK 3.5 kB URL HTTP/1.1 iyfhshsp.com/?dn=referer_detect&pid=5POL4F2O4
IP 208.91.196.46:0
ASN #40034 CONFLUENCE-NETWORK-INC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (481), with CRLF line terminators
Hash 438d8dd1e77aff587380c22643c58a97
afe235d53e9730003b8070a901ab403403fe418f
085933ffafd1b8e635f1edac2e9dbef8352a3a7a15649f61103a0cfb0e8b4f1a
GET /?dn=referer_detect&pid=5POL4F2O4 HTTP/1.1
Host: iyfhshsp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://radbusiness.ca/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 21 Feb 2023 20:24:10 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_RKXc7TxPHfYBne7waQCCj6TtTylnt5/H6p24b3MGsAjsiw30tN5v8r0FC9L2itAmhz1DPsmWDbxAwLA2QZHSLw==
Content-Length: 3484
Keep-Alive: timeout=5, max=108
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
35.83.97.160101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.97.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mbtEt2ubb1zpB96KC4fqBg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KbQwTesZgHlqUpV92btO5a3kI6w=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3cb7960c629af2d4a5325cec8696f40b
eb04e882f528f56fc09206f741d490a4b091a6dd
df3a27c510b477ae3411c0c178fb36d8291503db40f64d22a3fa18061c0ec2b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF3A27C510B477AE3411C0C178FB36D8291503DB40F64D22A3FA18061C0EC2B0"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9537
Expires: Tue, 21 Feb 2023 23:03:08 GMT
Date: Tue, 21 Feb 2023 20:24:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3cb7960c629af2d4a5325cec8696f40b
eb04e882f528f56fc09206f741d490a4b091a6dd
df3a27c510b477ae3411c0c178fb36d8291503db40f64d22a3fa18061c0ec2b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF3A27C510B477AE3411C0C178FB36D8291503DB40F64D22A3FA18061C0EC2B0"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9537
Expires: Tue, 21 Feb 2023 23:03:08 GMT
Date: Tue, 21 Feb 2023 20:24:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3cb7960c629af2d4a5325cec8696f40b
eb04e882f528f56fc09206f741d490a4b091a6dd
df3a27c510b477ae3411c0c178fb36d8291503db40f64d22a3fa18061c0ec2b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF3A27C510B477AE3411C0C178FB36D8291503DB40F64D22A3FA18061C0EC2B0"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9537
Expires: Tue, 21 Feb 2023 23:03:08 GMT
Date: Tue, 21 Feb 2023 20:24:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3cb7960c629af2d4a5325cec8696f40b
eb04e882f528f56fc09206f741d490a4b091a6dd
df3a27c510b477ae3411c0c178fb36d8291503db40f64d22a3fa18061c0ec2b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF3A27C510B477AE3411C0C178FB36D8291503DB40F64D22A3FA18061C0EC2B0"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9537
Expires: Tue, 21 Feb 2023 23:03:08 GMT
Date: Tue, 21 Feb 2023 20:24:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3cb7960c629af2d4a5325cec8696f40b
eb04e882f528f56fc09206f741d490a4b091a6dd
df3a27c510b477ae3411c0c178fb36d8291503db40f64d22a3fa18061c0ec2b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF3A27C510B477AE3411C0C178FB36D8291503DB40F64D22A3FA18061C0EC2B0"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9537
Expires: Tue, 21 Feb 2023 23:03:08 GMT
Date: Tue, 21 Feb 2023 20:24:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f2ff96e-507d-41b2-9c36-d59215313cf0.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f2ff96e-507d-41b2-9c36-d59215313cf0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed326d529c042fe3fdad8b863a59f256
d6cd1c7d26167d2721481c48674431cb211eb9e4
760c22e84957fc06e33e9181ad983bc496e4053bf04b1db9403e832448783f36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f2ff96e-507d-41b2-9c36-d59215313cf0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8808
x-amzn-requestid: 089af23d-dada-4921-a4fb-d7aa01b7de42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AsvaLGcLIAMFqgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f4f90d-2aae520828a83a1967d5d41a;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 17:02:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qpd_c_qkfy5pvlys84tqK59L7za5Vq39GB4WBYVqpg50KiRFORio-w==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 17:13:28 GMT
age: 11443
etag: "d6cd1c7d26167d2721481c48674431cb211eb9e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe60e7355-bb4c-4383-88dd-55860fdee2c1.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe60e7355-bb4c-4383-88dd-55860fdee2c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 82deb326eb0c337b11049eaa06ab6fc5
d6066ccfc2035d17b1e99b1794c49cb48169889c
1612e8f3c8b8250c10ee8a92a37845d229c9cbeec96f5a68061f129a5c078551
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe60e7355-bb4c-4383-88dd-55860fdee2c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8796
x-amzn-requestid: 3b0cb8b9-7603-4e7e-b93d-0187199b7ab3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AoGVhFjIIAMFVZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f31dbc-1d01d5416ff15f40518be204;Sampled=0
x-amzn-remapped-date: Mon, 20 Feb 2023 07:14:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: w9aBYP_pxauQs8yYmxWyv0vFKTxfdde9pJhnD7JBPIoVdEeCcxcdiA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 07:22:37 GMT
age: 46894
etag: "d6066ccfc2035d17b1e99b1794c49cb48169889c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f0c0c1-7e65-42b7-b8ac-5ed24c4924e6.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f0c0c1-7e65-42b7-b8ac-5ed24c4924e6.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d5b1f36b0fce0c27bc55b1b565fc036
b6b3c4f523346bcad001b251c984d18aee522d33
d03c32dc9a6ffce9b147d6db39df6a7bd3a3a47f778242e3194aa82357138d6c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f0c0c1-7e65-42b7-b8ac-5ed24c4924e6.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13379
x-amzn-requestid: 7f3bac6b-6d1a-4161-9304-a6284f838121
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AeETWFWpIAMF7tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ef1a7b-6287cb48791715490b772022;Sampled=0
x-amzn-remapped-date: Fri, 17 Feb 2023 06:11:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9JlC1r8PH2GfMEoqipkD4UbRsRTx5eRQrtiimF5mQ4NpeUYnjbbwUw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Feb 2023 22:13:20 GMT
age: 79851
etag: "b6b3c4f523346bcad001b251c984d18aee522d33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef868b47-b321-439e-bf82-15d1c2530384.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef868b47-b321-439e-bf82-15d1c2530384.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83e6132f67f7260c438854ee306526a4
da52ad870b7961e0dffb76cb204c1634c1045bcc
9375c53e5d6519f5d765dcd4a4c2e24e372d9dc507fc3331ba122c7d08babc34
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef868b47-b321-439e-bf82-15d1c2530384.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9944
x-amzn-requestid: 11509d28-5502-4a01-8991-96d6cf2efd4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ARBMIGeqoAMFkpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e9e24d-77c90ef925dc9b1c7ff6561b;Sampled=0
