Overview

URL thehairhive.ca/bup/cerna.exe
IP108.167.140.113
ASNAS20013 CyrusOne LLC
Location United States
Report completed2018-12-18 06:27:19 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-12-18 2 thehairhive.ca/bup/cerna.exe Malware
2018-12-18 2 thehairhive.ca/cgi-sys/suspendedpage.cgi Malware
2018-12-18 2 fwdssp.com/px.js?ch=1 Malware
2018-12-18 2 thehairhive.ca/cgi-sys/suspendedpage.cgi Malware
DNS-BH  No alerts detected
mnemonic secure dns
Added / Verified Severity Host Comment
2018-12-18 2 thehairhive.ca Blacklisted
2018-12-18 2 thehairhive.ca Blacklisted
2018-12-18 2 thehairhive.ca Blacklisted
2018-12-18 2 thehairhive.ca Blacklisted
2018-12-18 2 thehairhive.ca Blacklisted


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 108.167.140.113

Date UQ / IDS / BL URL IP
2019-04-22 19:31:26 +0200
0 - 0 - 3 thehairhive.ca/temp/gbnlkjsd.exe 108.167.140.113
2019-04-17 04:52:54 +0200
0 - 0 - 4 thehairhive.ca/temp/shitnew.exe 108.167.140.113
2019-04-17 04:32:39 +0200
0 - 0 - 4 thehairhive.ca/sql/ketttle.exe 108.167.140.113
2019-04-14 06:15:01 +0200
0 - 0 - 3 thehairhive.ca/mry/iwewe.exe 108.167.140.113
2019-04-14 01:14:46 +0200
0 - 0 - 3 thehairhive.ca/sql/beruytr.exe 108.167.140.113
2019-04-12 01:42:52 +0200
0 - 0 - 3 thehairhive.ca/temp/rain.exe 108.167.140.113
2019-04-12 00:45:33 +0200
0 - 0 - 3 thehairhive.ca/temp/femq.exe 108.167.140.113
2019-04-09 16:55:09 +0200
0 - 0 - 3 thehairhive.ca/temp/swexijn.exe 108.167.140.113
2019-04-01 14:46:35 +0200
0 - 0 - 3 thehairhive.ca/mry/iwewe.exe 108.167.140.113
2019-03-18 14:43:24 +0100
0 - 0 - 3 thehairhive.ca/temp/tybe.exe 108.167.140.113

Last 10 reports on ASN: AS20013 CyrusOne LLC

Date UQ / IDS / BL URL IP
2019-04-23 04:49:56 +0200
0 - 0 - 1 thoughtpress.org/modules/blog/webmail1h.orang (...) 192.185.134.59
2019-04-23 04:30:26 +0200
0 - 0 - 4 thrivingorg.com/hbb 192.185.90.157
2019-04-23 04:27:40 +0200
0 - 0 - 4 thrivingorg.com/it 192.185.90.157
2019-04-23 04:17:34 +0200
0 - 0 - 1 updatenewx.pl/vpp 192.185.175.136
2019-04-23 04:11:15 +0200
0 - 0 - 1 privatejetforhire.com/it 192.185.121.186
2019-04-23 04:08:53 +0200
0 - 0 - 16 101cheesecakes.com/fiaoffice/index.php 192.185.170.147
2019-04-23 04:04:27 +0200
0 - 0 - 9 www.resalaelfayoum.com/index.html/ 192.185.175.208
2019-04-23 03:55:35 +0200
0 - 0 - 11 www.snowshovelsgalore.co.uk/tag/kids 192.185.52.166
2019-04-23 03:54:46 +0200
0 - 0 - 1 dashcamshopper.com/wp-includes/IXR/PNC/Auth/5 (...) 192.185.147.157
2019-04-23 03:06:38 +0200
0 - 0 - 6 sportscarswallpapers.net/page/3 192.185.137.20

Last 10 reports on domain: thehairhive.ca

Date UQ / IDS / BL URL IP
2019-04-22 19:31:26 +0200
0 - 0 - 3 thehairhive.ca/temp/gbnlkjsd.exe 108.167.140.113
2019-04-17 04:52:54 +0200
0 - 0 - 4 thehairhive.ca/temp/shitnew.exe 108.167.140.113
2019-04-17 04:32:39 +0200
0 - 0 - 4 thehairhive.ca/sql/ketttle.exe 108.167.140.113
2019-04-14 06:15:01 +0200
0 - 0 - 3 thehairhive.ca/mry/iwewe.exe 108.167.140.113
2019-04-14 01:14:46 +0200
0 - 0 - 3 thehairhive.ca/sql/beruytr.exe 108.167.140.113
2019-04-12 01:42:52 +0200
0 - 0 - 3 thehairhive.ca/temp/rain.exe 108.167.140.113
2019-04-12 00:45:33 +0200
0 - 0 - 3 thehairhive.ca/temp/femq.exe 108.167.140.113
2019-04-09 16:55:09 +0200
0 - 0 - 3 thehairhive.ca/temp/swexijn.exe 108.167.140.113
2019-04-01 14:46:35 +0200
0 - 0 - 3 thehairhive.ca/mry/iwewe.exe 108.167.140.113
2019-03-18 14:43:24 +0100
0 - 0 - 3 thehairhive.ca/temp/tybe.exe 108.167.140.113


JavaScript

Executed Scripts (9)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (21)


Request Response
                                        
                                            GET /bup/cerna.exe HTTP/1.1 
Host: thehairhive.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         108.167.140.113
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx/1.14.1
Date: Tue, 18 Dec 2018 05:26:46 GMT
Content-Length: 295
Connection: keep-alive
Location: http://thehairhive.ca/cgi-sys/suspendedpage.cgi


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   295
Md5:    9b720e62241158532209cb534ce43278
Sha1:   bec4727f85b9c55a83040aa5b4f4d91f8467e6b3
Sha256: 3bbadd26009f861769eadc223b8d7b4169ec4f0e8a7b7108d773b7e2ebe020d2

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            GET /cgi-sys/suspendedpage.cgi HTTP/1.1 
Host: thehairhive.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         108.167.140.113
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx/1.14.1
Date: Tue, 18 Dec 2018 05:26:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   328
Md5:    fb1f1c1c5ad6652e5f9a24e7281f197e
Sha1:   135776f031ccf711de784a9b77c47090014b12b8
Sha256: dbb71422ec19a857c3d18dc7ad3a5d02a20cc3fb28cc392e98d3916967286ea9

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            GET /?dn=referer_detect&pid=5POL4F2O4 HTTP/1.1 
Host: fwdssp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://thehairhive.ca/cgi-sys/suspendedpage.cgi

                                         
                                         208.91.196.46
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 18 Dec 2018 05:26:47 GMT
Server: Apache
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_ATGqZOIdF9sbSVA4dMf1GJ5NxdMVzV3+6MNYiizqOl1HxH77cYp42L85tL2cB9hZS6Br8JB/4VIL+NROV/cOGA==
ntCoent-Length: 3618
Keep-Alive: timeout=5, max=113
Connection: Keep-Alive
Cache-Control: private
Content-Encoding: gzip
Content-Length: 1757


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1757
Md5:    8e835adb9ecea2ea5829fe8e1fb47adb
Sha1:   6ffff98f45e387736017aad11f98e3dd36cd091e
Sha256: f2ab3e572688f0b9b202345244e5496165084f5d557cc852450b323e6cccd9ad
                                        
                                            GET /?domain=thehairhive.ca&dn=thehairhive.ca&fp=odY4nK9t4kyw6EJSn8UeVArTuvw2oWYstUqkBXbFXIeX0sjjbwXxBCXUrMxcNega%2B5%2FgHlXiJ0Uq9K0shiOD%2BzT3fhC8WUdWadyNsZkWEjR%2BEka8UKmaWTERjeatXXObit3O8g4%2F9dcMPZkOp0PbeU7eDim8nDkfb2U0VjOJ%2FdI%3D&prvtof=WWhcMGeb0hG9dPjo%2Bt54P%2FwFPfV387u1Lq8cAp4ARsf6Pq0oBXOKXkQlyvklLjz%2BMs%2FthdHxHmQyvu0zgBXbBA%3D%3D&poru=18Cx7HyTByfSoYyLQcleKYaFKpFtVhfgGlulGjJBnUC9KOpo%2FdjcqwLh%2FjAiWpGk8HjKGpybWwMCGkBri5aDWef52lHaUrBQknXWdfrRtsw%3D& HTTP/1.1 
Host: fwdssp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fwdssp.com/?dn=referer_detect&pid=5POL4F2O4
Cookie: isframesetenabled=1

                                         
                                         208.91.196.46
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 18 Dec 2018 05:26:47 GMT
Server: Apache
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_dY420uAw/4Ggo2gMlJEBJ/xBo88qpVz2LnO4y4bvE4v8LK1bVkf58kHhg18Ag7oYLIs3DYQpDwzazWVfbYvGtA==
Keep-Alive: timeout=5, max=112
Connection: Keep-Alive
Cache-Control: private
Content-Encoding: gzip
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   7041
Md5:    4606ddfc971d3f283597855c8d527846
Sha1:   c75b0d229f3797a5db3104dbb956be80051ddd78
Sha256: 94513bdad6a63faee5ed0e09118785afec3035966b59f41c20c1df73d5adf1e6
                                        
                                            GET /px.js?ch=1 HTTP/1.1 
Host: fwdssp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fwdssp.com/?domain=thehairhive.ca&dn=thehairhive.ca&fp=odY4nK9t4kyw6EJSn8UeVArTuvw2oWYstUqkBXbFXIeX0sjjbwXxBCXUrMxcNega%2B5%2FgHlXiJ0Uq9K0shiOD%2BzT3fhC8WUdWadyNsZkWEjR%2BEka8UKmaWTERjeatXXObit3O8g4%2F9dcMPZkOp0PbeU7eDim8nDkfb2U0VjOJ%2FdI%3D&prvtof=WWhcMGeb0hG9dPjo%2Bt54P%2FwFPfV387u1Lq8cAp4ARsf6Pq0oBXOKXkQlyvklLjz%2BMs%2FthdHxHmQyvu0zgBXbBA%3D%3D&poru=18Cx7HyTByfSoYyLQcleKYaFKpFtVhfgGlulGjJBnUC9KOpo%2FdjcqwLh%2FjAiWpGk8HjKGpybWwMCGkBri5aDWef52lHaUrBQknXWdfrRtsw%3D&
Cookie: isframesetenabled=1

                                         
                                         208.91.196.46
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 18 Dec 2018 05:26:49 GMT
Server: Apache
Last-Modified: Thu, 11 Jun 2015 06:47:35 GMT
Etag: "15a-518385dd48fc0"
Accept-Ranges: bytes
Content-Length: 346
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   346
Md5:    f84f931c0dd37448e03f0dabf4e4ca9f
Sha1:   9c2c50edcf576453ccc07bf65668bd23c76e8663
Sha256: 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /px.js?ch=2 HTTP/1.1 
Host: fwdssp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fwdssp.com/?domain=thehairhive.ca&dn=thehairhive.ca&fp=odY4nK9t4kyw6EJSn8UeVArTuvw2oWYstUqkBXbFXIeX0sjjbwXxBCXUrMxcNega%2B5%2FgHlXiJ0Uq9K0shiOD%2BzT3fhC8WUdWadyNsZkWEjR%2BEka8UKmaWTERjeatXXObit3O8g4%2F9dcMPZkOp0PbeU7eDim8nDkfb2U0VjOJ%2FdI%3D&prvtof=WWhcMGeb0hG9dPjo%2Bt54P%2FwFPfV387u1Lq8cAp4ARsf6Pq0oBXOKXkQlyvklLjz%2BMs%2FthdHxHmQyvu0zgBXbBA%3D%3D&poru=18Cx7HyTByfSoYyLQcleKYaFKpFtVhfgGlulGjJBnUC9KOpo%2FdjcqwLh%2FjAiWpGk8HjKGpybWwMCGkBri5aDWef52lHaUrBQknXWdfrRtsw%3D&
Cookie: isframesetenabled=1

                                         
                                         208.91.196.46
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 18 Dec 2018 05:26:49 GMT
Server: Apache
Last-Modified: Thu, 11 Jun 2015 06:47:35 GMT
Etag: "15a-518385dd48fc0"
Accept-Ranges: bytes
Content-Length: 346
Keep-Alive: timeout=5, max=21
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   346
Md5:    f84f931c0dd37448e03f0dabf4e4ca9f
Sha1:   9c2c50edcf576453ccc07bf65668bd23c76e8663
Sha256: 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
                                        
                                            GET /__media__/js/min.js?v2.2 HTTP/1.1 
Host: i4.cdn-image.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fwdssp.com/?domain=thehairhive.ca&dn=thehairhive.ca&fp=odY4nK9t4kyw6EJSn8UeVArTuvw2oWYstUqkBXbFXIeX0sjjbwXxBCXUrMxcNega%2B5%2FgHlXiJ0Uq9K0shiOD%2BzT3fhC8WUdWadyNsZkWEjR%2BEka8UKmaWTERjeatXXObit3O8g4%2F9dcMPZkOp0PbeU7eDim8nDkfb2U0VjOJ%2FdI%3D&prvtof=WWhcMGeb0hG9dPjo%2Bt54P%2FwFPfV387u1Lq8cAp4ARsf6Pq0oBXOKXkQlyvklLjz%2BMs%2FthdHxHmQyvu0zgBXbBA%3D%3D&poru=18Cx7HyTByfSoYyLQcleKYaFKpFtVhfgGlulGjJBnUC9KOpo%2FdjcqwLh%2FjAiWpGk8HjKGpybWwMCGkBri5aDWef52lHaUrBQknXWdfrRtsw%3D&

                                         
                                         91.135.34.99
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Last-Modified: Tue, 29 May 2018 11:32:13 GMT
Etag: "5b0d3a3d-211d"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=62092
Expires: Tue, 18 Dec 2018 22:41:41 GMT
Date: Tue, 18 Dec 2018 05:26:49 GMT
Content-Length: 3046
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   3046
Md5:    358db739f943efcd1ca6310132fcf730
Sha1:   8e6c56e709d94c83fbca087953d0740f774191a2
Sha256: e369d1f652f5348f6bd1dba0015d5038b5a675dc8067a7e5a7cacc0c5632edb4
                                        
                                            GET /__media__/pics/7867/srch-bg.gif HTTP/1.1 
Host: i4.cdn-image.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fwdssp.com/?domain=thehairhive.ca&dn=thehairhive.ca&fp=odY4nK9t4kyw6EJSn8UeVArTuvw2oWYstUqkBXbFXIeX0sjjbwXxBCXUrMxcNega%2B5%2FgHlXiJ0Uq9K0shiOD%2BzT3fhC8WUdWadyNsZkWEjR%2BEka8UKmaWTERjeatXXObit3O8g4%2F9dcMPZkOp0PbeU7eDim8nDkfb2U0VjOJ%2FdI%3D&prvtof=WWhcMGeb0hG9dPjo%2Bt54P%2FwFPfV387u1Lq8cAp4ARsf6Pq0oBXOKXkQlyvklLjz%2BMs%2FthdHxHmQyvu0zgBXbBA%3D%3D&poru=18Cx7HyTByfSoYyLQcleKYaFKpFtVhfgGlulGjJBnUC9KOpo%2FdjcqwLh%2FjAiWpGk8HjKGpybWwMCGkBri5aDWef52lHaUrBQknXWdfrRtsw%3D&

                                         
                                         91.135.34.99
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Content-Length: 1654
Last-Modified: Thu, 11 Jul 2013 12:19:19 GMT
Etag: "51dea2c7-676"
Accept-Ranges: bytes
Cache-Control: public, max-age=40566
Expires: Tue, 18 Dec 2018 16:42:55 GMT
Date: Tue, 18 Dec 2018 05:26:49 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 20
Size:   1654
Md5:    e9b497053066aad0ea2c2a10d2862ec7
Sha1:   cd78eb180d0c89fc0f386786e32d86eca8c52f4b
Sha256: 426c758d8a8deeb2363cc780c94e7d3149907e1b6da486606711460a47a81909
                                        
                                            GET /__media__/pics/8243/rhs.gif HTTP/1.1 
Host: i2.cdn-image.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fwdssp.com/?domain=thehairhive.ca&dn=thehairhive.ca&fp=odY4nK9t4kyw6EJSn8UeVArTuvw2oWYstUqkBXbFXIeX0sjjbwXxBCXUrMxcNega%2B5%2FgHlXiJ0Uq9K0shiOD%2BzT3fhC8WUdWadyNsZkWEjR%2BEka8UKmaWTERjeatXXObit3O8g4%2F9dcMPZkOp0PbeU7eDim8nDkfb2U0VjOJ%2FdI%3D&prvtof=WWhcMGeb0hG9dPjo%2Bt54P%2FwFPfV387u1Lq8cAp4ARsf6Pq0oBXOKXkQlyvklLjz%2BMs%2FthdHxHmQyvu0zgBXbBA%3D%3D&poru=18Cx7HyTByfSoYyLQcleKYaFKpFtVhfgGlulGjJBnUC9KOpo%2FdjcqwLh%2FjAiWpGk8HjKGpybWwMCGkBri5aDWef52lHaUrBQknXWdfrRtsw%3D&

                                         
                                         91.135.34.137
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Content-Length: 6763
Last-Modified: Thu, 13 Mar 2014 04:23:20 GMT
Etag: "532132b8-1a6b"
Accept-Ranges: bytes
Cache-Control: public, max-age=76388
Expires: Wed, 19 Dec 2018 02:39:57 GMT
Date: Tue, 18 Dec 2018 05:26:49 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 223 x 496
Size:   6763
Md5:    738a98317e1d519c23fd0a24f7f71013
Sha1:   ec066ce25b4d751213e5c7dd3970da784c8ea00e
Sha256: dd60f887006bbc29dec55adabc0653fb800bc3ec5bf0d7561ed076a9cc8f4f28
                                        
                                            GET /__media__/pics/8243/logo.png HTTP/1.1 
Host: i2.cdn-image.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fwdssp.com/?domain=thehairhive.ca&dn=thehairhive.ca&fp=odY4nK9t4kyw6EJSn8UeVArTuvw2oWYstUqkBXbFXIeX0sjjbwXxBCXUrMxcNega%2B5%2FgHlXiJ0Uq9K0shiOD%2BzT3fhC8WUdWadyNsZkWEjR%2BEka8UKmaWTERjeatXXObit3O8g4%2F9dcMPZkOp0PbeU7eDim8nDkfb2U0VjOJ%2FdI%3D&prvtof=WWhcMGeb0hG9dPjo%2Bt54P%2FwFPfV387u1Lq8cAp4ARsf6Pq0oBXOKXkQlyvklLjz%2BMs%2FthdHxHmQyvu0zgBXbBA%3D%3D&poru=18Cx7HyTByfSoYyLQcleKYaFKpFtVhfgGlulGjJBnUC9KOpo%2FdjcqwLh%2FjAiWpGk8HjKGpybWwMCGkBri5aDWef52lHaUrBQknXWdfrRtsw%3D&

                                         
                                         91.135.34.137
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Content-Length: 4422
Last-Modified: Thu, 13 Mar 2014 04:23:20 GMT
Etag: "532132b8-1146"
Accept-Ranges: bytes
Cache-Control: public, max-age=32248
Expires: Tue, 18 Dec 2018 14:24:17 GMT
Date: Tue, 18 Dec 2018 05:26:49 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  PNG image, 54 x 60, 8-bit/color RGBA, non-interlaced
Size:   4422
Md5:    8542f9ea48f13335ffacf4e87f2ba71b
Sha1:   f39877040579d6cd9dfbc34ebebe83826c1ee8ac
Sha256: 8281390023e6808659a7ec59a47caf3dc76117e4d06378eef5517b15126fcc1f
                                        
                                            GET /__media__/pics/8243/lhs.gif HTTP/1.1 
Host: i2.cdn-image.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fwdssp.com/?domain=thehairhive.ca&dn=thehairhive.ca&fp=odY4nK9t4kyw6EJSn8UeVArTuvw2oWYstUqkBXbFXIeX0sjjbwXxBCXUrMxcNega%2B5%2FgHlXiJ0Uq9K0shiOD%2BzT3fhC8WUdWadyNsZkWEjR%2BEka8UKmaWTERjeatXXObit3O8g4%2F9dcMPZkOp0PbeU7eDim8nDkfb2U0VjOJ%2FdI%3D&prvtof=WWhcMGeb0hG9dPjo%2Bt54P%2FwFPfV387u1Lq8cAp4ARsf6Pq0oBXOKXkQlyvklLjz%2BMs%2FthdHxHmQyvu0zgBXbBA%3D%3D&poru=18Cx7HyTByfSoYyLQcleKYaFKpFtVhfgGlulGjJBnUC9KOpo%2FdjcqwLh%2FjAiWpGk8HjKGpybWwMCGkBri5aDWef52lHaUrBQknXWdfrRtsw%3D&

                                         
                                         91.135.34.137
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Content-Length: 6724
Last-Modified: Thu, 13 Mar 2014 04:23:20 GMT
Etag: "532132b8-1a44"
Accept-Ranges: bytes
Cache-Control: public, max-age=85048
Expires: Wed, 19 Dec 2018 05:04:17 GMT
Date: Tue, 18 Dec 2018 05:26:49 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 223 x 496
Size:   6724
Md5:    4906390c3efdb35d6291c5856736b551
Sha1:   b63373ccdfa76b9ebbbd61f6ab6f95f633fc243c
Sha256: 60a125c08e4391e7735b20ba607d5a9c023b25322c21292d6cda6e6ff4d483c3
                                        
                                            GET /__media__/pics/8243/bg.gif HTTP/1.1 
Host: i3.cdn-image.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fwdssp.com/?domain=thehairhive.ca&dn=thehairhive.ca&fp=odY4nK9t4kyw6EJSn8UeVArTuvw2oWYstUqkBXbFXIeX0sjjbwXxBCXUrMxcNega%2B5%2FgHlXiJ0Uq9K0shiOD%2BzT3fhC8WUdWadyNsZkWEjR%2BEka8UKmaWTERjeatXXObit3O8g4%2F9dcMPZkOp0PbeU7eDim8nDkfb2U0VjOJ%2FdI%3D&prvtof=WWhcMGeb0hG9dPjo%2Bt54P%2FwFPfV387u1Lq8cAp4ARsf6Pq0oBXOKXkQlyvklLjz%2BMs%2FthdHxHmQyvu0zgBXbBA%3D%3D&poru=18Cx7HyTByfSoYyLQcleKYaFKpFtVhfgGlulGjJBnUC9KOpo%2FdjcqwLh%2FjAiWpGk8HjKGpybWwMCGkBri5aDWef52lHaUrBQknXWdfrRtsw%3D&

                                         
                                         91.135.34.99
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Content-Length: 4474
Last-Modified: Thu, 13 Mar 2014 04:23:20 GMT
Etag: "532132b8-117a"
Accept-Ranges: bytes
Cache-Control: public, max-age=39363
Expires: Tue, 18 Dec 2018 16:22:52 GMT
Date: Tue, 18 Dec 2018 05:26:49 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 50 x 50
Size:   4474
Md5:    cd89e5fa0d87eb4f9784d808947752e2
Sha1:   4e895fa74ac930a586639afee2e4a8612223ea6d
Sha256: c1c0fd25007c9bdd692c1c81c3c7d8580fc867879196b06af76edc638d6bc020
                                        
                                            GET /__media__/pics/8243/h_bg.gif HTTP/1.1 
Host: i3.cdn-image.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fwdssp.com/?domain=thehairhive.ca&dn=thehairhive.ca&fp=odY4nK9t4kyw6EJSn8UeVArTuvw2oWYstUqkBXbFXIeX0sjjbwXxBCXUrMxcNega%2B5%2FgHlXiJ0Uq9K0shiOD%2BzT3fhC8WUdWadyNsZkWEjR%2BEka8UKmaWTERjeatXXObit3O8g4%2F9dcMPZkOp0PbeU7eDim8nDkfb2U0VjOJ%2FdI%3D&prvtof=WWhcMGeb0hG9dPjo%2Bt54P%2FwFPfV387u1Lq8cAp4ARsf6Pq0oBXOKXkQlyvklLjz%2BMs%2FthdHxHmQyvu0zgBXbBA%3D%3D&poru=18Cx7HyTByfSoYyLQcleKYaFKpFtVhfgGlulGjJBnUC9KOpo%2FdjcqwLh%2FjAiWpGk8HjKGpybWwMCGkBri5aDWef52lHaUrBQknXWdfrRtsw%3D&

                                         
                                         91.135.34.99
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Content-Length: 2218
Last-Modified: Thu, 13 Mar 2014 04:23:20 GMT
Etag: "532132b8-8aa"
Accept-Ranges: bytes
Cache-Control: public, max-age=53082
Expires: Tue, 18 Dec 2018 20:11:31 GMT
Date: Tue, 18 Dec 2018 05:26:49 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 50 x 50
Size:   2218
Md5:    a616302295344a3ecca574184279a0a7
Sha1:   0c5af83b475861294fff41d968b09b7446c6c0dc
Sha256: 278ddf496b9901b10877ccef3aa7c5065aee136a7c0136523871b8b7d3b66624
                                        
                                            GET /sk-logabpstatus.php?a=N0thV2RvOVFrRzY2enNPNGdTMHJjaWZVTzRVRlVuOUJTL0VadkFHUnFPR1VESGJaRjdUL243UzlrVndwN1RQM1FNejhtZmRESjIzaEU1a2loMGpKNE15TlBVSUc1UHdYdTB2dUNtd0IrL3c9&b=false HTTP/1.1 
Host: fwdssp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fwdssp.com/?domain=thehairhive.ca&dn=thehairhive.ca&fp=odY4nK9t4kyw6EJSn8UeVArTuvw2oWYstUqkBXbFXIeX0sjjbwXxBCXUrMxcNega%2B5%2FgHlXiJ0Uq9K0shiOD%2BzT3fhC8WUdWadyNsZkWEjR%2BEka8UKmaWTERjeatXXObit3O8g4%2F9dcMPZkOp0PbeU7eDim8nDkfb2U0VjOJ%2FdI%3D&prvtof=WWhcMGeb0hG9dPjo%2Bt54P%2FwFPfV387u1Lq8cAp4ARsf6Pq0oBXOKXkQlyvklLjz%2BMs%2FthdHxHmQyvu0zgBXbBA%3D%3D&poru=18Cx7HyTByfSoYyLQcleKYaFKpFtVhfgGlulGjJBnUC9KOpo%2FdjcqwLh%2FjAiWpGk8HjKGpybWwMCGkBri5aDWef52lHaUrBQknXWdfrRtsw%3D&
Cookie: isframesetenabled=1

                                         
                                         208.91.196.46
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 18 Dec 2018 05:26:49 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=120
Connection: Keep-Alive


--- Additional Info ---
                                        
                                            GET /__media__/pics/657/error-bg.gif HTTP/1.1 
Host: searchdiscovered.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fwdssp.com/?domain=thehairhive.ca&dn=thehairhive.ca&fp=odY4nK9t4kyw6EJSn8UeVArTuvw2oWYstUqkBXbFXIeX0sjjbwXxBCXUrMxcNega%2B5%2FgHlXiJ0Uq9K0shiOD%2BzT3fhC8WUdWadyNsZkWEjR%2BEka8UKmaWTERjeatXXObit3O8g4%2F9dcMPZkOp0PbeU7eDim8nDkfb2U0VjOJ%2FdI%3D&prvtof=WWhcMGeb0hG9dPjo%2Bt54P%2FwFPfV387u1Lq8cAp4ARsf6Pq0oBXOKXkQlyvklLjz%2BMs%2FthdHxHmQyvu0zgBXbBA%3D%3D&poru=18Cx7HyTByfSoYyLQcleKYaFKpFtVhfgGlulGjJBnUC9KOpo%2FdjcqwLh%2FjAiWpGk8HjKGpybWwMCGkBri5aDWef52lHaUrBQknXWdfrRtsw%3D&

                                         
                                         208.91.196.4
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 18 Dec 2018 05:26:49 GMT
Server: Apache
Location: http://freeresultsguide.com/__media__/pics/657/error-bg.gif
Content-Length: 243
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   243
Md5:    9cd9326e3e1614d22b75e8d32ea585c0
Sha1:   1f2cd244c4541bcd15e2943e23f135029aa7adb8
Sha256: f1e045a975646a4d179b4bd606dab7d7136f33782be4ae53caee769d78c8cec3
                                        
                                            GET /__media__/pics/657/hostergator.gif HTTP/1.1 
Host: searchdiscovered.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fwdssp.com/?domain=thehairhive.ca&dn=thehairhive.ca&fp=odY4nK9t4kyw6EJSn8UeVArTuvw2oWYstUqkBXbFXIeX0sjjbwXxBCXUrMxcNega%2B5%2FgHlXiJ0Uq9K0shiOD%2BzT3fhC8WUdWadyNsZkWEjR%2BEka8UKmaWTERjeatXXObit3O8g4%2F9dcMPZkOp0PbeU7eDim8nDkfb2U0VjOJ%2FdI%3D&prvtof=WWhcMGeb0hG9dPjo%2Bt54P%2FwFPfV387u1Lq8cAp4ARsf6Pq0oBXOKXkQlyvklLjz%2BMs%2FthdHxHmQyvu0zgBXbBA%3D%3D&poru=18Cx7HyTByfSoYyLQcleKYaFKpFtVhfgGlulGjJBnUC9KOpo%2FdjcqwLh%2FjAiWpGk8HjKGpybWwMCGkBri5aDWef52lHaUrBQknXWdfrRtsw%3D&

                                         
                                         208.91.196.4
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 18 Dec 2018 05:26:49 GMT
Server: Apache
Location: http://freeresultsguide.com/__media__/pics/657/hostergator.gif
Content-Length: 246
Keep-Alive: timeout=5, max=103
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   246
Md5:    6d6711a966a709b625b99abda74a4256
Sha1:   f996b24c7b05bdee4a06c7049cb248445ec0677c
Sha256: b1656c00a494af260c5e61ff2fc13af17ba49a0ca02aeba2c809fe4122ba01f3
                                        
                                            GET /__media__/pics/657/hostergator.gif HTTP/1.1 
Host: freeresultsguide.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fwdssp.com/?domain=thehairhive.ca&dn=thehairhive.ca&fp=odY4nK9t4kyw6EJSn8UeVArTuvw2oWYstUqkBXbFXIeX0sjjbwXxBCXUrMxcNega%2B5%2FgHlXiJ0Uq9K0shiOD%2BzT3fhC8WUdWadyNsZkWEjR%2BEka8UKmaWTERjeatXXObit3O8g4%2F9dcMPZkOp0PbeU7eDim8nDkfb2U0VjOJ%2FdI%3D&prvtof=WWhcMGeb0hG9dPjo%2Bt54P%2FwFPfV387u1Lq8cAp4ARsf6Pq0oBXOKXkQlyvklLjz%2BMs%2FthdHxHmQyvu0zgBXbBA%3D%3D&poru=18Cx7HyTByfSoYyLQcleKYaFKpFtVhfgGlulGjJBnUC9KOpo%2FdjcqwLh%2FjAiWpGk8HjKGpybWwMCGkBri5aDWef52lHaUrBQknXWdfrRtsw%3D&

                                         
                                         208.91.196.4
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 18 Dec 2018 05:26:50 GMT
Server: Apache
Last-Modified: Mon, 09 May 2011 06:07:07 GMT
Etag: "1f47-4a2d1a631f8c0"
Accept-Ranges: bytes
Content-Length: 8007
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 220 x 63
Size:   8007
Md5:    1898aad5d11be03025f15b9137efa371
Sha1:   f61413766a2adcd018174b407e3e8e7e6f76feae
Sha256: c91b0f2a8767a2c2dfb64ee200bd110a476b613a855a0c8982dd3c9b93095bb3
                                        
                                            GET /__media__/pics/657/error-bg.gif HTTP/1.1 
Host: freeresultsguide.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fwdssp.com/?domain=thehairhive.ca&dn=thehairhive.ca&fp=odY4nK9t4kyw6EJSn8UeVArTuvw2oWYstUqkBXbFXIeX0sjjbwXxBCXUrMxcNega%2B5%2FgHlXiJ0Uq9K0shiOD%2BzT3fhC8WUdWadyNsZkWEjR%2BEka8UKmaWTERjeatXXObit3O8g4%2F9dcMPZkOp0PbeU7eDim8nDkfb2U0VjOJ%2FdI%3D&prvtof=WWhcMGeb0hG9dPjo%2Bt54P%2FwFPfV387u1Lq8cAp4ARsf6Pq0oBXOKXkQlyvklLjz%2BMs%2FthdHxHmQyvu0zgBXbBA%3D%3D&poru=18Cx7HyTByfSoYyLQcleKYaFKpFtVhfgGlulGjJBnUC9KOpo%2FdjcqwLh%2FjAiWpGk8HjKGpybWwMCGkBri5aDWef52lHaUrBQknXWdfrRtsw%3D&

                                         
                                         208.91.196.4
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 18 Dec 2018 05:26:50 GMT
Server: Apache
Last-Modified: Mon, 09 May 2011 06:07:12 GMT
Etag: "7d7-4a2d1a67e4400"
Accept-Ranges: bytes
Content-Length: 2007
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 526 x 2
Size:   2007
Md5:    2a0b3de86b6c212e0220f3a9757a5dbf
Sha1:   493f8e5c7a8c7c11645a99d22cfa8d637da6fe3e
Sha256: 76261ee6190ec30c36b297048d62eeb55240baa74253c6756c746d07d1fd8154
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: thehairhive.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         108.167.140.113
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx/1.14.1
Date: Tue, 18 Dec 2018 05:26:50 GMT
Content-Length: 295
Connection: keep-alive
Location: http://thehairhive.ca/cgi-sys/suspendedpage.cgi


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   295
Md5:    9b720e62241158532209cb534ce43278
Sha1:   bec4727f85b9c55a83040aa5b4f4d91f8467e6b3
Sha256: 3bbadd26009f861769eadc223b8d7b4169ec4f0e8a7b7108d773b7e2ebe020d2

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: thehairhive.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         108.167.140.113
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx/1.14.1
Date: Tue, 18 Dec 2018 05:26:50 GMT
Content-Length: 295
Connection: keep-alive
Location: http://thehairhive.ca/cgi-sys/suspendedpage.cgi


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   295
Md5:    9b720e62241158532209cb534ce43278
Sha1:   bec4727f85b9c55a83040aa5b4f4d91f8467e6b3
Sha256: 3bbadd26009f861769eadc223b8d7b4169ec4f0e8a7b7108d773b7e2ebe020d2

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /cgi-sys/suspendedpage.cgi HTTP/1.1 
Host: thehairhive.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         108.167.140.113
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx/1.14.1
Date: Tue, 18 Dec 2018 05:26:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   328
Md5:    fb1f1c1c5ad6652e5f9a24e7281f197e
Sha1:   135776f031ccf711de784a9b77c47090014b12b8
Sha256: dbb71422ec19a857c3d18dc7ad3a5d02a20cc3fb28cc392e98d3916967286ea9

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted