{"report_id":"a84adaf9-8ad5-43d5-8165-0db87f08fd15","version":6,"status":"done","tags":[],"date":"2026-03-06T10:02:55Z","url":{"schema":"http","addr":"crypto-refund.ca","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"crypto-refund.ca/","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"title":"Canadian Crypto Recovery Service – No Fee Unless Successful | CryptoRefunds.ca","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"crypto-refund.ca","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-10T10:02:55Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"crypto-refund.ca","ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2026-03-03","domain_rank":0,"first_seen":"2026-03-06T10:02:57.372598Z","last_seen":"2026-03-06T10:02:57.372598Z","alert_count":0,"request_count":10,"received_data":1835624,"sent_data":4713,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Hostinger Website Builder","description":"Hostinger Website Builder is a web-based platform that allows users to create and design websites without needing to write code or have extensive technical knowledge.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Page builders"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]}]},{"fqdn":"assets.zyrosite.com","ip":{"addr":"172.64.144.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-03-05","domain_rank":521478,"first_seen":"2020-09-04T08:14:08Z","last_seen":"2026-03-04T21:05:47.572989Z","alert_count":0,"request_count":6,"received_data":185481,"sent_data":3766,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"cdn.zyrosite.com","ip":{"addr":"172.64.144.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-03-05","domain_rank":566197,"first_seen":"2022-07-28T13:49:38Z","last_seen":"2026-03-04T21:05:47.697237Z","alert_count":0,"request_count":2,"received_data":17644,"sent_data":1049,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.chainalysis.com","ip":{"addr":"172.64.151.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-28","domain_rank":2616944,"first_seen":"2017-02-22T16:31:47Z","last_seen":"2025-08-09T14:43:46.937666Z","alert_count":0,"request_count":11,"received_data":56926,"sent_data":5215,"comment":"","tags":null,"fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"MariaDB","description":"MariaDB is an open-source relational database management system compatible with MySQL.","website":"https://mariadb.org","common_platform_enumeration":"cpe:2.3:a:mariadb_project:mariadb:*:*:*:*:*:*:*:*","icon":"mariadb.svg","categories":["Databases"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Pantheon","description":"Pantheon is a WebOps (Website Operations) and Management Platform for WordPress and Drupal.","website":"https://pantheon.io/","common_platform_enumeration":"","icon":"Pantheon.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"crypto-refund.ca/_astro-1772751476364/_plugin-vue_export-helper.uaDa0FBd.js","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"419fff7164dd8ff861d56e24d01b417e","sha1":"1ec207bbcc71b5b1d68c83d9cf19b7073e7c4f76","sha256":"514b0db937ade407418f4211769f17b87994544239376967b9b25e7940340e93","sha512":"553a69a9eb18e1fa4be6ef1d7efb4bcfc9e290f40158a22c17fb2e5e89410c66aac4ea856399afd34839a34ce7921071cbe096bbf5a5ed55e30a0c1330e5c791","ssdeep":"1536:guQUZNEZTDbccjl/9WZ+/O11c0YvwxtkjNu3u9:1Wfbdjl/2+/OMzjNue9","tlshash":"237318f83182b562a3f918e240b70016f36e2816380ec9e8b59daddf3d7640551a7fbd","size":74191,"data":"","first_seen":"2026-03-06T10:03:01.178263Z","last_seen":"2026-05-23T06:36:45.298257Z","times_seen":30,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-refund.ca/_astro-1772751476364/addDocumentElements.BeRs_9gd.js","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"615ea1ccb12221523e93df73bb40c3d6","sha1":"88c27b1eee4cdb9711e1c4f50acaee5ea1179812","sha256":"ff68a0f1e87f7dcd0b1803a1acbf1fdfd570e4ee4349b531b4ae40b9ba3c2fdc","sha512":"df68fc72126b7f9da12b3ce01bc38470f1fcc819102854a41a2a1b6a2b96780de8a471a2005795876b937f1d331d092d20c607e268035b312fca188f914921a3","ssdeep":"96:2+nafyrcNdT5KgRNEjA8hnteKbov6tHTE0uIrm0dWtE:24sC+1nRNEjphFbRtHTE0uF09","tlshash":"9f9163debe08fa37d6ba80e12732c226b5131619f4a6d4a0e1ed442e5902dc36c77fd5","size":4381,"data":"","first_seen":"2026-03-06T10:03:01.174981Z","last_seen":"2026-06-02T04:13:31.515861Z","times_seen":114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-refund.ca/_astro-1772751476364/scrollToSection.Cp3Ee4Hp.js","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"e18a7ff815f7bdc53cd1913fb298bff8","sha1":"c8a5846fd4e00c5dfab1ebf207b05af9631ec845","sha256":"f6decc41ca1321a431911dde4d81c6883dba83b0b9738092a91b02c745d51cae","sha512":"aee9e66e046a4515f672fc01b257a662fc364d844e6c2b6c16fce59aae7a14f364ad112610908312c9b890f1c944900e6f7388fb49f56e1a6a06e85f16577f82","ssdeep":"384:Ofww1lzqppZHYJMmWiM06DaJe2RYh6pyX2FlCWBmjpvG4j+QTJX5yn:OIw1kvZHYCiM0KOnYhNX2ycmk4j+QThi","tlshash":"5d62f8887043363213eb1aeae1f64a02f538145ab44b84d4f06ead5b6db385551fbfbc","size":14780,"data":"","first_seen":"2026-03-06T10:03:01.203781Z","last_seen":"2026-05-23T06:36:45.324023Z","times_seen":30,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-refund.ca/_astro-1772751476364/Page.BhJeTooN.js","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a0b2e0a573ddddc23fade38f48e663d8","sha1":"ddaadb36066fc63f07f7826dd9d6af3ed73ff9e4","sha256":"3227b1c0bab4be8bd789f8cf68db37f73a9a33d812404f45aef59ec59cc1e4f2","sha512":"cc6d2e8052140adac662d9cc7feb7a5c4c378ba0b11e668715e0ffb4160c799c370a8a4cf819e3a094885ded8b8836acc525e1c4b243d843a9fd981c5728b242","ssdeep":"24576:UNlV8Pdzk0OBYueydGJ3iKAMGBgk65cCjQexgG0ZM4DNJjVodqOx2M6KUE4V8YXe:UNlV8Pdzk0OBYu1dGJ3iKAMGBgk65cCN","tlshash":"17356dc5f0b5682943b701a9945b0001b22d2e2ef05cc8e0f5b9dded26a9c59627ff7e","size":1154719,"data":"","first_seen":"2026-03-06T10:03:01.208628Z","last_seen":"2026-03-06T10:55:38.543289Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-refund.ca/","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b162a6a07d9ba9a8c613770a3dc55296","sha1":"049dcbf8619f9bb2af536de7a3b70889648c86e5","sha256":"8b34aaab821b449e8da2733222b64d5b59596c49e867466a53d80a671b8fe801","sha512":"3484688f670e5790144e0cb8446b85972cd7c60ebffb29da981236b4b4f7de545a8e5749866af56b0e5faab2404ab2f8a1941223a8886fa5289679c759f2d697","ssdeep":"","tlshash":"81d05e48626c2711a09eb0dc85660eac1ebbc2533ed4c8bf0c8d9a0f8a6d00dcf5ca94","size":266,"data":"","first_seen":"2024-12-21T05:33:15.450859Z","last_seen":"2026-06-08T10:29:50.778993Z","times_seen":2494,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-refund.ca/_astro-1772751476364/client.fwEDnHMg.js","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"25786fdac57dc25f1740ff8d92ab39b8","sha1":"f6ed9e94bee18a60c7f4e628c65f75ea9def30d5","sha256":"94708a4fce5a4cc44cb73cc57e994e896b7d215875ff36e6d9a5409e6c131c5b","sha512":"e9f1dd3a57ab8e7aff4f0e0ab590ed57c18ce9e65ba16caea1b27c72a35523a9f10761da2f738c2899720afab0c96271ec9a14b72bbc065a90d537316ba39a1a","ssdeep":"","tlshash":"e841d8bcf441ee7212f698e0c62921109a1f206d357bc8a0e3ee0c520679a5d805df6e","size":2330,"data":"","first_seen":"2026-03-06T10:03:01.206702Z","last_seen":"2026-05-23T06:36:45.31377Z","times_seen":30,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-refund.ca/_astro-1772751476364/siteModulesConstants.DLGHSrxa.js","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"73d5f03484ca5b6863350c615d3f7839","sha1":"a2098c6b0ec9f02274f36fd27437183bbb905fdd","sha256":"b2262ab5418f3e8bf04898ca6ee62b3ca61ec0d5119c466a2a9974992a18a3fe","sha512":"2c452e5e287d5f4f3ae2a6dc569c97bc77b4d51f4ad4ad42bc7a5ba8838f289e7d98b93df8386ce34d94ac6056292708ea526465c00797194af1e17f0b0908e8","ssdeep":"","tlshash":"9671756ee91013fe4402112799bb929093bc5617997021e17cbf981e42ff7af3292f2c","size":3498,"data":"","first_seen":"2026-03-06T10:03:01.204722Z","last_seen":"2026-06-08T10:29:50.769532Z","times_seen":184,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-refund.ca/_astro-1772751476364/ClientHead.DNNh4Hq-.js","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3e16ae63fce51b1ef021e32f5225e81f","sha1":"80492f09ce1b6dcbd7705899dbd4067f65b17d79","sha256":"5566772effea8b9de89ca52c0dd65081614d2cfff977f0c70ee710724fb006c2","sha512":"031beae49d13dccf96ca5c940f3b7bf5b523c31d8ceae9fb42da6adaed0d86d08faf25ed15e82af19d318e23ea5a90bb80c6cbe39cccfd0e6b87d42b64e0223d","ssdeep":"","tlshash":"58219b4ef445f83e27e50548f79a1d2793061d4cc11c6950957c42e43fd1c07901e7af","size":1368,"data":"","first_seen":"2026-03-06T10:03:01.201814Z","last_seen":"2026-05-23T06:36:45.308705Z","times_seen":30,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-refund.ca/","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ba0f4e77cb3d1968e8bb09e81cc6345e","sha1":"c3dabda4cfc7ed18627ba989f8ae8766b1ce4933","sha256":"7885d6bc09b192bdb9d4b2599239e210ae4b70f1773646a96c97a9a21c184487","sha512":"57baf1a1c836348e36fb6c38e649c142601110dd231faea9bc2a5c9c653c4b014dc4d02b3bbd7dad06a67eb2418bde568ca6f698086f9ce179718b5b1c56261a","ssdeep":"","tlshash":"f3c02bd612f36130f3ab40c7838f31c300207016027840d351014c70101c4494594e30","size":130,"data":"","first_seen":"2023-07-23T05:20:44Z","last_seen":"2026-06-08T13:23:18.593139Z","times_seen":8976,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-refund.ca/","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"15505b2350e129b787d479f7507edee9","sha1":"09ccb3a84e7f25a30bf97594c9c98b6878fd4483","sha256":"53b6bbda82ae145cfc0fb1941cb035359d1c8b298798339cf53f5a543836ad65","sha512":"970991ac74c61bd2a25fe8a331be62b328d99d1f04b87a83cf50deda9d4d6b68a04403ba120796b1e2f9de04af78d640626fb95d2370907f4b626385f0562178","ssdeep":"","tlshash":"3a61947813111bb33ddda0a9dd286ec3dda51834859a887e784e5cf30658e4381bebb9","size":3462,"data":"","first_seen":"2025-06-11T22:43:11.360804Z","last_seen":"2026-06-08T12:41:39.077087Z","times_seen":10789,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-refund.ca/","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"091fcea2ce8db1aa7fe44a4051e96b41","sha1":"4d1b368bcbddf456742d0abacd23ee510e609158","sha256":"433585662f852c8c76ded9e6f52054e1a120c78c7c0ecb8048fd3b99faa897f7","sha512":"765886ace161a524d53d770197f9f99de2c574df18129c8f32c3d4805f4680e2bd3c538527c6ed7e053b462fd1482e2eae75fcdf545bbeb795feff24d9c77d7f","ssdeep":"","tlshash":"14c02b9512f3e130f2a741c5c3cf32430000725602f841d351055c70401cc8a55a4f30","size":130,"data":"","first_seen":"2023-07-22T04:09:49Z","last_seen":"2026-06-08T12:41:39.077808Z","times_seen":12687,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-refund.ca/_astro-1772751476364/Integrations.TzRFAa0b.js","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"176b05c8b80ec65a6fd84acfe43a9a2c","sha1":"a9ca52e18a59ab960957d572cb345e9409ba69ed","sha256":"973d7408e67f438fbfb3ca5a4b82a4817153b5a83ece0cb97a8743dfb8da346b","sha512":"f3f71c835df4965e994c3d91e3c72c9e9bc4af92c83c5a7de3c052b7c02ca97ba2e74d04a0221619f09013656e21ac848b39c940723fde838d2c77a9b2760994","ssdeep":"","tlshash":"1651d546377ffabce201d1b145e3a8342b5b3d84ae61c86cc3f90c52954242d3a1aed3","size":2947,"data":"","first_seen":"2026-03-06T10:03:01.207467Z","last_seen":"2026-05-23T06:36:45.339844Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"www.chainalysis.com/wp-content/uploads/2024/10/bny-logo-2024.svg","fqdn":"www.chainalysis.com","domain":"chainalysis.com","tld":"com"},"ip":{"addr":"172.64.151.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:34.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.chainalysis.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 15:31:55 GMT","end":"Wed, 27 May 2026 16:31:51 GMT"},"fingerprint":{"sha1":"B6:61:9B:7D:71:AE:5E:75:E1:F6:90:17:8A:F0:DB:74:48:EB:AC:C6","sha256":"4F:88:70:C9:ED:1C:3B:AE:03:A3:23:71:2B:12:B3:08:AD:45:31:DA:37:3F:59:78:29:56:E0:6D:20:BF:2D:F4"}}},"request":{"raw":"GET /wp-content/uploads/2024/10/bny-logo-2024.svg HTTP/1.1\r\nHost: www.chainalysis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 621\r\ncf-ray: 9d80868fe9643181-OSL\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31622400\r\ncontent-encoding: gzip\r\netag: W/\"6961a995-4cd\"\r\nexpires: Mon, 11 Jan 2027 01:45:10 GMT\r\nlast-modified: Sat, 10 Jan 2026 01:21:25 GMT\r\nstrict-transport-security: max-age=31622400; includeSubDomains; preload\r\nx-pantheon-styx-hostname: styx-fe4-b-657b4465f5-nx5m7\r\nx-styx-req-id: ff796177-edc5-11f0-8a1c-4a383966aeee\r\nx-served-by: cache-chi-kigq8000158-CHI, cache-bma-essb1270022-BMA\r\nx-cache: HIT, HIT\r\nx-cache-hits: 10, 0\r\nx-timer: S1772791355.883409,VS0,VE3\r\nvary: Accept-Encoding\r\nage: 148966\r\naccept-ranges: bytes\r\nvia: 1.1 varnish, 1.1 varnish\r\ncf-cache-status: DYNAMIC\r\nx-content-type-options: nosniff\r\nx-frame-options: DENY\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"MariaDB","description":"MariaDB is an open-source relational database management system compatible with MySQL.","website":"https://mariadb.org","common_platform_enumeration":"cpe:2.3:a:mariadb_project:mariadb:*:*:*:*:*:*:*:*","icon":"mariadb.svg","categories":["Databases"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Pantheon","description":"Pantheon is a WebOps (Website Operations) and Management Platform for WordPress and Drupal.","website":"https://pantheon.io/","common_platform_enumeration":"","icon":"Pantheon.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1229,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9ec596ba7675ac4a60bd9655cb8bc605","sha1":"9fadbe1608faabbe9ae0b4e51a38d49bce883262","sha256":"e625a111bf3c7e5628a315fb766f01cf1712ea16cf2f155b916ad3eb578a329a","sha512":"d64b12170bc37ba01964abdeb6359d0da69a5c830867fdfeeddcf31025ceccebf438b94f5688af4bb7db8782658a587515bf6441ecaedda2ce4084fb8000fd81","ssdeep":"","tlshash":"eb2132e533ccd1f8b11897510687b13f401b28e42d69e1a59a916a357d6b48f0d39ec1","first_seen":"2026-03-06T10:03:01.169777Z","last_seen":"2026-05-11T00:14:47.50313Z","times_seen":4,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":65,"dns":20,"connect":3,"send":0,"wait":28,"receive":2,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chainalysis.com/wp-content/uploads/2025/01/logo-moonpay-1.svg","fqdn":"www.chainalysis.com","domain":"chainalysis.com","tld":"com"},"ip":{"addr":"172.64.151.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:34.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.chainalysis.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 15:31:55 GMT","end":"Wed, 27 May 2026 16:31:51 GMT"},"fingerprint":{"sha1":"B6:61:9B:7D:71:AE:5E:75:E1:F6:90:17:8A:F0:DB:74:48:EB:AC:C6","sha256":"4F:88:70:C9:ED:1C:3B:AE:03:A3:23:71:2B:12:B3:08:AD:45:31:DA:37:3F:59:78:29:56:E0:6D:20:BF:2D:F4"}}},"request":{"raw":"GET /wp-content/uploads/2025/01/logo-moonpay-1.svg HTTP/1.1\r\nHost: www.chainalysis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 4603\r\ncf-ray: 9d80868fe9303181-OSL\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31622400\r\ncontent-encoding: gzip\r\netag: W/\"6961aa3d-264f\"\r\nexpires: Mon, 11 Jan 2027 01:45:09 GMT\r\nlast-modified: Sat, 10 Jan 2026 01:24:13 GMT\r\nstrict-transport-security: max-age=31622400; includeSubDomains; preload\r\nx-pantheon-styx-hostname: styx-fe4-a-658544c96f-rgp7c\r\nx-styx-req-id: ff78e243-edc5-11f0-bd5c-02b0155cd7b1\r\nx-served-by: cache-chi-klot8100059-CHI, cache-bma-essb1270073-BMA\r\nx-cache: HIT, HIT\r\nx-cache-hits: 3, 3\r\nx-timer: S1772791355.883121,VS0,VE2\r\nvary: Accept-Encoding\r\nage: 148966\r\naccept-ranges: bytes\r\nvia: 1.1 varnish, 1.1 varnish\r\ncf-cache-status: DYNAMIC\r\nx-content-type-options: nosniff\r\nx-frame-options: DENY\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Pantheon","description":"Pantheon is a WebOps (Website Operations) and Management Platform for WordPress and Drupal.","website":"https://pantheon.io/","common_platform_enumeration":"","icon":"Pantheon.svg","categories":["PaaS"]},{"name":"MariaDB","description":"MariaDB is an open-source relational database management system compatible with MySQL.","website":"https://mariadb.org","common_platform_enumeration":"cpe:2.3:a:mariadb_project:mariadb:*:*:*:*:*:*:*:*","icon":"mariadb.svg","categories":["Databases"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":9807,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"74d2375b789be2bdf411f59d32a97c0d","sha1":"45a9cf2508e6d2c70f7673e5c8fd8cb0422e2c96","sha256":"a228a09196b9f59990a741f3f1956cd128c96467a1ff7da8cf6179ee06bc75f4","sha512":"afdb9a138887605612deeee7a87e305ef864ca7f6088c01b713655bcc9addca1f0802997ce9394726be7d029270c8296d32c6863281f629871f72d64d7a1a312","ssdeep":"192:0ucoXwNbY7bf/X9T1oOHEK1Q4eTY3ARAicBT1h1otmumOv9Qbzp:0OIY7bnNpHkK1Q4e83ARVcBat5D2d","tlshash":"9e1296efa7d5b3d4e482e3f6e92155767a4a30ff6bc5cf54c369ae80b64209c4848c84","first_seen":"2026-03-06T10:03:01.171125Z","last_seen":"2026-05-11T00:14:47.540622Z","times_seen":4,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":55,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chainalysis.com/wp-content/uploads/2025/01/logo-adgm-1.svg","fqdn":"www.chainalysis.com","domain":"chainalysis.com","tld":"com"},"ip":{"addr":"172.64.151.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:34.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.chainalysis.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 15:31:55 GMT","end":"Wed, 27 May 2026 16:31:51 GMT"},"fingerprint":{"sha1":"B6:61:9B:7D:71:AE:5E:75:E1:F6:90:17:8A:F0:DB:74:48:EB:AC:C6","sha256":"4F:88:70:C9:ED:1C:3B:AE:03:A3:23:71:2B:12:B3:08:AD:45:31:DA:37:3F:59:78:29:56:E0:6D:20:BF:2D:F4"}}},"request":{"raw":"GET /wp-content/uploads/2025/01/logo-adgm-1.svg HTTP/1.1\r\nHost: www.chainalysis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1977\r\ncf-ray: 9d80868fe93b3181-OSL\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31622400\r\ncontent-encoding: gzip\r\netag: W/\"6961aa3b-f6e\"\r\nexpires: Fri, 15 Jan 2027 21:40:56 GMT\r\nlast-modified: Sat, 10 Jan 2026 01:24:11 GMT\r\nstrict-transport-security: max-age=31622400; includeSubDomains; preload\r\nx-pantheon-styx-hostname: styx-fe4-a-6d44bddddc-jwgr7\r\nx-styx-req-id: b52f111c-f191-11f0-b88e-c6edac698b05\r\nx-served-by: cache-chi-klot8100171-CHI, cache-bma-essb1270071-BMA\r\nx-cache: HIT, HIT\r\nx-cache-hits: 11, 0\r\nx-timer: S1772791355.885625,VS0,VE4\r\nvary: Accept-Encoding\r\nage: 148966\r\naccept-ranges: bytes\r\nvia: 1.1 varnish, 1.1 varnish\r\ncf-cache-status: DYNAMIC\r\nx-content-type-options: nosniff\r\nx-frame-options: DENY\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Pantheon","description":"Pantheon is a WebOps (Website Operations) and Management Platform for WordPress and Drupal.","website":"https://pantheon.io/","common_platform_enumeration":"","icon":"Pantheon.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"MariaDB","description":"MariaDB is an open-source relational database management system compatible with MySQL.","website":"https://mariadb.org","common_platform_enumeration":"cpe:2.3:a:mariadb_project:mariadb:*:*:*:*:*:*:*:*","icon":"mariadb.svg","categories":["Databases"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":3950,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"409de95dc1157e2138e86ca9082e3b69","sha1":"c50a29f870636c2e6e959747261320083a5dc950","sha256":"4a9b9a209723f1f1347189b54311c0bffe4a0b3b3eec3a1e173cd2c1c1f742a4","sha512":"6b86f33b32e97fb2a8782484512b695d048b32e7161ad2886c24209dc04588776af499501c047a9946e70b1c5b649123f6733333b65f9a1e24ef176a375c5e0b","ssdeep":"","tlshash":"1581bad853a963c0f505abbc6b22287d18af3cfa4b65da79c2847e505e7205dc69ccc3","first_seen":"2026-03-06T10:03:01.172448Z","last_seen":"2026-05-11T00:14:47.560705Z","times_seen":4,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":53,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-refund.ca/_astro-1772751476364/_slug_.x-69ZQGZ.css","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:33.727Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crypto-refund.ca","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Mar 2026 19:18:01 GMT","end":"Mon, 01 Jun 2026 19:18:00 GMT"},"fingerprint":{"sha1":"C7:F9:E0:A8:87:0D:34:A8:C1:4C:5F:36:9F:F6:06:83:A2:8F:9C:86","sha256":"5B:93:CB:ED:2E:B0:9B:49:23:FB:FE:F6:4E:F3:B3:A1:98:DD:5E:16:66:44:BC:0D:02:14:3B:EB:4D:D4:9C:4E"}}},"request":{"raw":"GET /_astro-1772751476364/_slug_.x-69ZQGZ.css HTTP/1.1\r\nHost: crypto-refund.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 06 Mar 2026 10:02:33 GMT\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=2592000\r\nexpires: Sun, 05 Apr 2026 10:02:33 GMT\r\nlast-modified: Thu, 05 Mar 2026 22:58:13 GMT\r\netag: W/\"82fb6316bf1e45dcdbcb885304d1bad0\"\r\ncf-cache-status: HIT\r\nage: 39803\r\nset-cookie: __cf_bm=6WGxDlKW4MMwwZ9nq28TZTbUpfojzxtgPKOo0jRmTCA-1772791353-1.0.1.1-RBfIywFt4Otd8_Fr2.c0_onq9mvNxVfcDZ3216LyDp5V6ph2YapL0RcAZ_wIKLS9pkMGajbV2nApc0oRVOPMTZYNYKeGNzBko2oojWiPKro; path=/; expires=Fri, 06-Mar-26 10:32:33 GMT; domain=.zyro.com; HttpOnly\r\nvary: Accept-Encoding\r\ncf-ray: 9d808689087b6334-LHR\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hostinger-datacenter: gcp-euw2\r\nx-hostinger-node: gcp-euw2-builder-edge2\r\ncontent-security-policy: frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk\r\nlink: \u003chttps://assets.zyrosite.com\u003e; rel=preconnect; crossorigin, \u003chttps://userapp.zyrosite.com\u003e; rel=preconnect; crossorigin, \u003chttps://fonts.googleapis.com\u003e; rel=preconnect; crossorigin, \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin, \u003chttps://cdn.zyrosite.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload;\r\nx-content-type-options: nosniff\r\nx-powered-by: HostingerWebsiteBuilder\r\nplatform: hostinger\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":361151,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"82fb6316bf1e45dcdbcb885304d1bad0","sha1":"73fa10e08334c68d6aff0c0e572e6dcbfe4c0a7b","sha256":"2b632e462842b58a63ec4675751fde9e136a57b452e5a91fd66ebcef1133d364","sha512":"4279001be1b26e2e55f177431c0d375692ad7283729717a6f0944606202c036f9afbf7f72f62735d08b783d5f739588b8de5251957a353e79b90c9079407e7d5","ssdeep":"1536:K+p5G9MWLz3RQ/MNPlCROXE7e7HS9HJbGNHM38H+TULQVnlesQDoF3+3ODSjLvP2:KbMWLz3vLiOwJr4zFICK1Go","tlshash":"da74d666f124b03b2537997fa6d8ee0c7724ea02ca1787e4ff50600569c79e327f2649","first_seen":"2026-03-06T10:03:01.173679Z","last_seen":"2026-05-05T09:11:35.161655Z","times_seen":5,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-refund.ca/_astro-1772751476364/addDocumentElements.BeRs_9gd.js","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:34.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crypto-refund.ca","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Mar 2026 19:18:01 GMT","end":"Mon, 01 Jun 2026 19:18:00 GMT"},"fingerprint":{"sha1":"C7:F9:E0:A8:87:0D:34:A8:C1:4C:5F:36:9F:F6:06:83:A2:8F:9C:86","sha256":"5B:93:CB:ED:2E:B0:9B:49:23:FB:FE:F6:4E:F3:B3:A1:98:DD:5E:16:66:44:BC:0D:02:14:3B:EB:4D:D4:9C:4E"}}},"request":{"raw":"GET /_astro-1772751476364/addDocumentElements.BeRs_9gd.js HTTP/1.1\r\nHost: crypto-refund.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/_astro-1772751476364/ClientHead.DNNh4Hq-.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: text/javascript\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=2592000\r\nexpires: Sun, 05 Apr 2026 10:02:34 GMT\r\nlast-modified: Thu, 05 Mar 2026 22:58:13 GMT\r\netag: W/\"615ea1ccb12221523e93df73bb40c3d6\"\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=bLmajA4lGJhw7yGD8kEXdzb7aq5kh6EkwLL90WMpmpw-1772791354-1.0.1.1-EEk9ziD8FIeQ_hftFrGHqi2LswhxtdcnYwVbGG.QEe5kHIFXrqsdKnV3waRi1bIv.jKJBG8x9C3TKi218UQzemiqDBiyA6Ka7tWanbIFu2Q; path=/; expires=Fri, 06-Mar-26 10:32:34 GMT; domain=.zyro.com; HttpOnly\r\nvary: Accept-Encoding\r\ncf-ray: 9d80868b4f74ef19-LHR\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hostinger-datacenter: gcp-euw2\r\nx-hostinger-node: gcp-euw2-builder-edge2\r\ncontent-security-policy: frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk\r\nlink: \u003chttps://assets.zyrosite.com\u003e; rel=preconnect; crossorigin, \u003chttps://userapp.zyrosite.com\u003e; rel=preconnect; crossorigin, \u003chttps://fonts.googleapis.com\u003e; rel=preconnect; crossorigin, \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin, \u003chttps://cdn.zyrosite.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload;\r\nx-content-type-options: nosniff\r\nx-powered-by: HostingerWebsiteBuilder\r\nplatform: hostinger\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4381,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1457)","md5":"615ea1ccb12221523e93df73bb40c3d6","sha1":"88c27b1eee4cdb9711e1c4f50acaee5ea1179812","sha256":"ff68a0f1e87f7dcd0b1803a1acbf1fdfd570e4ee4349b531b4ae40b9ba3c2fdc","sha512":"df68fc72126b7f9da12b3ce01bc38470f1fcc819102854a41a2a1b6a2b96780de8a471a2005795876b937f1d331d092d20c607e268035b312fca188f914921a3","ssdeep":"96:2+nafyrcNdT5KgRNEjA8hnteKbov6tHTE0uIrm0dWtE:24sC+1nRNEjphFbRtHTE0uF09","tlshash":"9f9163debe08fa37d6ba80e12732c226b5131619f4a6d4a0e1ed442e5902dc36c77fd5","first_seen":"2026-03-06T10:03:01.174981Z","last_seen":"2026-06-02T04:13:31.515861Z","times_seen":114,"resource_available":true,"data":null}},"time_used":135,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":135,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chainalysis.com/wp-content/uploads/2025/01/logo-coinbase-1.svg","fqdn":"www.chainalysis.com","domain":"chainalysis.com","tld":"com"},"ip":{"addr":"172.64.151.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:34.794Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.chainalysis.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 15:31:55 GMT","end":"Wed, 27 May 2026 16:31:51 GMT"},"fingerprint":{"sha1":"B6:61:9B:7D:71:AE:5E:75:E1:F6:90:17:8A:F0:DB:74:48:EB:AC:C6","sha256":"4F:88:70:C9:ED:1C:3B:AE:03:A3:23:71:2B:12:B3:08:AD:45:31:DA:37:3F:59:78:29:56:E0:6D:20:BF:2D:F4"}}},"request":{"raw":"GET /wp-content/uploads/2025/01/logo-coinbase-1.svg HTTP/1.1\r\nHost: www.chainalysis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1744\r\ncf-ray: 9d80868fd9243181-OSL\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31622400\r\ncontent-encoding: gzip\r\netag: W/\"6961aa3c-e6b\"\r\nexpires: Fri, 29 Jan 2027 04:44:37 GMT\r\nlast-modified: Sat, 10 Jan 2026 01:24:12 GMT\r\nstrict-transport-security: max-age=31622400; includeSubDomains; preload\r\nx-pantheon-styx-hostname: styx-fe4-a-7f76c9f659-n4fx6\r\nx-styx-req-id: 0caf2bd0-fc04-11f0-b4b3-0a3f75c871df\r\nx-served-by: cache-chi-kigq8000129-CHI, cache-bma-essb1270078-BMA\r\nx-cache: HIT, HIT\r\nx-cache-hits: 0, 0\r\nx-timer: S1772791355.896538,VS0,VE3\r\nvary: Accept-Encoding\r\nage: 100258\r\naccept-ranges: bytes\r\nvia: 1.1 varnish, 1.1 varnish\r\ncf-cache-status: DYNAMIC\r\nx-content-type-options: nosniff\r\nx-frame-options: DENY\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Pantheon","description":"Pantheon is a WebOps (Website Operations) and Management Platform for WordPress and Drupal.","website":"https://pantheon.io/","common_platform_enumeration":"","icon":"Pantheon.svg","categories":["PaaS"]},{"name":"MariaDB","description":"MariaDB is an open-source relational database management system compatible with MySQL.","website":"https://mariadb.org","common_platform_enumeration":"cpe:2.3:a:mariadb_project:mariadb:*:*:*:*:*:*:*:*","icon":"mariadb.svg","categories":["Databases"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":3691,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e1a590c949b54837d7ef55c1025edb5b","sha1":"febb839f79f8d8c0bc7225f874750da75d5cfeef","sha256":"b7bcb0971c87fdf3c0bd67ffd819c4bb8b1cf99fb9f5826b1e4d670294912b22","sha512":"a3dbc489d8a0849e4b8b09dacce4f9222d08d024e0fd5141a8d664b1630da296b37cb7f6760b15799c72350732b7a3719eb470cde0f2bff6d7a9e8cf9d698be9","ssdeep":"","tlshash":"697176e07feba2f4970293b7d917a9b57a6f38f73342a1b5c270ec44251726444c48a0","first_seen":"2026-03-06T10:03:01.17617Z","last_seen":"2026-05-11T00:14:47.465831Z","times_seen":4,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":63,"dns":24,"connect":1,"send":0,"wait":60,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chainalysis.com/wp-content/uploads/2025/02/logo-kraken.svg","fqdn":"www.chainalysis.com","domain":"chainalysis.com","tld":"com"},"ip":{"addr":"172.64.151.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:34.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.chainalysis.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 15:31:55 GMT","end":"Wed, 27 May 2026 16:31:51 GMT"},"fingerprint":{"sha1":"B6:61:9B:7D:71:AE:5E:75:E1:F6:90:17:8A:F0:DB:74:48:EB:AC:C6","sha256":"4F:88:70:C9:ED:1C:3B:AE:03:A3:23:71:2B:12:B3:08:AD:45:31:DA:37:3F:59:78:29:56:E0:6D:20:BF:2D:F4"}}},"request":{"raw":"GET /wp-content/uploads/2025/02/logo-kraken.svg HTTP/1.1\r\nHost: www.chainalysis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1559\r\ncf-ray: 9d80868fe9583181-OSL\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31622400\r\ncontent-encoding: gzip\r\netag: W/\"6961aa76-d35\"\r\nexpires: Mon, 11 Jan 2027 01:45:09 GMT\r\nlast-modified: Sat, 10 Jan 2026 01:25:10 GMT\r\nstrict-transport-security: max-age=31622400; includeSubDomains; preload\r\nx-pantheon-styx-hostname: styx-fe4-b-657b4465f5-xtdn4\r\nx-styx-req-id: ff7504c6-edc5-11f0-93af-8a8a1f5e7864\r\nx-served-by: cache-chi-klot8100178-CHI, cache-bma-essb1270032-BMA\r\nx-cache: HIT, HIT\r\nx-cache-hits: 24, 0\r\nx-timer: S1772791355.889623,VS0,VE3\r\nvary: Accept-Encoding\r\nage: 148966\r\naccept-ranges: bytes\r\nvia: 1.1 varnish, 1.1 varnish\r\ncf-cache-status: DYNAMIC\r\nx-content-type-options: nosniff\r\nx-frame-options: DENY\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Pantheon","description":"Pantheon is a WebOps (Website Operations) and Management Platform for WordPress and Drupal.","website":"https://pantheon.io/","common_platform_enumeration":"","icon":"Pantheon.svg","categories":["PaaS"]},{"name":"MariaDB","description":"MariaDB is an open-source relational database management system compatible with MySQL.","website":"https://mariadb.org","common_platform_enumeration":"cpe:2.3:a:mariadb_project:mariadb:*:*:*:*:*:*:*:*","icon":"mariadb.svg","categories":["Databases"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3381,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f8549fd5282d72cc2b6ca3074c202e0b","sha1":"ad15c1c5134f19d8bd54d7fb2f1987c21221c374","sha256":"fee025fb382ace3efa36cca9d37b2e4606383d6f5d2a4c3f2d50ff003321b69d","sha512":"adc87b8e4d27b74306f8017b54c80d846bafd4dbfbd4543caaadd04910765b1c7e8c60f9a42fcb0961571238371e57a92c8d78fffeea87ca657214965ea8c3df","ssdeep":"","tlshash":"576176d27bcdb3e49553fba1ed50b0313ddb116fe691cb1ac144add2e095228e8a4884","first_seen":"2026-03-06T10:03:01.177208Z","last_seen":"2026-05-11T00:14:47.556858Z","times_seen":4,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":68,"dns":23,"connect":1,"send":0,"wait":38,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-refund.ca/_astro-1772751476364/_plugin-vue_export-helper.uaDa0FBd.js","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:34.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crypto-refund.ca","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Mar 2026 19:18:01 GMT","end":"Mon, 01 Jun 2026 19:18:00 GMT"},"fingerprint":{"sha1":"C7:F9:E0:A8:87:0D:34:A8:C1:4C:5F:36:9F:F6:06:83:A2:8F:9C:86","sha256":"5B:93:CB:ED:2E:B0:9B:49:23:FB:FE:F6:4E:F3:B3:A1:98:DD:5E:16:66:44:BC:0D:02:14:3B:EB:4D:D4:9C:4E"}}},"request":{"raw":"GET /_astro-1772751476364/_plugin-vue_export-helper.uaDa0FBd.js HTTP/1.1\r\nHost: crypto-refund.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/_astro-1772751476364/client.fwEDnHMg.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: text/javascript\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=2592000\r\nexpires: Sun, 05 Apr 2026 10:02:34 GMT\r\nlast-modified: Thu, 05 Mar 2026 22:58:13 GMT\r\netag: W/\"419fff7164dd8ff861d56e24d01b417e\"\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=n1P.f0hxj5pnV3r.09RAHuqzIPgttrZxh2FS1LHkr1g-1772791354-1.0.1.1-HtNbUIZvaTjp3Wjg1ThZZ8BwJeM8PPrcFG96Fx0eQD_fjdZ4ux3lZFIlOpHJX7aaIBpMoDMrOrGDZR1ebFndzQdCXjqdQSV5FEXy7O6D9jw; path=/; expires=Fri, 06-Mar-26 10:32:34 GMT; domain=.zyro.com; HttpOnly\r\nvary: Accept-Encoding\r\ncf-ray: 9d80868b395fdfb4-LHR\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hostinger-datacenter: gcp-euw2\r\nx-hostinger-node: gcp-euw2-builder-edge2\r\ncontent-security-policy: frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk\r\nlink: \u003chttps://assets.zyrosite.com\u003e; rel=preconnect; crossorigin, \u003chttps://userapp.zyrosite.com\u003e; rel=preconnect; crossorigin, \u003chttps://fonts.googleapis.com\u003e; rel=preconnect; crossorigin, \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin, \u003chttps://cdn.zyrosite.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload;\r\nx-content-type-options: nosniff\r\nx-powered-by: HostingerWebsiteBuilder\r\nplatform: hostinger\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":74191,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (33358)","md5":"419fff7164dd8ff861d56e24d01b417e","sha1":"1ec207bbcc71b5b1d68c83d9cf19b7073e7c4f76","sha256":"514b0db937ade407418f4211769f17b87994544239376967b9b25e7940340e93","sha512":"553a69a9eb18e1fa4be6ef1d7efb4bcfc9e290f40158a22c17fb2e5e89410c66aac4ea856399afd34839a34ce7921071cbe096bbf5a5ed55e30a0c1330e5c791","ssdeep":"1536:guQUZNEZTDbccjl/9WZ+/O11c0YvwxtkjNu3u9:1Wfbdjl/2+/OMzjNue9","tlshash":"237318f83182b562a3f918e240b70016f36e2816380ec9e8b59daddf3d7640551a7fbd","first_seen":"2026-03-06T10:03:01.178263Z","last_seen":"2026-05-23T06:36:45.298257Z","times_seen":30,"resource_available":true,"data":null}},"time_used":147,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":147,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.zyrosite.com/5ZxAEvLUkKYVs3Ba/ai-logo-2aFbcXyDY2DnR2Rl.svg","fqdn":"assets.zyrosite.com","domain":"zyrosite.com","tld":"com"},"ip":{"addr":"172.64.144.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:34.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zyrosite.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 18:03:34 GMT","end":"Tue, 19 May 2026 19:03:25 GMT"},"fingerprint":{"sha1":"35:11:03:A8:71:75:76:B9:CD:A3:2E:E6:CF:0B:CA:2F:C9:8A:8B:30","sha256":"77:B4:08:55:A0:4B:B9:F4:FA:5D:10:F3:9A:9C:E7:91:D4:65:28:56:3B:50:BD:B7:95:12:FC:A7:66:DE:F9:07"}}},"request":{"raw":"GET /5ZxAEvLUkKYVs3Ba/ai-logo-2aFbcXyDY2DnR2Rl.svg HTTP/1.1\r\nHost: assets.zyrosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nCookie: __cf_bm=Kq8js2SWEfFmADEvWhpq3YA0IS7Qe14CU9YjuqWwIEg-1772791353-1.0.1.1-GUvK0yIUYo1ohQHN3SsAoEnAkpqKkATVIUP_9IElkAY.169FE8mK3T.F9Zewk8mBwDNxD_EwnvmgsoUJ.4YxwCwCC2dl2H3huXIHbY3Hyu0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: image/svg+xml\r\ncontent-encoding: br\r\ncache-control: public, max-age=2592000\r\nexpires: Sun, 05 Apr 2026 10:02:34 GMT\r\nlast-modified: Tue, 03 Mar 2026 19:49:14 GMT\r\netag: W/\"ab62e7b410e640ece00f159a1e49d296\"\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\ncf-ray: 9d80868c8a2a32fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":219,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ab62e7b410e640ece00f159a1e49d296","sha1":"8d8d9af04fd6d0a312068a80b5934f4955e90c95","sha256":"56c2acff9420c99e1a43876dba911140bfb1573958fee24514b908f2ce24e1b3","sha512":"cd71ada7bd8b7e1c2dd7765c10cb36579fb13c2baaf66fcdc212a93e830eff11f9ae4bc0c770aa75af793199cfa48f252f7720f409e812f278ab1087b265205a","ssdeep":"","tlshash":"67d0231020d40b00c03444049326f4df3a0780c308c08b00f59c2019039dce34e0a33c","first_seen":"2026-03-06T10:03:01.179269Z","last_seen":"2026-03-06T10:55:38.499201Z","times_seen":2,"resource_available":false,"data":null}},"time_used":423,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":423,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chainalysis.com/wp-content/uploads/2022/09/cryptodotcom-logo-soft.svg","fqdn":"www.chainalysis.com","domain":"chainalysis.com","tld":"com"},"ip":{"addr":"172.64.151.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:34.802Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.chainalysis.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 15:31:55 GMT","end":"Wed, 27 May 2026 16:31:51 GMT"},"fingerprint":{"sha1":"B6:61:9B:7D:71:AE:5E:75:E1:F6:90:17:8A:F0:DB:74:48:EB:AC:C6","sha256":"4F:88:70:C9:ED:1C:3B:AE:03:A3:23:71:2B:12:B3:08:AD:45:31:DA:37:3F:59:78:29:56:E0:6D:20:BF:2D:F4"}}},"request":{"raw":"GET /wp-content/uploads/2022/09/cryptodotcom-logo-soft.svg HTTP/1.1\r\nHost: www.chainalysis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1835\r\ncf-ray: 9d80868ff9883181-OSL\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31622400\r\ncontent-encoding: gzip\r\netag: W/\"6961a537-11e8\"\r\nexpires: Mon, 11 Jan 2027 01:45:09 GMT\r\nlast-modified: Sat, 10 Jan 2026 01:02:47 GMT\r\nstrict-transport-security: max-age=31622400; includeSubDomains; preload\r\nx-pantheon-styx-hostname: styx-fe4-b-657b4465f5-s5jcl\r\nx-styx-req-id: ff78595e-edc5-11f0-9a8d-da490a7b1ab4\r\nx-served-by: cache-chi-klot8100092-CHI, cache-bma-essb1270031-BMA\r\nx-cache: HIT, HIT\r\nx-cache-hits: 21, 0\r\nx-timer: S1772791355.886132,VS0,VE4\r\nvary: Accept-Encoding\r\nage: 148966\r\naccept-ranges: bytes\r\nvia: 1.1 varnish, 1.1 varnish\r\ncf-cache-status: DYNAMIC\r\nx-content-type-options: nosniff\r\nx-frame-options: DENY\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Pantheon","description":"Pantheon is a WebOps (Website Operations) and Management Platform for WordPress and Drupal.","website":"https://pantheon.io/","common_platform_enumeration":"","icon":"Pantheon.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"MariaDB","description":"MariaDB is an open-source relational database management system compatible with MySQL.","website":"https://mariadb.org","common_platform_enumeration":"cpe:2.3:a:mariadb_project:mariadb:*:*:*:*:*:*:*:*","icon":"mariadb.svg","categories":["Databases"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4584,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f224254a59d31c94465fd0815c02e903","sha1":"b360653ecd70d0f0d9ed7eb6e4a8fa4c83542941","sha256":"7ac23d51b08c6ba824a06600578d557b869ba27dc657a6eb1eed3e9ed715e608","sha512":"f6dbeb17eb6cd6ead993ab4ebc62daf15982f87e0bce18b55e2b3b609249ba5b7c4c2ed90b7731df2e46426ab68f335b2fc5034e7132ace81dcbb7fb72ef1597","ssdeep":"96:Lq9DjqgdNQqi5AKlT1ceoPS0dUCr8d13qVHi1KhazTTs/t:G9DjjdNHinF1r6US7ha/TC","tlshash":"dd910fcfa7dc65b4d80087e9503b61b5282f25ed3ea0da54478d3f9abf5245e89488c2","first_seen":"2026-03-06T10:03:01.180225Z","last_seen":"2026-05-11T00:14:47.575475Z","times_seen":4,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":67,"dns":17,"connect":3,"send":0,"wait":27,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.zyrosite.com/u1/google-fonts/font-faces?family=Lato:wght@400;500;600\u0026display=swap","fqdn":"cdn.zyrosite.com","domain":"zyrosite.com","tld":"com"},"ip":{"addr":"172.64.144.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:33.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zyrosite.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 18:03:34 GMT","end":"Tue, 19 May 2026 19:03:25 GMT"},"fingerprint":{"sha1":"35:11:03:A8:71:75:76:B9:CD:A3:2E:E6:CF:0B:CA:2F:C9:8A:8B:30","sha256":"77:B4:08:55:A0:4B:B9:F4:FA:5D:10:F3:9A:9C:E7:91:D4:65:28:56:3B:50:BD:B7:95:12:FC:A7:66:DE:F9:07"}}},"request":{"raw":"GET /u1/google-fonts/font-faces?family=Lato:wght@400;500;600\u0026display=swap HTTP/1.1\r\nHost: cdn.zyrosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 10:02:33 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-encoding: br\r\nx-correlation-id: MtSijHPs-5_wnA4xyNYAA\r\nx-request-id: 1885e82c36bfd9ac27a3a1d0ecc98b78\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Accept-Encoding\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=2592000\r\nexpires: Fri, 13 Mar 2026 10:02:33 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Wed, 25 Feb 2026 06:33:17 GMT\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: sameorigin\r\nx-content-type-options: nosniff\r\netag: W/\"37c-Mx+AS4fz+GP6tqT+9ieNkqaX9D8\"\r\nx-hostinger-datacenter: gcp\r\nx-hostinger-node: europe-west2\r\ncf-cache-status: HIT\r\nage: 187299\r\nset-cookie: __cf_bm=I1o5PgJCnRImxm6jxbkAlSWYWNHmX6t.QHskuV2gcVQ-1772791353-1.0.1.1-CQlZemSh9k8r1WQy810pOIq0rbFV44ZIX.duTMdc05pU__m5X6UEEOesFZRA31HLpqwkMeJq1gFLMMafug0IVBCLyq7qkVr3kQRR._b5cDE; path=/; expires=Fri, 06-Mar-26 10:32:33 GMT; domain=.zyrosite.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\ncf-ray: 9d808689087632fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":892,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"4af7b9538a29933d8c4c5df26350227d","sha1":"331f804b87f3f863fab6a4fef6278d92a697f43f","sha256":"ec41f1d409bf0cc6441c2f9df0f09242288409df69c3fffc5a03702d564a447f","sha512":"8419d10cc04aa7bd951ca85b512623c42e0b5c8458a7278241566930df3c694b8d584a9e0962253122d44aa7d3d6c7bb4fd1df3dbea41980a393cd9a44e3cfa8","ssdeep":"","tlshash":"bb1199c1086a110097936cc532da3e27ee2d51487885ea746ff91498acebc7a5351b0e","first_seen":"2025-06-02T00:51:11.168903Z","last_seen":"2026-05-23T09:00:30.780523Z","times_seen":101,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":33,"dns":14,"connect":1,"send":0,"wait":85,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.zyrosite.com/cdn-cgi/image/format=auto,w=1440,fit=crop/5ZxAEvLUkKYVs3Ba/20289f44-51eb-4768-bfa7-e54425a87ffc-Cvxn0RWVKW8fzEfW.jpg","fqdn":"assets.zyrosite.com","domain":"zyrosite.com","tld":"com"},"ip":{"addr":"172.64.144.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:33.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zyrosite.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 18:03:34 GMT","end":"Tue, 19 May 2026 19:03:25 GMT"},"fingerprint":{"sha1":"35:11:03:A8:71:75:76:B9:CD:A3:2E:E6:CF:0B:CA:2F:C9:8A:8B:30","sha256":"77:B4:08:55:A0:4B:B9:F4:FA:5D:10:F3:9A:9C:E7:91:D4:65:28:56:3B:50:BD:B7:95:12:FC:A7:66:DE:F9:07"}}},"request":{"raw":"GET /cdn-cgi/image/format=auto,w=1440,fit=crop/5ZxAEvLUkKYVs3Ba/20289f44-51eb-4768-bfa7-e54425a87ffc-Cvxn0RWVKW8fzEfW.jpg HTTP/1.1\r\nHost: assets.zyrosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 10:02:33 GMT\r\ncontent-type: image/avif\r\ncontent-length: 87035\r\nserver: cloudflare\r\ncf-ray: 9d808688f86532fa-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\ncache-control: public, max-age=2592000\r\netag: \"cf_4UxDph-8DbFmpcktJYhkwL39chm62VnURw7qqwqDQ:b872b102a16f77ae3dc56c3f549fb3f4\"\r\nlast-modified: Tue, 03 Mar 2026 19:49:14 GMT\r\nvary: Accept, Accept-Encoding\r\ncf-resized: internal=ram/h q=0 n=0+76 c=0+0 v=2026.2.12 l=87035 f=false wv=2026.1.2-1-gdcb8b7f\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;\r\nwarning: cf-images 299 \"crop fit mode needs both width and height\"\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=ho17GmGOdHql3RWQ7EXsi3el_zd_fmlAV6s2nVYJ7xY-1772791353-1.0.1.1-ChVMm4hV.0wNuNR0oF8w1eKAPidn_kGOFx.9yxc9noVEN3rmHFPx4E5Q_DMSIbush5CY4NRJ0.odTmQNLv3N29kpvi1cKGLyG9SqRnqFbv8; path=/; expires=Fri, 06-Mar-26 10:32:33 GMT; domain=.zyrosite.com; HttpOnly; Secure; SameSite=None\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":87035,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"33d6d93590a679716a2a7aa2a91596d9","sha1":"c33a15d11b679b1b6aad071cd7443195b8fa2a58","sha256":"8e9f5b4f4c114eefff1cfa96966bfc5362cc2959295ff76ad5c6de3a5c48c340","sha512":"80953e8834a387ab4adf14c41455cda87a302a996d092ead04b8e581d815f50e5d168efd49d05802fb4e30b3232a61497d00e92636ece8b0ccae595125c34592","ssdeep":"1536:37e/Lz9zAyUZ7/qdL0vbTjEEz1PubMfTzdxxU1fiUbhHBoO:C/Lh0Z/qdLabTgE5P3rzxafiU9n","tlshash":"048302ab621b006ffa270bf5049c17e3e10886cc5db466177749846ad1efefcdb59282","first_seen":"2026-03-06T10:03:01.182247Z","last_seen":"2026-03-06T10:55:38.521125Z","times_seen":2,"resource_available":false,"data":null}},"time_used":359,"timings":{"blocked":27,"dns":7,"connect":1,"send":0,"wait":172,"receive":128,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.zyrosite.com/u1/google-fonts/font-file?family=Lato:wght@400\u0026subset=latin\u0026display=swap","fqdn":"cdn.zyrosite.com","domain":"zyrosite.com","tld":"com"},"ip":{"addr":"172.64.144.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:33.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zyrosite.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 18:03:34 GMT","end":"Tue, 19 May 2026 19:03:25 GMT"},"fingerprint":{"sha1":"35:11:03:A8:71:75:76:B9:CD:A3:2E:E6:CF:0B:CA:2F:C9:8A:8B:30","sha256":"77:B4:08:55:A0:4B:B9:F4:FA:5D:10:F3:9A:9C:E7:91:D4:65:28:56:3B:50:BD:B7:95:12:FC:A7:66:DE:F9:07"}}},"request":{"raw":"GET /u1/google-fonts/font-file?family=Lato:wght@400\u0026subset=latin\u0026display=swap HTTP/1.1\r\nHost: cdn.zyrosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://crypto-refund.ca\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.zyrosite.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 13980\r\ncf-ray: 9d80868a3e9832fa-OSL\r\nx-correlation-id: XTdzIu68n2F6cYSCVIIld\r\nx-request-id: cc17b5ea0bb7adeb8cc176dfdec7b38e\r\naccess-control-allow-origin: *\r\nvary: Origin, Accept-Encoding\r\naccess-control-allow-credentials: true\r\naccept-ranges: bytes\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nexpires: Sat, 06 Mar 2027 10:02:34 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 15 Sep 2025 17:09:40 GMT\r\nx-hostinger-node: europe-west2\r\ncontent-disposition: attachment; filename=S6uyw4BMUTPHjx4wXiWtFCc.woff2\r\netag: W/\"369c-PxgCigSz+zm7HMM9zkAdBOkgeXA\"\r\nstrict-transport-security: max-age=2592000\r\nx-frame-options: sameorigin\r\nx-hostinger-datacenter: gcp\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=_fQNTgCPqZkOipV9vJEsef20bimrlMOQ8A2cR.qJUYk-1772791354-1.0.1.1-LcRLwFidZzbGm91euWdHWwPmHt78lf4x.PrkHuLLI0jkiZZF2dblJ_yETGS8Zk.BgU1Qv7mNcKP7Z_9MkNWNd_bJiXbrJHF9OWyZM9pzVE8; path=/; expires=Fri, 06-Mar-26 10:32:34 GMT; domain=.zyrosite.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13980,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 13980, version 1.0","md5":"b7d6b48d8d12946dc808ff39aed6c460","sha1":"3f18028a04b3fb39bb1cc33dce401d04e9207970","sha256":"d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0","sha512":"7c719a3026913201c92129f92b5c08bbe4344fc9c3b2d95445a3ec23974acc7de4555177145dfb8ae007572d03038fb3461e62654c386a60ddf32b0608edbd7a","ssdeep":"384:xE1ZUpMQcRcGQO/z6vwr1/4UcKURb5nbC5n:x+OcKGpz6vwrB4cURBQ","tlshash":"6552d041c8074200cbbb3471b46a9dd168914030a9dd24592b71e9b137f63affd5ae8e","first_seen":"2023-05-06T05:46:29Z","last_seen":"2026-06-08T12:33:34.746658Z","times_seen":10085,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":57,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.zyrosite.com/cdn-cgi/image/format=auto,w=768,h=687,fit=crop/5ZxAEvLUkKYVs3Ba/gettyimages-2236116835-2048x2048-0xGRgjIlTpnxrh4a.jpg","fqdn":"assets.zyrosite.com","domain":"zyrosite.com","tld":"com"},"ip":{"addr":"172.64.144.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:34.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zyrosite.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 18:03:34 GMT","end":"Tue, 19 May 2026 19:03:25 GMT"},"fingerprint":{"sha1":"35:11:03:A8:71:75:76:B9:CD:A3:2E:E6:CF:0B:CA:2F:C9:8A:8B:30","sha256":"77:B4:08:55:A0:4B:B9:F4:FA:5D:10:F3:9A:9C:E7:91:D4:65:28:56:3B:50:BD:B7:95:12:FC:A7:66:DE:F9:07"}}},"request":{"raw":"GET /cdn-cgi/image/format=auto,w=768,h=687,fit=crop/5ZxAEvLUkKYVs3Ba/gettyimages-2236116835-2048x2048-0xGRgjIlTpnxrh4a.jpg HTTP/1.1\r\nHost: assets.zyrosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nCookie: __cf_bm=Kq8js2SWEfFmADEvWhpq3YA0IS7Qe14CU9YjuqWwIEg-1772791353-1.0.1.1-GUvK0yIUYo1ohQHN3SsAoEnAkpqKkATVIUP_9IElkAY.169FE8mK3T.F9Zewk8mBwDNxD_EwnvmgsoUJ.4YxwCwCC2dl2H3huXIHbY3Hyu0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: image/avif\r\ncontent-length: 53732\r\nserver: cloudflare\r\ncf-ray: 9d80868ac95f32fa-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\ncache-control: public, max-age=2592000\r\netag: \"cfNEkSM9wia84MtEvmjtwMdZXpmbDOk--YhMsqPQcVDQ:91e6ff23e3f21ebed629480353d029b3\"\r\nlast-modified: Tue, 03 Mar 2026 19:49:14 GMT\r\nvary: Accept, Accept-Encoding\r\ncf-resized: internal=ok/h q=0 n=10+36 c=0+0 v=2026.3.0 l=53732 f=false wv=2026.1.2-1-gdcb8b7f\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:; style-src 'unsafe-inline';\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":53732,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"e1c5020b3b07eafc571fccc900968131","sha1":"469cc4c8bbdce86db2bcb90f1a9b569781e1dcc2","sha256":"95f15e414fbb73c74b379202fabfadfb5cfac837ff505d996eb412b47e703aa0","sha512":"7a806eb69348e2a6f179066d8db534b9341799600635c246281c562c4286a8ec0a861446e6656e63588daa9baffe01cfc3f968e837c109f507ef8e58daf6563c","ssdeep":"1536:JhAtyEIkwmUiiv86R7ZsQVSs+xZ7VtzcHfRfvOz:kt0v8MZsQLIZ7/zMfM","tlshash":"b633f292632a2c60ff5233318f271f74fcc9ced52b540fec9662eb16da662d916a6401","first_seen":"2026-03-06T10:03:01.18396Z","last_seen":"2026-03-06T10:55:38.510648Z","times_seen":2,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":155,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chainalysis.com/wp-content/uploads/2024/09/logo-irs-grey.png","fqdn":"www.chainalysis.com","domain":"chainalysis.com","tld":"com"},"ip":{"addr":"172.64.151.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:34.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.chainalysis.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 15:31:55 GMT","end":"Wed, 27 May 2026 16:31:51 GMT"},"fingerprint":{"sha1":"B6:61:9B:7D:71:AE:5E:75:E1:F6:90:17:8A:F0:DB:74:48:EB:AC:C6","sha256":"4F:88:70:C9:ED:1C:3B:AE:03:A3:23:71:2B:12:B3:08:AD:45:31:DA:37:3F:59:78:29:56:E0:6D:20:BF:2D:F4"}}},"request":{"raw":"GET /wp-content/uploads/2024/09/logo-irs-grey.png HTTP/1.1\r\nHost: www.chainalysis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: image/png\r\ncontent-length: 3439\r\ncf-ray: 9d80868fe9463181-OSL\r\ncache-control: max-age=31622400\r\netag: \"69725629-d6f\"\r\nexpires: Sat, 23 Jan 2027 18:06:27 GMT\r\nlast-modified: Thu, 22 Jan 2026 16:54:01 GMT\r\nstrict-transport-security: max-age=31622400; includeSubDomains; preload\r\nx-pantheon-styx-hostname: styx-fe4-b-86cbf58b65-kfxk4\r\nx-styx-req-id: 12548eff-f7bd-11f0-81c7-b2986f440fbf\r\nx-served-by: cache-chi-kigq8000151-CHI, cache-bma-essb1270054-BMA\r\nx-cache: HIT, HIT\r\nx-cache-hits: 14, 0\r\nx-timer: S1772791355.879952,VS0,VE2\r\nage: 93633\r\naccept-ranges: bytes\r\nvia: 1.1 varnish, 1.1 varnish\r\ncf-cache-status: DYNAMIC\r\nx-content-type-options: nosniff\r\nx-frame-options: DENY\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Pantheon","description":"Pantheon is a WebOps (Website Operations) and Management Platform for WordPress and Drupal.","website":"https://pantheon.io/","common_platform_enumeration":"","icon":"Pantheon.svg","categories":["PaaS"]},{"name":"MariaDB","description":"MariaDB is an open-source relational database management system compatible with MySQL.","website":"https://mariadb.org","common_platform_enumeration":"cpe:2.3:a:mariadb_project:mariadb:*:*:*:*:*:*:*:*","icon":"mariadb.svg","categories":["Databases"]}],"data":{"size":3439,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 230 x 128, 8-bit colormap, non-interlaced","md5":"755b85499b73dbfa1c9b4e2177bad1f2","sha1":"b1c0c6f2584cef7f2c9e9ecc5af4f19333c6d24c","sha256":"fdd676cc828903944cbaf456f4c37552368f824f247479b7ef8f23623aab59a1","sha512":"4bbed6db8476a7131ea488592a3b8f1c2cef5eaa99b2223a627ade943b2c0f9e4d2d2a4b565cef129ba2a32578b18d43918025eefb5863a930cc3064bb8f9b98","ssdeep":"","tlshash":"12615b5db295e86798328147daf740c11cea7f0a761a4ba49e46b0b0227b311cee8c59","first_seen":"2026-03-06T10:03:01.184999Z","last_seen":"2026-03-06T10:55:38.517004Z","times_seen":2,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":63,"dns":21,"connect":3,"send":0,"wait":28,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.zyrosite.com/5ZxAEvLUkKYVs3Ba/traffic.txt","fqdn":"assets.zyrosite.com","domain":"zyrosite.com","tld":"com"},"ip":{"addr":"172.64.144.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:35.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zyrosite.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 18:03:34 GMT","end":"Tue, 19 May 2026 19:03:25 GMT"},"fingerprint":{"sha1":"35:11:03:A8:71:75:76:B9:CD:A3:2E:E6:CF:0B:CA:2F:C9:8A:8B:30","sha256":"77:B4:08:55:A0:4B:B9:F4:FA:5D:10:F3:9A:9C:E7:91:D4:65:28:56:3B:50:BD:B7:95:12:FC:A7:66:DE:F9:07"}}},"request":{"raw":"GET /5ZxAEvLUkKYVs3Ba/traffic.txt HTTP/1.1\r\nHost: assets.zyrosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nCookie: __cf_bm=Kq8js2SWEfFmADEvWhpq3YA0IS7Qe14CU9YjuqWwIEg-1772791353-1.0.1.1-GUvK0yIUYo1ohQHN3SsAoEnAkpqKkATVIUP_9IElkAY.169FE8mK3T.F9Zewk8mBwDNxD_EwnvmgsoUJ.4YxwCwCC2dl2H3huXIHbY3Hyu0\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 10:02:35 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\ncf-ray: 9d8086917b7b32fa-OSL\r\ncache-control: public, max-age=0\r\nexpires: Sun, 05 Apr 2026 10:02:35 GMT\r\nlast-modified: Tue, 03 Mar 2026 19:49:50 GMT\r\netag: \"d41d8cd98f00b204e9800998ecf8427e\"\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T13:34:10.574604Z","times_seen":16240797,"resource_available":true,"data":null}},"time_used":296,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":296,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-refund.ca/","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-06T10:02:33.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crypto-refund.ca","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Mar 2026 19:18:01 GMT","end":"Mon, 01 Jun 2026 19:18:00 GMT"},"fingerprint":{"sha1":"C7:F9:E0:A8:87:0D:34:A8:C1:4C:5F:36:9F:F6:06:83:A2:8F:9C:86","sha256":"5B:93:CB:ED:2E:B0:9B:49:23:FB:FE:F6:4E:F3:B3:A1:98:DD:5E:16:66:44:BC:0D:02:14:3B:EB:4D:D4:9C:4E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: crypto-refund.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 06 Mar 2026 10:02:33 GMT\r\ncontent-type: text/html\r\ncontent-encoding: gzip\r\ncache-control: max-age=0, no-store\r\nexpires: Thu, 05 Mar 2026 23:12:14 GMT\r\nlast-modified: Thu, 05 Mar 2026 22:58:10 GMT\r\ncf-cache-status: HIT\r\nage: 39019\r\nset-cookie: __cf_bm=UqhJR5A0N5esIbzvnPVtjHmOyw6VXJSfTdiIzg_Ley4-1772791353-1.0.1.1-3aS9DrOZvOF44T8czUHXQlHlyGqtWPI3hZdQLRTFp7mFCKMvsc0Dm.POFlxdyN3BUAapefla6H4tnUGJGhgfxZolOotmaGRo8cw9WyCzCik; path=/; expires=Fri, 06-Mar-26 10:32:33 GMT; domain=.zyro.com; HttpOnly\r\nvary: Accept-Encoding\r\ncf-ray: 9d808687a8c67a91-LHR\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hostinger-datacenter: gcp-euw2\r\nx-hostinger-node: gcp-euw2-builder-edge2\r\ncontent-security-policy: frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk\r\nlink: \u003chttps://assets.zyrosite.com\u003e; rel=preconnect; crossorigin, \u003chttps://userapp.zyrosite.com\u003e; rel=preconnect; crossorigin, \u003chttps://fonts.googleapis.com\u003e; rel=preconnect; crossorigin, \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin, \u003chttps://cdn.zyrosite.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload;\r\nx-content-type-options: nosniff\r\nx-powered-by: HostingerWebsiteBuilder\r\nplatform: hostinger\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Hostinger Website Builder","description":"Hostinger Website Builder is a web-based platform that allows users to create and design websites without needing to write code or have extensive technical knowledge.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Page builders"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":202008,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (60750)","md5":"ecf0cf34ae833f2fd1a5f9e129f3d24c","sha1":"9a5b868095f42b92af5f621c2237dee2f01e4a50","sha256":"485958e4d7e6d41ed039200590f1e5c156c61d978f615339ca3896db6553b12a","sha512":"c910f645d468261e4aaf9fe97b430fac8c8d88dace8df69889ef88e78dd10f03da7b0df9be85a579ca5efec63bbc12f9f25c4782d2090e53bfc7af64b7aaeecf","ssdeep":"1536:vwtWvv14rUS1udvNw2GdYX+Tk0DqmWnog99FjvFw69IRA8BJsF:w04r4dvNN+TRmmWnog99FjvFw69IqD","tlshash":"5114511789f7021b152fb960c0b1b749b1a3eb0f86f42bc46979427253e796e30bb5d8","first_seen":"2026-03-06T10:03:01.187049Z","last_seen":"2026-03-06T10:55:38.504142Z","times_seen":2,"resource_available":false,"data":null}},"time_used":400,"timings":{"blocked":153,"dns":54,"connect":26,"send":0,"wait":94,"receive":0,"ssl":70},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.zyrosite.com/cdn-cgi/image/format=auto,w=375,fit=crop,q=95/5ZxAEvLUkKYVs3Ba/logo-JilUsGKaayWupYHX.png","fqdn":"assets.zyrosite.com","domain":"zyrosite.com","tld":"com"},"ip":{"addr":"172.64.144.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:33.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zyrosite.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 18:03:34 GMT","end":"Tue, 19 May 2026 19:03:25 GMT"},"fingerprint":{"sha1":"35:11:03:A8:71:75:76:B9:CD:A3:2E:E6:CF:0B:CA:2F:C9:8A:8B:30","sha256":"77:B4:08:55:A0:4B:B9:F4:FA:5D:10:F3:9A:9C:E7:91:D4:65:28:56:3B:50:BD:B7:95:12:FC:A7:66:DE:F9:07"}}},"request":{"raw":"GET /cdn-cgi/image/format=auto,w=375,fit=crop,q=95/5ZxAEvLUkKYVs3Ba/logo-JilUsGKaayWupYHX.png HTTP/1.1\r\nHost: assets.zyrosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 10:02:33 GMT\r\ncontent-type: image/avif\r\ncontent-length: 40180\r\nserver: cloudflare\r\ncf-ray: 9d808689086b32fa-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\ncache-control: public, max-age=2592000\r\netag: \"cfhoWPmErS2WYLU4Bn8WWsjXE8VciXeJM_s178FtpGDQ:4ffbafbde13738a6fa9ba13102cf5be1\"\r\nlast-modified: Tue, 03 Mar 2026 19:49:14 GMT\r\nvary: Accept, Accept-Encoding\r\ncf-resized: internal=ok/m q=0 n=387+115 c=0+0 v=2026.2.12 l=40180 f=false wv=2026.1.2-1-gdcb8b7f\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;\r\nwarning: cf-images 299 \"crop fit mode needs both width and height\"\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=Kq8js2SWEfFmADEvWhpq3YA0IS7Qe14CU9YjuqWwIEg-1772791353-1.0.1.1-GUvK0yIUYo1ohQHN3SsAoEnAkpqKkATVIUP_9IElkAY.169FE8mK3T.F9Zewk8mBwDNxD_EwnvmgsoUJ.4YxwCwCC2dl2H3huXIHbY3Hyu0; path=/; expires=Fri, 06-Mar-26 10:32:33 GMT; domain=.zyrosite.com; HttpOnly; Secure; SameSite=None\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":40180,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"217019c8d4f43a55ec6c8adea8671dca","sha1":"ce70c2c2d4fba750f99326d16d7b73221f4fb046","sha256":"3f0b5447461e21a88a86585a46bcbef28341a232c49bcd5a56a987553be0a396","sha512":"832a49888a4cf20374df7c7d7910e07350fe22015d22e7fcdf2071c9e73a3549e17e85ebc8fe2698ab709415563789af1986422b32072523f5fe5f1c70b0a835","ssdeep":"768:BHplCZIjWAl2/wc6NhnQXV4uQRd3OvnxLAQ+5x80+k37MmJBOziwIjj8PCzL9BIa:L9l2tmpQyuQRd3Un4x8mMaO+HjjEQL5d","tlshash":"8803f18a71cc7c68e268e5b1dcbe026a1246c4e627146ead8d10ce9f1919eff152bf14","first_seen":"2026-03-06T10:03:01.188181Z","last_seen":"2026-03-06T10:55:38.519759Z","times_seen":2,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":29,"dns":0,"connect":0,"send":0,"wait":174,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chainalysis.com/wp-content/uploads/2023/10/logo-bbva.svg","fqdn":"www.chainalysis.com","domain":"chainalysis.com","tld":"com"},"ip":{"addr":"172.64.151.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:34.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.chainalysis.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 15:31:55 GMT","end":"Wed, 27 May 2026 16:31:51 GMT"},"fingerprint":{"sha1":"B6:61:9B:7D:71:AE:5E:75:E1:F6:90:17:8A:F0:DB:74:48:EB:AC:C6","sha256":"4F:88:70:C9:ED:1C:3B:AE:03:A3:23:71:2B:12:B3:08:AD:45:31:DA:37:3F:59:78:29:56:E0:6D:20:BF:2D:F4"}}},"request":{"raw":"GET /wp-content/uploads/2023/10/logo-bbva.svg HTTP/1.1\r\nHost: www.chainalysis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1466\r\ncf-ray: 9d80868fe9603181-OSL\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31622400\r\ncontent-encoding: gzip\r\netag: W/\"6961a74c-d15\"\r\nexpires: Mon, 11 Jan 2027 01:45:09 GMT\r\nlast-modified: Sat, 10 Jan 2026 01:11:40 GMT\r\nstrict-transport-security: max-age=31622400; includeSubDomains; preload\r\nx-pantheon-styx-hostname: styx-fe4-b-657b4465f5-pw84m\r\nx-styx-req-id: ff78110b-edc5-11f0-a9fe-b6500e46bee8\r\nx-served-by: cache-chi-kigq8000076-CHI, cache-bma-essb1270069-BMA\r\nx-cache: HIT, HIT\r\nx-cache-hits: 0, 0\r\nx-timer: S1772791355.892353,VS0,VE3\r\nvary: Accept-Encoding\r\nage: 123739\r\naccept-ranges: bytes\r\nvia: 1.1 varnish, 1.1 varnish\r\ncf-cache-status: DYNAMIC\r\nx-content-type-options: nosniff\r\nx-frame-options: DENY\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"MariaDB","description":"MariaDB is an open-source relational database management system compatible with MySQL.","website":"https://mariadb.org","common_platform_enumeration":"cpe:2.3:a:mariadb_project:mariadb:*:*:*:*:*:*:*:*","icon":"mariadb.svg","categories":["Databases"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Pantheon","description":"Pantheon is a WebOps (Website Operations) and Management Platform for WordPress and Drupal.","website":"https://pantheon.io/","common_platform_enumeration":"","icon":"Pantheon.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":3349,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ab591e3cd7c2072b0ec29cf1a4d6ddfb","sha1":"a95467116782d713540c3a8a3f47cbf66108564a","sha256":"8c963c6049df9979e80fcbe9a5fb036f47095db4f8a539bee260a6a0b3c6de9a","sha512":"81911b793a78d912e2a09b143ffe476706e39b580004ccfe17623fbc5925f2d6a9e6a6dee64843e625bcaaaf8d3c815ce15675edda49e1bda5e5f6ac7b4f7753","ssdeep":"","tlshash":"506183d9bbe9f1e0e804c7d4e76ba830785424b23e159765c297e6a4da2304cc8c5ce4","first_seen":"2026-03-06T10:03:01.189208Z","last_seen":"2026-05-11T00:14:47.573852Z","times_seen":4,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":67,"dns":22,"connect":1,"send":0,"wait":39,"receive":0,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chainalysis.com/wp-content/uploads/2025/03/logo-tether.svg","fqdn":"www.chainalysis.com","domain":"chainalysis.com","tld":"com"},"ip":{"addr":"172.64.151.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:34.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.chainalysis.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 15:31:55 GMT","end":"Wed, 27 May 2026 16:31:51 GMT"},"fingerprint":{"sha1":"B6:61:9B:7D:71:AE:5E:75:E1:F6:90:17:8A:F0:DB:74:48:EB:AC:C6","sha256":"4F:88:70:C9:ED:1C:3B:AE:03:A3:23:71:2B:12:B3:08:AD:45:31:DA:37:3F:59:78:29:56:E0:6D:20:BF:2D:F4"}}},"request":{"raw":"GET /wp-content/uploads/2025/03/logo-tether.svg HTTP/1.1\r\nHost: www.chainalysis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1501\r\ncf-ray: 9d80868fe9373181-OSL\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31622400\r\ncontent-encoding: gzip\r\netag: W/\"6961aabd-c56\"\r\nexpires: Mon, 11 Jan 2027 01:45:09 GMT\r\nlast-modified: Sat, 10 Jan 2026 01:26:21 GMT\r\nstrict-transport-security: max-age=31622400; includeSubDomains; preload\r\nx-pantheon-styx-hostname: styx-fe4-b-657b4465f5-gmz47\r\nx-styx-req-id: ff7b02ed-edc5-11f0-95c4-5699cf1e7580\r\nx-served-by: cache-chi-kigq8000049-CHI, cache-bma-essb1270056-BMA\r\nx-cache: HIT, HIT\r\nx-cache-hits: 0, 0\r\nx-timer: S1772791355.879339,VS0,VE5\r\nvary: Accept-Encoding\r\nage: 148966\r\naccept-ranges: bytes\r\nvia: 1.1 varnish, 1.1 varnish\r\ncf-cache-status: DYNAMIC\r\nx-content-type-options: nosniff\r\nx-frame-options: DENY\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Pantheon","description":"Pantheon is a WebOps (Website Operations) and Management Platform for WordPress and Drupal.","website":"https://pantheon.io/","common_platform_enumeration":"","icon":"Pantheon.svg","categories":["PaaS"]},{"name":"MariaDB","description":"MariaDB is an open-source relational database management system compatible with MySQL.","website":"https://mariadb.org","common_platform_enumeration":"cpe:2.3:a:mariadb_project:mariadb:*:*:*:*:*:*:*:*","icon":"mariadb.svg","categories":["Databases"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":3158,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"76e2f079055aa0f9d9c30891a03d1cd6","sha1":"1ee643ba6614d365524042ef965a4844ccdf3517","sha256":"9f4be00839b41b02ddde0c727308003ebbc63e3e3338a58da8910daa0311cf5e","sha512":"f897b32029fb75c98b157fe0236f75290c673b2ebccbea7705f953482a11ec0c529800b56fe020288048b02cb7ce011b04c9433f0ed7a0a998e4ff19a2af065d","ssdeep":"","tlshash":"ee5197cde7765ae8e5449bf4871698b43a722ef12872cf68c7e81826ed1043c5819cc7","first_seen":"2026-03-06T10:03:01.190205Z","last_seen":"2026-05-11T00:14:47.486099Z","times_seen":4,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":53,"dns":0,"connect":0,"send":0,"wait":35,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chainalysis.com/wp-content/uploads/2025/02/logo-etoro.svg","fqdn":"www.chainalysis.com","domain":"chainalysis.com","tld":"com"},"ip":{"addr":"172.64.151.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:34.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.chainalysis.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 15:31:55 GMT","end":"Wed, 27 May 2026 16:31:51 GMT"},"fingerprint":{"sha1":"B6:61:9B:7D:71:AE:5E:75:E1:F6:90:17:8A:F0:DB:74:48:EB:AC:C6","sha256":"4F:88:70:C9:ED:1C:3B:AE:03:A3:23:71:2B:12:B3:08:AD:45:31:DA:37:3F:59:78:29:56:E0:6D:20:BF:2D:F4"}}},"request":{"raw":"GET /wp-content/uploads/2025/02/logo-etoro.svg HTTP/1.1\r\nHost: www.chainalysis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1532\r\ncf-ray: 9d80868fe9423181-OSL\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31622400\r\ncontent-encoding: gzip\r\netag: W/\"6961aa76-e55\"\r\nexpires: Mon, 25 Jan 2027 00:55:45 GMT\r\nlast-modified: Sat, 10 Jan 2026 01:25:10 GMT\r\nstrict-transport-security: max-age=31622400; includeSubDomains; preload\r\nx-pantheon-styx-hostname: styx-fe4-a-7f76c9f659-nvpg4\r\nx-styx-req-id: 6a6199d9-f8bf-11f0-a74e-7afa0fccd819\r\nx-served-by: cache-chi-kigq8000053-CHI, cache-bma-essb1270073-BMA\r\nx-cache: HIT, HIT\r\nx-cache-hits: 20, 0\r\nx-timer: S1772791355.889743,VS0,VE2\r\nvary: Accept-Encoding\r\nage: 148965\r\naccept-ranges: bytes\r\nvia: 1.1 varnish, 1.1 varnish\r\ncf-cache-status: DYNAMIC\r\nx-content-type-options: nosniff\r\nx-frame-options: DENY\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Pantheon","description":"Pantheon is a WebOps (Website Operations) and Management Platform for WordPress and Drupal.","website":"https://pantheon.io/","common_platform_enumeration":"","icon":"Pantheon.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"MariaDB","description":"MariaDB is an open-source relational database management system compatible with MySQL.","website":"https://mariadb.org","common_platform_enumeration":"cpe:2.3:a:mariadb_project:mariadb:*:*:*:*:*:*:*:*","icon":"mariadb.svg","categories":["Databases"]}],"data":{"size":3669,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"99d3caa30928d6742e46e77930cd4848","sha1":"f312808a820eff0f708d3955c5cb28bda1d750f3","sha256":"9d4b857dfaf2ff0687455fb4fddab0c8d47fdc126467e8caa31d17c619eda221","sha512":"3193ce2929f44c3d652f65fd88db45c2d143ecba4cb34886896325db5c180780c9b36a84c39d618f7af0c3b544b5cc2173f81a8f469908619981144c7288d665","ssdeep":"","tlshash":"807154f0628873f5b40543a4832b54e66e8f24fd7fa78a61c7985e80f8494af87ecc45","first_seen":"2026-03-06T10:03:01.200769Z","last_seen":"2026-05-11T00:14:47.568982Z","times_seen":4,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":55,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-refund.ca/_astro-1772751476364/ClientHead.DNNh4Hq-.js","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:33.913Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crypto-refund.ca","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Mar 2026 19:18:01 GMT","end":"Mon, 01 Jun 2026 19:18:00 GMT"},"fingerprint":{"sha1":"C7:F9:E0:A8:87:0D:34:A8:C1:4C:5F:36:9F:F6:06:83:A2:8F:9C:86","sha256":"5B:93:CB:ED:2E:B0:9B:49:23:FB:FE:F6:4E:F3:B3:A1:98:DD:5E:16:66:44:BC:0D:02:14:3B:EB:4D:D4:9C:4E"}}},"request":{"raw":"GET /_astro-1772751476364/ClientHead.DNNh4Hq-.js HTTP/1.1\r\nHost: crypto-refund.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: text/javascript\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=2592000\r\nexpires: Sun, 05 Apr 2026 10:02:34 GMT\r\nlast-modified: Thu, 05 Mar 2026 22:58:13 GMT\r\netag: W/\"3e16ae63fce51b1ef021e32f5225e81f\"\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=KUPZlaTMQVXv1HLuVZDBHDz2dHVtghhANA1rswPGSA8-1772791354-1.0.1.1-0YS_EPUKSvjN4jZAuq0ei7hrG8FeFChErIfb_3.vscNRF9pSunZt4DRJ5PXtZm1H7b5ftRGFjTtlB5SykBuorPkqES2.48Q9MRi1fWc_F8M; path=/; expires=Fri, 06-Mar-26 10:32:34 GMT; domain=.zyro.com; HttpOnly\r\nvary: Accept-Encoding\r\ncf-ray: 9d80868a3ce248c3-LHR\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hostinger-datacenter: gcp-euw2\r\nx-hostinger-node: gcp-euw2-builder-edge2\r\ncontent-security-policy: frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk\r\nlink: \u003chttps://assets.zyrosite.com\u003e; rel=preconnect; crossorigin, \u003chttps://userapp.zyrosite.com\u003e; rel=preconnect; crossorigin, \u003chttps://fonts.googleapis.com\u003e; rel=preconnect; crossorigin, \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin, \u003chttps://cdn.zyrosite.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload;\r\nx-content-type-options: nosniff\r\nx-powered-by: HostingerWebsiteBuilder\r\nplatform: hostinger\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":1368,"size_decoded":0,"mime_type":"text/javascript","magic":"Java source, ASCII text, with very long lines (1367)","md5":"3e16ae63fce51b1ef021e32f5225e81f","sha1":"80492f09ce1b6dcbd7705899dbd4067f65b17d79","sha256":"5566772effea8b9de89ca52c0dd65081614d2cfff977f0c70ee710724fb006c2","sha512":"031beae49d13dccf96ca5c940f3b7bf5b523c31d8ceae9fb42da6adaed0d86d08faf25ed15e82af19d318e23ea5a90bb80c6cbe39cccfd0e6b87d42b64e0223d","ssdeep":"","tlshash":"58219b4ef445f83e27e50548f79a1d2793061d4cc11c6950957c42e43fd1c07901e7af","first_seen":"2026-03-06T10:03:01.201814Z","last_seen":"2026-05-23T06:36:45.308705Z","times_seen":30,"resource_available":true,"data":null}},"time_used":166,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.zyrosite.com/5ZxAEvLUkKYVs3Ba/ai-logo-2aFbcXyDY2DnR2Rl.svg","fqdn":"assets.zyrosite.com","domain":"zyrosite.com","tld":"com"},"ip":{"addr":"172.64.144.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:34.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zyrosite.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 18:03:34 GMT","end":"Tue, 19 May 2026 19:03:25 GMT"},"fingerprint":{"sha1":"35:11:03:A8:71:75:76:B9:CD:A3:2E:E6:CF:0B:CA:2F:C9:8A:8B:30","sha256":"77:B4:08:55:A0:4B:B9:F4:FA:5D:10:F3:9A:9C:E7:91:D4:65:28:56:3B:50:BD:B7:95:12:FC:A7:66:DE:F9:07"}}},"request":{"raw":"GET /5ZxAEvLUkKYVs3Ba/ai-logo-2aFbcXyDY2DnR2Rl.svg HTTP/1.1\r\nHost: assets.zyrosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nCookie: __cf_bm=Kq8js2SWEfFmADEvWhpq3YA0IS7Qe14CU9YjuqWwIEg-1772791353-1.0.1.1-GUvK0yIUYo1ohQHN3SsAoEnAkpqKkATVIUP_9IElkAY.169FE8mK3T.F9Zewk8mBwDNxD_EwnvmgsoUJ.4YxwCwCC2dl2H3huXIHbY3Hyu0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: image/svg+xml\r\ncontent-encoding: br\r\ncache-control: public, max-age=2592000\r\nexpires: Sun, 05 Apr 2026 10:02:34 GMT\r\nlast-modified: Tue, 03 Mar 2026 19:49:14 GMT\r\netag: W/\"ab62e7b410e640ece00f159a1e49d296\"\r\nage: 0\r\ncf-cache-status: HIT\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\ncf-ray: 9d80868c8a2632fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":219,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ab62e7b410e640ece00f159a1e49d296","sha1":"8d8d9af04fd6d0a312068a80b5934f4955e90c95","sha256":"56c2acff9420c99e1a43876dba911140bfb1573958fee24514b908f2ce24e1b3","sha512":"cd71ada7bd8b7e1c2dd7765c10cb36579fb13c2baaf66fcdc212a93e830eff11f9ae4bc0c770aa75af793199cfa48f252f7720f409e812f278ab1087b265205a","ssdeep":"","tlshash":"67d0231020d40b00c03444049326f4df3a0780c308c08b00f59c2019039dce34e0a33c","first_seen":"2026-03-06T10:03:01.179269Z","last_seen":"2026-03-06T10:55:38.499201Z","times_seen":2,"resource_available":false,"data":null}},"time_used":424,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":424,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-refund.ca/_astro-1772751476364/Page.BhJeTooN.js","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:33.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crypto-refund.ca","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Mar 2026 19:18:01 GMT","end":"Mon, 01 Jun 2026 19:18:00 GMT"},"fingerprint":{"sha1":"C7:F9:E0:A8:87:0D:34:A8:C1:4C:5F:36:9F:F6:06:83:A2:8F:9C:86","sha256":"5B:93:CB:ED:2E:B0:9B:49:23:FB:FE:F6:4E:F3:B3:A1:98:DD:5E:16:66:44:BC:0D:02:14:3B:EB:4D:D4:9C:4E"}}},"request":{"raw":"GET /_astro-1772751476364/Page.BhJeTooN.js HTTP/1.1\r\nHost: crypto-refund.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: text/javascript\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=2592000\r\nexpires: Sun, 05 Apr 2026 10:02:34 GMT\r\nlast-modified: Thu, 05 Mar 2026 22:58:13 GMT\r\netag: W/\"a0b2e0a573ddddc23fade38f48e663d8\"\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=s.dbK_cBrek1SXjUZ0OAkY_iT.dFzlSneSBp8O82EFo-1772791354-1.0.1.1-t_7eEvby0TnL2hZJ7Kvkb5tu_J9hwpChxHwzbevXPyEiR.lw_EDRI6Zn5AMyrS.bVfTSt.chNnVMIYhjPeZEQ5MkE2drvBpZFbE2dTVOCM4; path=/; expires=Fri, 06-Mar-26 10:32:34 GMT; domain=.zyro.com; HttpOnly\r\nvary: Accept-Encoding\r\ncf-ray: 9d80868a5ea388a7-LHR\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hostinger-datacenter: gcp-euw2\r\nx-hostinger-node: gcp-euw2-builder-edge2\r\ncontent-security-policy: frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk\r\nlink: \u003chttps://assets.zyrosite.com\u003e; rel=preconnect; crossorigin, \u003chttps://userapp.zyrosite.com\u003e; rel=preconnect; crossorigin, \u003chttps://fonts.googleapis.com\u003e; rel=preconnect; crossorigin, \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin, \u003chttps://cdn.zyrosite.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload;\r\nx-content-type-options: nosniff\r\nx-powered-by: HostingerWebsiteBuilder\r\nplatform: hostinger\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":1154719,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22545)","md5":"b925311acef00f3583f53595c9af9a35","sha1":"7319f38bdc1d743008304cb134bc621da1fdbff4","sha256":"c802e219a6987031031ff14c48a8c0e7f100ecff98d53b396d04944723d204e9","sha512":"d2accee6125feb1184913033b744da261b046f12b937144c980b370f2dbb23e6fb9c15fcf8da0e7e9795ec4dd82e6eba50cb30933dc118826450df3fbfc2e205","ssdeep":"24576:UNlV8Pdzk0OBYueydGJ3iKAMGBgk65cCjQexgG0ZM4DNJjVodqOx2M6KUE4V8YXL:UNlV8Pdzk0OBYu1dGJ3iKAMGBgk65cCE","tlshash":"cc356dc5f4a5682943b701a9405b0001b22d2e2ef05cc8f0f5b9deed26a9d55627ffbe","first_seen":"2026-03-06T10:03:01.202707Z","last_seen":"2026-03-06T10:03:01.202707Z","times_seen":1,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-refund.ca/_astro-1772751476364/scrollToSection.Cp3Ee4Hp.js","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:34.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crypto-refund.ca","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Mar 2026 19:18:01 GMT","end":"Mon, 01 Jun 2026 19:18:00 GMT"},"fingerprint":{"sha1":"C7:F9:E0:A8:87:0D:34:A8:C1:4C:5F:36:9F:F6:06:83:A2:8F:9C:86","sha256":"5B:93:CB:ED:2E:B0:9B:49:23:FB:FE:F6:4E:F3:B3:A1:98:DD:5E:16:66:44:BC:0D:02:14:3B:EB:4D:D4:9C:4E"}}},"request":{"raw":"GET /_astro-1772751476364/scrollToSection.Cp3Ee4Hp.js HTTP/1.1\r\nHost: crypto-refund.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/_astro-1772751476364/client.fwEDnHMg.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: text/javascript\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=2592000\r\nexpires: Sun, 05 Apr 2026 10:02:34 GMT\r\nlast-modified: Thu, 05 Mar 2026 22:58:13 GMT\r\netag: W/\"e18a7ff815f7bdc53cd1913fb298bff8\"\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=SutgIqKxNE90ssb2IFKNbp20nGBp8EAI1HRMs8kl.4A-1772791354-1.0.1.1-8OF2ErFs2R7g8Knqg5.Qox2e1CwGMJ7.DlqYdJW2BYIRrYHNzxXHN1sVCn7GEeBUVvQpe_iIMe0B110pvKg9GimvN2r6lepH8DaSXCvGjts; path=/; expires=Fri, 06-Mar-26 10:32:34 GMT; domain=.zyro.com; HttpOnly\r\nvary: Accept-Encoding\r\ncf-ray: 9d80868b3d6b2561-LHR\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hostinger-datacenter: gcp-euw2\r\nx-hostinger-node: gcp-euw2-builder-edge2\r\ncontent-security-policy: frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk\r\nlink: \u003chttps://assets.zyrosite.com\u003e; rel=preconnect; crossorigin, \u003chttps://userapp.zyrosite.com\u003e; rel=preconnect; crossorigin, \u003chttps://fonts.googleapis.com\u003e; rel=preconnect; crossorigin, \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin, \u003chttps://cdn.zyrosite.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload;\r\nx-content-type-options: nosniff\r\nx-powered-by: HostingerWebsiteBuilder\r\nplatform: hostinger\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":14780,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (14221)","md5":"e18a7ff815f7bdc53cd1913fb298bff8","sha1":"c8a5846fd4e00c5dfab1ebf207b05af9631ec845","sha256":"f6decc41ca1321a431911dde4d81c6883dba83b0b9738092a91b02c745d51cae","sha512":"aee9e66e046a4515f672fc01b257a662fc364d844e6c2b6c16fce59aae7a14f364ad112610908312c9b890f1c944900e6f7388fb49f56e1a6a06e85f16577f82","ssdeep":"384:Ofww1lzqppZHYJMmWiM06DaJe2RYh6pyX2FlCWBmjpvG4j+QTJX5yn:OIw1kvZHYCiM0KOnYhNX2ycmk4j+QThi","tlshash":"5d62f8887043363213eb1aeae1f64a02f538145ab44b84d4f06ead5b6db385551fbfbc","first_seen":"2026-03-06T10:03:01.203781Z","last_seen":"2026-05-23T06:36:45.324023Z","times_seen":30,"resource_available":true,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-refund.ca/_astro-1772751476364/siteModulesConstants.DLGHSrxa.js","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:34.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crypto-refund.ca","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Mar 2026 19:18:01 GMT","end":"Mon, 01 Jun 2026 19:18:00 GMT"},"fingerprint":{"sha1":"C7:F9:E0:A8:87:0D:34:A8:C1:4C:5F:36:9F:F6:06:83:A2:8F:9C:86","sha256":"5B:93:CB:ED:2E:B0:9B:49:23:FB:FE:F6:4E:F3:B3:A1:98:DD:5E:16:66:44:BC:0D:02:14:3B:EB:4D:D4:9C:4E"}}},"request":{"raw":"GET /_astro-1772751476364/siteModulesConstants.DLGHSrxa.js HTTP/1.1\r\nHost: crypto-refund.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/_astro-1772751476364/client.fwEDnHMg.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: text/javascript\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=2592000\r\nexpires: Sun, 05 Apr 2026 10:02:34 GMT\r\nlast-modified: Thu, 05 Mar 2026 22:58:13 GMT\r\netag: W/\"73d5f03484ca5b6863350c615d3f7839\"\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=MeqDr7D.rISmeHfpriEEhyeFnGChXOtXpelutShRHFY-1772791354-1.0.1.1-OJvvgEFkvIKdvJszhauQOevBYw5vkvWchnQInuySKSjvcZJ89HVGVlDcDn7ik_SV_UgvDBLV5CwVtfDAZF1ama7RMqBdOjgCX67JYtTUs2w; path=/; expires=Fri, 06-Mar-26 10:32:34 GMT; domain=.zyro.com; HttpOnly\r\nvary: Accept-Encoding\r\ncf-ray: 9d80868b3f475630-LHR\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hostinger-datacenter: gcp-euw2\r\nx-hostinger-node: gcp-euw2-builder-edge2\r\ncontent-security-policy: frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk\r\nlink: \u003chttps://assets.zyrosite.com\u003e; rel=preconnect; crossorigin, \u003chttps://userapp.zyrosite.com\u003e; rel=preconnect; crossorigin, \u003chttps://fonts.googleapis.com\u003e; rel=preconnect; crossorigin, \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin, \u003chttps://cdn.zyrosite.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload;\r\nx-content-type-options: nosniff\r\nx-powered-by: HostingerWebsiteBuilder\r\nplatform: hostinger\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":3498,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (3497)","md5":"73d5f03484ca5b6863350c615d3f7839","sha1":"a2098c6b0ec9f02274f36fd27437183bbb905fdd","sha256":"b2262ab5418f3e8bf04898ca6ee62b3ca61ec0d5119c466a2a9974992a18a3fe","sha512":"2c452e5e287d5f4f3ae2a6dc569c97bc77b4d51f4ad4ad42bc7a5ba8838f289e7d98b93df8386ce34d94ac6056292708ea526465c00797194af1e17f0b0908e8","ssdeep":"","tlshash":"9671756ee91013fe4402112799bb929093bc5617997021e17cbf981e42ff7af3292f2c","first_seen":"2026-03-06T10:03:01.204722Z","last_seen":"2026-06-08T10:29:50.769532Z","times_seen":184,"resource_available":true,"data":null}},"time_used":404,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":404,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chainalysis.com/wp-content/uploads/2025/12/fireblocks-2026.svg","fqdn":"www.chainalysis.com","domain":"chainalysis.com","tld":"com"},"ip":{"addr":"172.64.151.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:34.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.chainalysis.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 15:31:55 GMT","end":"Wed, 27 May 2026 16:31:51 GMT"},"fingerprint":{"sha1":"B6:61:9B:7D:71:AE:5E:75:E1:F6:90:17:8A:F0:DB:74:48:EB:AC:C6","sha256":"4F:88:70:C9:ED:1C:3B:AE:03:A3:23:71:2B:12:B3:08:AD:45:31:DA:37:3F:59:78:29:56:E0:6D:20:BF:2D:F4"}}},"request":{"raw":"GET /wp-content/uploads/2025/12/fireblocks-2026.svg HTTP/1.1\r\nHost: www.chainalysis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 2925\r\ncf-ray: 9d80868fe9323181-OSL\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31622400\r\ncontent-encoding: gzip\r\netag: W/\"6961ac6e-1acb\"\r\nexpires: Mon, 11 Jan 2027 01:45:09 GMT\r\nlast-modified: Sat, 10 Jan 2026 01:33:34 GMT\r\nstrict-transport-security: max-age=31622400; includeSubDomains; preload\r\nx-pantheon-styx-hostname: styx-fe4-a-658544c96f-52cpn\r\nx-styx-req-id: ff792199-edc5-11f0-94c6-6eaa85d5e0aa\r\nx-served-by: cache-chi-klot8100063-CHI, cache-bma-essb1270068-BMA\r\nx-cache: HIT, HIT\r\nx-cache-hits: 9, 0\r\nx-timer: S1772791355.879334,VS0,VE2\r\nvary: Accept-Encoding\r\nage: 22062\r\naccept-ranges: bytes\r\nvia: 1.1 varnish, 1.1 varnish\r\ncf-cache-status: DYNAMIC\r\nx-content-type-options: nosniff\r\nx-frame-options: DENY\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Pantheon","description":"Pantheon is a WebOps (Website Operations) and Management Platform for WordPress and Drupal.","website":"https://pantheon.io/","common_platform_enumeration":"","icon":"Pantheon.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"MariaDB","description":"MariaDB is an open-source relational database management system compatible with MySQL.","website":"https://mariadb.org","common_platform_enumeration":"cpe:2.3:a:mariadb_project:mariadb:*:*:*:*:*:*:*:*","icon":"mariadb.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":6859,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ba9ab2227dc37612b9decf71720f4b32","sha1":"3b7f43182e706ea3d8d54725967150daf45724dd","sha256":"f9399eaf8979a6c26ecd7d5f5f00eb30e864f20a8729f58f126ddd2c9d1563f1","sha512":"ceddf259ecafd2d5187f8b19fd7ca5c417e64e24383d8c4d58c01a5fde67763ee495b820bf4a515db2914d03d766972b4463a1fed881c696efadcda66b68a548","ssdeep":"96:p4WQMKHHkxbNLXETSnG8JHt21tn7hk7IhrQevJDcZ9RaxqUaa8Xrl:oMKnkVZ+SHN8t7hkIfvJD49wxqN/h","tlshash":"bde1b9cf73f892d9d581ebd2f41621793a1b64fd3e608a91c3549e4afd8a0994c45c48","first_seen":"2026-03-06T10:03:01.205669Z","last_seen":"2026-05-11T00:14:47.560091Z","times_seen":4,"resource_available":false,"data":null}},"time_used":83,"timings":{"blocked":54,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-refund.ca/_astro-1772751476364/client.fwEDnHMg.js","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:33.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crypto-refund.ca","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Mar 2026 19:18:01 GMT","end":"Mon, 01 Jun 2026 19:18:00 GMT"},"fingerprint":{"sha1":"C7:F9:E0:A8:87:0D:34:A8:C1:4C:5F:36:9F:F6:06:83:A2:8F:9C:86","sha256":"5B:93:CB:ED:2E:B0:9B:49:23:FB:FE:F6:4E:F3:B3:A1:98:DD:5E:16:66:44:BC:0D:02:14:3B:EB:4D:D4:9C:4E"}}},"request":{"raw":"GET /_astro-1772751476364/client.fwEDnHMg.js HTTP/1.1\r\nHost: crypto-refund.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: text/javascript\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=2592000\r\nexpires: Sun, 05 Apr 2026 10:02:34 GMT\r\nlast-modified: Thu, 05 Mar 2026 22:58:13 GMT\r\netag: W/\"25786fdac57dc25f1740ff8d92ab39b8\"\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=rEixruIzMZ.5_WDx7JSDqTa5p4yn6OLrP5i_EiFAipQ-1772791354-1.0.1.1-YLDmWu6YdnrW14pdfjlDhhRVOQgjJgjTv9SYxU6HAx7_jI67_RCWYAujd25.YSKm5zGKxoN7c91s4pLV8SbU7l8YqdBhIqyGj3yOh2zE1ck; path=/; expires=Fri, 06-Mar-26 10:32:34 GMT; domain=.zyro.com; HttpOnly\r\nvary: Accept-Encoding\r\ncf-ray: 9d80868a3c66bd80-LHR\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hostinger-datacenter: gcp-euw2\r\nx-hostinger-node: gcp-euw2-builder-edge2\r\ncontent-security-policy: frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk\r\nlink: \u003chttps://assets.zyrosite.com\u003e; rel=preconnect; crossorigin, \u003chttps://userapp.zyrosite.com\u003e; rel=preconnect; crossorigin, \u003chttps://fonts.googleapis.com\u003e; rel=preconnect; crossorigin, \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin, \u003chttps://cdn.zyrosite.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload;\r\nx-content-type-options: nosniff\r\nx-powered-by: HostingerWebsiteBuilder\r\nplatform: hostinger\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2330,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (2329)","md5":"25786fdac57dc25f1740ff8d92ab39b8","sha1":"f6ed9e94bee18a60c7f4e628c65f75ea9def30d5","sha256":"94708a4fce5a4cc44cb73cc57e994e896b7d215875ff36e6d9a5409e6c131c5b","sha512":"e9f1dd3a57ab8e7aff4f0e0ab590ed57c18ce9e65ba16caea1b27c72a35523a9f10761da2f738c2899720afab0c96271ec9a14b72bbc065a90d537316ba39a1a","ssdeep":"","tlshash":"e841d8bcf441ee7212f698e0c62921109a1f206d357bc8a0e3ee0c520679a5d805df6e","first_seen":"2026-03-06T10:03:01.206702Z","last_seen":"2026-05-23T06:36:45.31377Z","times_seen":30,"resource_available":true,"data":null}},"time_used":141,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":141,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crypto-refund.ca/_astro-1772751476364/Integrations.TzRFAa0b.js","fqdn":"crypto-refund.ca","domain":"crypto-refund.ca","tld":"ca"},"ip":{"addr":"34.120.137.41","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://crypto-refund.ca/","date":"2026-03-06T10:02:33.933Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crypto-refund.ca","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Mar 2026 19:18:01 GMT","end":"Mon, 01 Jun 2026 19:18:00 GMT"},"fingerprint":{"sha1":"C7:F9:E0:A8:87:0D:34:A8:C1:4C:5F:36:9F:F6:06:83:A2:8F:9C:86","sha256":"5B:93:CB:ED:2E:B0:9B:49:23:FB:FE:F6:4E:F3:B3:A1:98:DD:5E:16:66:44:BC:0D:02:14:3B:EB:4D:D4:9C:4E"}}},"request":{"raw":"GET /_astro-1772751476364/Integrations.TzRFAa0b.js HTTP/1.1\r\nHost: crypto-refund.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://crypto-refund.ca/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 06 Mar 2026 10:02:34 GMT\r\ncontent-type: text/javascript\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=2592000\r\nexpires: Sun, 05 Apr 2026 10:02:34 GMT\r\nlast-modified: Thu, 05 Mar 2026 22:58:13 GMT\r\netag: W/\"176b05c8b80ec65a6fd84acfe43a9a2c\"\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=Xng8r4TCIxGvuZjFtfdJcLJuaZfrBh7dweQW3JVWkIo-1772791354-1.0.1.1-YuWdJR.N5cVAGJXHbUBoxm4Cy895z0x48Ix8rlXeBmXdHF9ubpkiki6MdUZnnSp7Qx3koZ5HbQKohgUwn4TL9PE.LjTPvTmWtHtKk2uruqA; path=/; expires=Fri, 06-Mar-26 10:32:34 GMT; domain=.zyro.com; HttpOnly\r\nvary: Accept-Encoding\r\ncf-ray: 9d80868a5c161669-LHR\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hostinger-datacenter: gcp-euw2\r\nx-hostinger-node: gcp-euw2-builder-edge2\r\ncontent-security-policy: frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk\r\nlink: \u003chttps://assets.zyrosite.com\u003e; rel=preconnect; crossorigin, \u003chttps://userapp.zyrosite.com\u003e; rel=preconnect; crossorigin, \u003chttps://fonts.googleapis.com\u003e; rel=preconnect; crossorigin, \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin, \u003chttps://cdn.zyrosite.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload;\r\nx-content-type-options: nosniff\r\nx-powered-by: HostingerWebsiteBuilder\r\nplatform: hostinger\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":2947,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (1262)","md5":"176b05c8b80ec65a6fd84acfe43a9a2c","sha1":"a9ca52e18a59ab960957d572cb345e9409ba69ed","sha256":"973d7408e67f438fbfb3ca5a4b82a4817153b5a83ece0cb97a8743dfb8da346b","sha512":"f3f71c835df4965e994c3d91e3c72c9e9bc4af92c83c5a7de3c052b7c02ca97ba2e74d04a0221619f09013656e21ac848b39c940723fde838d2c77a9b2760994","ssdeep":"","tlshash":"1651d546377ffabce201d1b145e3a8342b5b3d84ae61c86cc3f90c52954242d3a1aed3","first_seen":"2026-03-06T10:03:01.207467Z","last_seen":"2026-05-23T06:36:45.339844Z","times_seen":28,"resource_available":true,"data":null}},"time_used":139,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":139,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}