x-amzn-remapped-date: Mon, 13 Feb 2023 07:10:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: v3CuK8nOPRT8XXDy3SROYVosiN-o4BFEFJCZYqwr5Y6SLhydHcobdg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 17:09:56 GMT
age: 11655
etag: "da52ad870b7961e0dffb76cb204c1634c1045bcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F062afd3d-1408-45f9-8a87-8676271020ec.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F062afd3d-1408-45f9-8a87-8676271020ec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f4f15374ec09bd3d657f2c8f0fa886c
fb01a0ee84a88cf6f8cacea78c5b9cd444a41a9c
a63f93c3413c34897706ede836bf8aaf186a7002a901df0dc5481d381af5b849
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F062afd3d-1408-45f9-8a87-8676271020ec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7349
x-amzn-requestid: 76a8d55e-1e03-44d3-8c54-189007f4cf2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AhffeElfIAMFWOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f0792f-30cb18357e326d222d1078b8;Sampled=0
x-amzn-remapped-date: Sat, 18 Feb 2023 07:07:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QKN2LPQ_CIFUcNABg2n9ncOJkiS4F_ywrTQj4-ug64rhwot5Boca8A==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 07:09:09 GMT
age: 47702
etag: "fb01a0ee84a88cf6f8cacea78c5b9cd444a41a9c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c5a0bab7d34e51ee6476be179b356ba
87917d3cf520d73b7b1029f44505e7700413d51d
136e727a99409218318247b645558fad485ed84bcd90bd43a5895492cb317d89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6879
x-amzn-requestid: 18c46562-f8d9-4f7f-8ea0-1bb46e206f80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ANnahEWgIAMFwYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e885dc-50a7cfe4693b4efb038ce1a7;Sampled=0
x-amzn-remapped-date: Sun, 12 Feb 2023 06:23:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K3teFfj79RPIRVaLUr5b2XMz3Jb5g8AeZCce6ZAAZmjOSJWr1QIsNw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 15:01:26 GMT
age: 19365
etag: "87917d3cf520d73b7b1029f44505e7700413d51d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
iyfhshsp.com/?domain=radbusiness.ca&dn=radbusiness.ca&fp=vpt0L%2BjJbE7XGt4byx17BN5mqOfm4A9pZNln1%2Fk6Gnzo7UIbNcW8hygOoRdrSqn9VU2iTBLDpgi8VkReUgYtn5yBaqJZ6PxsbrKvVk33HI4OG9DvNtXLXnWSHaY%2Fuz1CpNHoW7sX4rjKW1rW0oWQsuUKWUHzXvCr8IQsW7COhhI%3D&prvtof=to8I5Ye0oqGjGC%2FnT85q1f0SDWb2zU%2BYJ%2FdqFYJkQNGX5ocRphjQwroQ5izot9v0&poru=%2BOX3lNarGrszUcD4%2FD3Oz8M6OSv%2BGD9WNzoGjpRoPz2e9uAmeYLovku1PXGe%2Bzjt8mE5IKnWzPpchCHmUH7ap%2FmLAyTNgR7Iw061d%2BqmHUY%3D&
208.91.196.46200 OK 20 kB URL HTTP/1.1 iyfhshsp.com/?domain=radbusiness.ca&dn=radbusiness.ca&fp=vpt0L%2BjJbE7XGt4byx17BN5mqOfm4A9pZNln1%2Fk6Gnzo7UIbNcW8hygOoRdrSqn9VU2iTBLDpgi8VkReUgYtn5yBaqJZ6PxsbrKvVk33HI4OG9DvNtXLXnWSHaY%2Fuz1CpNHoW7sX4rjKW1rW0oWQsuUKWUHzXvCr8IQsW7COhhI%3D&prvtof=to8I5Ye0oqGjGC%2FnT85q1f0SDWb2zU%2BYJ%2FdqFYJkQNGX5ocRphjQwroQ5izot9v0&poru=%2BOX3lNarGrszUcD4%2FD3Oz8M6OSv%2BGD9WNzoGjpRoPz2e9uAmeYLovku1PXGe%2Bzjt8mE5IKnWzPpchCHmUH7ap%2FmLAyTNgR7Iw061d%2BqmHUY%3D&
IP 208.91.196.46:0
ASN #40034 CONFLUENCE-NETWORK-INC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2100), with CRLF, LF line terminators
Hash 67c179e802f46c5f0469ef143ec71a1a
9589b79e18ebf4a0f6a9471e418717906d2a228f
80c4427fb0e8f27100a27269e720cabb4dec85c680073fae7cb363e3991668a1
GET /?domain=radbusiness.ca&dn=radbusiness.ca&fp=vpt0L%2BjJbE7XGt4byx17BN5mqOfm4A9pZNln1%2Fk6Gnzo7UIbNcW8hygOoRdrSqn9VU2iTBLDpgi8VkReUgYtn5yBaqJZ6PxsbrKvVk33HI4OG9DvNtXLXnWSHaY%2Fuz1CpNHoW7sX4rjKW1rW0oWQsuUKWUHzXvCr8IQsW7COhhI%3D&prvtof=to8I5Ye0oqGjGC%2FnT85q1f0SDWb2zU%2BYJ%2FdqFYJkQNGX5ocRphjQwroQ5izot9v0&poru=%2BOX3lNarGrszUcD4%2FD3Oz8M6OSv%2BGD9WNzoGjpRoPz2e9uAmeYLovku1PXGe%2Bzjt8mE5IKnWzPpchCHmUH7ap%2FmLAyTNgR7Iw061d%2BqmHUY%3D& HTTP/1.1
Host: iyfhshsp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iyfhshsp.com/?dn=referer_detect&pid=5POL4F2O4
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 21 Feb 2023 20:24:10 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_Lk/fLC+rLw1l85l1vedPRPa+39ZHrEvgFPV3xJn1rxDioyw6PTpdeU8vSBe88nsPrz4x76Wn8AmgQ/GCg3Hfbg==
Keep-Alive: timeout=5, max=117
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
iyfhshsp.com/px.js?ch=1
208.91.196.46200 OK 346 B IP 208.91.196.46:0
ASN #40034 CONFLUENCE-NETWORK-INC
File type ASCII text, with very long lines (346), with no line terminators
Hash f84f931c0dd37448e03f0dabf4e4ca9f
9c2c50edcf576453ccc07bf65668bd23c76e8663
5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
GET /px.js?ch=1 HTTP/1.1
Host: iyfhshsp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iyfhshsp.com/?domain=radbusiness.ca&dn=radbusiness.ca&fp=vpt0L%2BjJbE7XGt4byx17BN5mqOfm4A9pZNln1%2Fk6Gnzo7UIbNcW8hygOoRdrSqn9VU2iTBLDpgi8VkReUgYtn5yBaqJZ6PxsbrKvVk33HI4OG9DvNtXLXnWSHaY%2Fuz1CpNHoW7sX4rjKW1rW0oWQsuUKWUHzXvCr8IQsW7COhhI%3D&prvtof=to8I5Ye0oqGjGC%2FnT85q1f0SDWb2zU%2BYJ%2FdqFYJkQNGX5ocRphjQwroQ5izot9v0&poru=%2BOX3lNarGrszUcD4%2FD3Oz8M6OSv%2BGD9WNzoGjpRoPz2e9uAmeYLovku1PXGe%2Bzjt8mE5IKnWzPpchCHmUH7ap%2FmLAyTNgR7Iw061d%2BqmHUY%3D&
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 21 Feb 2023 20:24:12 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
Content-Length: 346
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
iyfhshsp.com/px.js?ch=2
208.91.196.46200 OK 346 B IP 208.91.196.46:0
ASN #40034 CONFLUENCE-NETWORK-INC
File type ASCII text, with very long lines (346), with no line terminators
Hash f84f931c0dd37448e03f0dabf4e4ca9f
9c2c50edcf576453ccc07bf65668bd23c76e8663
5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
GET /px.js?ch=2 HTTP/1.1
Host: iyfhshsp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iyfhshsp.com/?domain=radbusiness.ca&dn=radbusiness.ca&fp=vpt0L%2BjJbE7XGt4byx17BN5mqOfm4A9pZNln1%2Fk6Gnzo7UIbNcW8hygOoRdrSqn9VU2iTBLDpgi8VkReUgYtn5yBaqJZ6PxsbrKvVk33HI4OG9DvNtXLXnWSHaY%2Fuz1CpNHoW7sX4rjKW1rW0oWQsuUKWUHzXvCr8IQsW7COhhI%3D&prvtof=to8I5Ye0oqGjGC%2FnT85q1f0SDWb2zU%2BYJ%2FdqFYJkQNGX5ocRphjQwroQ5izot9v0&poru=%2BOX3lNarGrszUcD4%2FD3Oz8M6OSv%2BGD9WNzoGjpRoPz2e9uAmeYLovku1PXGe%2Bzjt8mE5IKnWzPpchCHmUH7ap%2FmLAyTNgR7Iw061d%2BqmHUY%3D&
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 21 Feb 2023 20:24:12 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
Content-Length: 346
Keep-Alive: timeout=5, max=122
Connection: Keep-Alive
Content-Type: application/javascript
i3.cdn-image.com/__media__/js/min.js?v2.3
208.91.196.253200 OK 8.4 kB URL HTTP/1.1 i3.cdn-image.com/__media__/js/min.js?v2.3
IP 208.91.196.253:0
ASN #40034 CONFLUENCE-NETWORK-INC
File type ASCII text, with very long lines (8349), with CRLF line terminators
Hash c16c3a4c0fad29106f34d00e89f6886e
6e11811ab8a98bb295b0916cdee68b302c33403d
097786d677a859b7bc87e285377b083b76d66a2fc2832a16bcd50b0e99df77ff
GET /__media__/js/min.js?v2.3 HTTP/1.1
Host: i3.cdn-image.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfhshsp.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Feb 2023 20:24:13 GMT
Content-Type: application/javascript
Content-Length: 8435
Last-Modified: Wed, 22 Sep 2021 05:16:08 GMT
Connection: keep-alive
ETag: "614abc18-20f3"
Expires: Tue, 07 Mar 2023 20:24:13 GMT
Cache-Control: max-age=1209600, public
Accept-Ranges: bytes
searchdiscovered.com/__media__/pics/657/hostergator.gif
208.91.196.4302 Found 246 B URL HTTP/1.1 searchdiscovered.com/__media__/pics/657/hostergator.gif
IP 208.91.196.4:0
ASN #40034 CONFLUENCE-NETWORK-INC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6d6711a966a709b625b99abda74a4256
f996b24c7b05bdee4a06c7049cb248445ec0677c
b1656c00a494af260c5e61ff2fc13af17ba49a0ca02aeba2c809fe4122ba01f3
GET /__media__/pics/657/hostergator.gif HTTP/1.1
Host: searchdiscovered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfhshsp.com/
HTTP/1.1 302 Found
Date: Tue, 21 Feb 2023 20:24:13 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Location: http://freeresultsguide.com/__media__/pics/657/hostergator.gif
Content-Length: 246
Keep-Alive: timeout=5, max=111
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
i3.cdn-image.com/__media__/pics/29590/bg1.png
208.91.196.253200 OK 18 kB URL HTTP/1.1 i3.cdn-image.com/__media__/pics/29590/bg1.png
IP 208.91.196.253:0
ASN #40034 CONFLUENCE-NETWORK-INC
File type PNG image data, 1730 x 988, 4-bit colormap, non-interlaced\012- data
Hash 825ccd29ac102fcadaf92b2343d5917b
24472e766cfac5b82a73b219796556a0a3702bd6
0878fb2875c0ad852de8fb3e8f443afdf3064890f1443b3feccc274382f913cd
GET /__media__/pics/29590/bg1.png HTTP/1.1
Host: i3.cdn-image.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfhshsp.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Feb 2023 20:24:13 GMT
Content-Type: image/png
Content-Length: 17986
Last-Modified: Fri, 25 Nov 2022 12:16:35 GMT
Connection: keep-alive
ETag: "6380b223-4642"
Expires: Tue, 07 Mar 2023 20:24:13 GMT
Cache-Control: max-age=1209600, public
Accept-Ranges: bytes
searchdiscovered.com/__media__/pics/657/error-bg.gif
208.91.196.4302 Found 243 B URL HTTP/1.1 searchdiscovered.com/__media__/pics/657/error-bg.gif
IP 208.91.196.4:0
ASN #40034 CONFLUENCE-NETWORK-INC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd9326e3e1614d22b75e8d32ea585c0
1f2cd244c4541bcd15e2943e23f135029aa7adb8
f1e045a975646a4d179b4bd606dab7d7136f33782be4ae53caee769d78c8cec3
GET /__media__/pics/657/error-bg.gif HTTP/1.1
Host: searchdiscovered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfhshsp.com/
HTTP/1.1 302 Found
Date: Tue, 21 Feb 2023 20:24:13 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Location: http://freeresultsguide.com/__media__/pics/657/error-bg.gif
Content-Length: 243
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
i3.cdn-image.com/__media__/pics/28905/arrrow.png
208.91.196.253200 OK 283 B URL HTTP/1.1 i3.cdn-image.com/__media__/pics/28905/arrrow.png
IP 208.91.196.253:0
ASN #40034 CONFLUENCE-NETWORK-INC
File type PNG image data, 17 x 27, 8-bit colormap, non-interlaced\012- data
Hash 80d42c82a6c37da90210fd60a2f36128
554ba7c84d2a27ecf3b1f29d03e62101936b54d8
a1626e2d9160a0890a0a8d6e3af9e7095d68a24f9fb5ac8a166000c9a2581e10
GET /__media__/pics/28905/arrrow.png HTTP/1.1
Host: i3.cdn-image.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfhshsp.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Feb 2023 20:24:13 GMT
Content-Type: image/png
Content-Length: 283
Last-Modified: Tue, 04 Jan 2022 14:44:27 GMT
Connection: keep-alive
ETag: "61d45d4b-11b"
Expires: Tue, 07 Mar 2023 20:24:13 GMT
Cache-Control: max-age=1209600, public
Accept-Ranges: bytes
freeresultsguide.com/__media__/pics/657/hostergator.gif
208.91.196.4200 OK 8.0 kB URL HTTP/1.1 freeresultsguide.com/__media__/pics/657/hostergator.gif
IP 208.91.196.4:0
ASN #40034 CONFLUENCE-NETWORK-INC
File type GIF image data, version 89a, 220 x 63\012- data
Hash 1898aad5d11be03025f15b9137efa371
f61413766a2adcd018174b407e3e8e7e6f76feae
c91b0f2a8767a2c2dfb64ee200bd110a476b613a855a0c8982dd3c9b93095bb3
GET /__media__/pics/657/hostergator.gif HTTP/1.1
Host: freeresultsguide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfhshsp.com/
HTTP/1.1 200 OK
Date: Tue, 21 Feb 2023 20:24:13 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Last-Modified: Wed, 20 Jan 2021 10:46:09 GMT
ETag: "1f47-5b952a9b9b24e"
Accept-Ranges: bytes
Content-Length: 8007
Keep-Alive: timeout=5, max=77
Connection: Keep-Alive
Content-Type: image/gif
i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.woff
208.91.196.253200 OK 17 kB URL HTTP/1.1 i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.woff
IP 208.91.196.253:0
ASN #40034 CONFLUENCE-NETWORK-INC
File type Web Open Font Format, TrueType, length 17312, version 2.1\012- data
Hash bebe201d813feaad85a3e66607d0da3a
28b049502afa8e9db5340c1a92400591b39870e8
58bb75322beb862803b0d156e1a1d01fb1e7fde82ee93c929b08bf5aea9fc55b
GET /__media__/fonts/montserrat-bold/montserrat-bold.woff HTTP/1.1
Host: i3.cdn-image.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://iyfhshsp.com
Connection: keep-alive
Referer: http://iyfhshsp.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Feb 2023 20:24:13 GMT
Content-Type: application/font-woff
Content-Length: 17312
Last-Modified: Wed, 20 Jan 2021 10:45:11 GMT
Connection: keep-alive
ETag: "600809b7-43a0"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
freeresultsguide.com/__media__/pics/657/error-bg.gif
208.91.196.4200 OK 2.0 kB URL HTTP/1.1 freeresultsguide.com/__media__/pics/657/error-bg.gif
IP 208.91.196.4:0
ASN #40034 CONFLUENCE-NETWORK-INC
File type GIF image data, version 89a, 526 x 2\012- data
Hash 2a0b3de86b6c212e0220f3a9757a5dbf
493f8e5c7a8c7c11645a99d22cfa8d637da6fe3e
76261ee6190ec30c36b297048d62eeb55240baa74253c6756c746d07d1fd8154
GET /__media__/pics/657/error-bg.gif HTTP/1.1
Host: freeresultsguide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iyfhshsp.com/
HTTP/1.1 200 OK
Date: Tue, 21 Feb 2023 20:24:13 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Last-Modified: Wed, 20 Jan 2021 10:46:09 GMT
ETag: "7d7-5b952a9b9b24e"
Accept-Ranges: bytes
Content-Length: 2007
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/gif
i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.woff
208.91.196.253200 OK 17 kB URL HTTP/1.1 i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.woff
IP 208.91.196.253:0
ASN #40034 CONFLUENCE-NETWORK-INC
File type Web Open Font Format, TrueType, length 17264, version 2.1\012- data
Hash a43b107861b42ce1335e41e43d4e4d00
99bdb1cec4a68ebe29249c46fefefb6880d009e5
a6542dc92d71eb412bac89d8fb06c70f15be74a64b1b4ef1633288b78f4f2ff2
GET /__media__/fonts/montserrat-regular/montserrat-regular.woff HTTP/1.1
Host: i3.cdn-image.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://iyfhshsp.com
Connection: keep-alive
Referer: http://iyfhshsp.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Feb 2023 20:24:13 GMT
Content-Type: application/font-woff
Content-Length: 17264
Last-Modified: Wed, 20 Jan 2021 10:45:11 GMT
Connection: keep-alive
ETag: "600809b7-4370"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes