urlscan.io logo urlscan.io
SecurityTrails logo

ciirdf.ca Open in urlscan Pro
64.26.174.92  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-com...
Submission: On February 08 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 36 HTTP transactions. The main IP is 64.26.174.92, located in Canada and belongs to MAGMA-COMM - Magma Communications Ltd., CA. The main domain is ciirdf.ca.
This is the only time ciirdf.ca was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

IP Address AS Autonomous System
18 64.26.174.92 7788 (MAGMA-COMM)
14 95.101.242.48 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 95.101.242.51 16625 (AKAMAI-AS)
36 5
Domain Requested by
18 ciirdf.ca ciirdf.ca
14 www.paypalobjects.com ciirdf.ca
www.paypalobjects.com
1 t.paypal.com ciirdf.ca
1 www.google-analytics.com ciirdf.ca
0 paypal.d1.sc.omtrdc.net Failed ciirdf.ca
0 www.google.com Failed ciirdf.ca
36 6

This site contains no links.

Subject Issuer Validity Valid
www.paypalobjects.com
Symantec Class 3 EV SSL CA - G3		 2015-10-12 -
2017-09-02		 2 years crt.sh
*.google-analytics.com
Google Internet Authority G2		 2017-01-25 -
2017-04-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Frame ID: 1402.1
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

36
Requests

36 %
HTTPS

25 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

1526 kB
Transfer

1542 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request 20
  • https://ak1s.abmr.net/is/www.paypalobjects.com?U=/webstatic/fr_FR/mktg/wright/home/home_n1_1x.jpg&V=3-1v86k4TA9jyFPBCpw2CNzlgcC93x9cc38aMjVJEsaru%2fSUw%2ffL7xNh%2fIDedfX4tP&I=C9C7BB88F5CF648&D=payp...
  • https://www.paypalobjects.com/webstatic/fr_FR/mktg/wright/home/home_n1_1x.jpg?01AD=3alERUKV2iij-JrAB-bqAGTLl0vCcqWdwjtHQnKn8leHOmDCK66Xulg&01RI=C9C7BB88F5CF648&01NA=na
Request 21
  • https://ak1s.abmr.net/is/www.paypalobjects.com?U=/webstatic/fr_FR/mktg/wright/home/home_n3_1x.jpg&V=3-s7KPwmRuRwhm8aMataJNUic0MHTPj54CPE34MhdypLNLjpheYbZvmjFsAYYs3PKc&I=407DEC92EBA0083&D=paypalobje...
  • https://www.paypalobjects.com/webstatic/fr_FR/mktg/wright/home/home_n3_1x.jpg?01AD=3iUAGZa_yfXJnHveGQyi6w4r5CG_5NjzFhyCf3HnPHIzrYcC4rVOM_A&01RI=407DEC92EBA0083&01NA=na
Request 23
  • http://www.google-analytics.com/collect?v=1&_v=j46&a=1405714978&t=pageview&_s=1&dl=http%3A%2F%2Fciirdf.ca%2Fthankyou%2Fpaypal.ca%2Fwebapps%2Fmpp-home%2FAuthentification.verified-moi-information.ca%...
  • https://www.google-analytics.com/collect?v=1&_v=j46&a=1405714978&t=pageview&_s=1&dl=http%3A%2F%2Fciirdf.ca%2Fthankyou%2Fpaypal.ca%2Fwebapps%2Fmpp-home%2FAuthentification.verified-moi-information.ca...
Request 24
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j46&tid=UA-53389718-2&cid=1611876988.1486587390&jid=904342247&_u=QGAAgEAB~&z=378562424
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53389718-2&cid=1611876988.1486587390&jid=904342247&_v=j46&z=378562424

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/ 		43 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Protocol
HTTP/1.1
Server
64.26.174.92 , Canada, ASN7788 (MAGMA-COMM - Magma Communications Ltd., CA),
Reverse DNS
vws2.magma.ca
Software
Zeus/4.3 / PHP/5.2.9-20090427
Resource Hash
d0cedbc32feda8a7d49d8001322349facde45156b6d9ec572ca2b15444b3c110

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control
no-cache
Accept-Encoding
gzip, deflate, sdch
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Pragma
no-cache
Host
ciirdf.ca
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Type
text/html
Date
Wed, 08 Feb 2017 20:56:28 GMT
Server
Zeus/4.3
X-Powered-By
PHP/5.2.9-20090427
Transfer-Encoding
chunked
e3a51bf0748677664db495d10101356abd25f7.css
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ 		165 KB
165 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/e3a51bf0748677664db495d10101356abd25f7.css
Requested by
Host: ciirdf.ca
URL: http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Protocol
HTTP/1.1
Server
64.26.174.92 , Canada, ASN7788 (MAGMA-COMM - Magma Communications Ltd., CA),
Reverse DNS
vws2.magma.ca
Software
Zeus/4.3 /
Resource Hash
e3c743b9295adde3148e2295d616cfba622401545a4d09f1ee6ed91a8723e5b9

Request headers

Accept
text/css,*/*;q=0.1
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Cache-Control
no-cache
Pragma
no-cache
Host
ciirdf.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Connection
keep-alive
Accept-Encoding
gzip, deflate, sdch
Accept-Language
en-US,en;q=0.8
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Type
text/css
Date
Wed, 08 Feb 2017 20:56:28 GMT
Last-Modified
Mon, 22 Sep 2014 16:08:48 GMT
Server
Zeus/4.3
Accept-Ranges
bytes
Content-Length
168672
5a92c759ad3cb53e7fc68a188e04391c7be2e9.css
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/5a92c759ad3cb53e7fc68a188e04391c7be2e9.css
Requested by
Host: ciirdf.ca
URL: http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Protocol
HTTP/1.1
Server
64.26.174.92 , Canada, ASN7788 (MAGMA-COMM - Magma Communications Ltd., CA),
Reverse DNS
vws2.magma.ca
Software
Zeus/4.3 /
Resource Hash
b3087c485bf57fe2873693d950ec3d7bba1b35ddee8ab85ffa47d4ec39a70ff9

Request headers

Accept-Encoding
gzip, deflate, sdch
Host
ciirdf.ca
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Cache-Control
no-cache
Pragma
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Connection
keep-alive
Accept-Language
en-US,en;q=0.8
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Wed, 08 Feb 2017 20:56:28 GMT
Last-Modified
Mon, 22 Sep 2014 16:08:48 GMT
Server
Zeus/4.3
Accept-Ranges
bytes
Content-Length
2463
Content-Type
text/css
2e80a8c4ee99494500d5436386c5ef870e00e1.css
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/2e80a8c4ee99494500d5436386c5ef870e00e1.css
Requested by
Host: ciirdf.ca
URL: http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Protocol
HTTP/1.1
Server
64.26.174.92 , Canada, ASN7788 (MAGMA-COMM - Magma Communications Ltd., CA),
Reverse DNS
vws2.magma.ca
Software
Zeus/4.3 /
Resource Hash
3b76dc63be619f59219bf3cb6d1efe76c5d7759f8fe34a251b604df99a29d096

Request headers

Pragma
no-cache
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Cache-Control
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
ciirdf.ca
Accept
text/css,*/*;q=0.1
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/

Response headers

Date
Wed, 08 Feb 2017 20:56:29 GMT
Last-Modified
Mon, 22 Sep 2014 16:08:48 GMT
Server
Zeus/4.3
Accept-Ranges
bytes
Content-Length
6659
Content-Type
text/css
analytics.js
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/analytics.js
Requested by
Host: ciirdf.ca
URL: http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Protocol
HTTP/1.1
Server
64.26.174.92 , Canada, ASN7788 (MAGMA-COMM - Magma Communications Ltd., CA),
Reverse DNS
vws2.magma.ca
Software
Zeus/4.3 /
Resource Hash
91a4ad2cb6333a7d8799e1fe241004d2726959c26facc98aa15a6cf617e0e609

Request headers

Connection
keep-alive
Cache-Control
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
ciirdf.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Pragma
no-cache
Accept-Language
en-US,en;q=0.8
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Server
Zeus/4.3
Accept-Ranges
bytes
Content-Length
25222
Content-Type
application/x-javascript
Date
Wed, 08 Feb 2017 20:56:29 GMT
Last-Modified
Mon, 22 Sep 2014 16:08:48 GMT
f5548e5cfa43a3f52574a061e4fe89f59ae5bd.js
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/f5548e5cfa43a3f52574a061e4fe89f59ae5bd.js
Requested by
Host: ciirdf.ca
URL: http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Protocol
HTTP/1.1
Server
64.26.174.92 , Canada, ASN7788 (MAGMA-COMM - Magma Communications Ltd., CA),
Reverse DNS
vws2.magma.ca
Software
Zeus/4.3 /
Resource Hash
54bd5c318bbe7054546c25210272518082a2ae7edfb77645b2003f0270221cf4

Request headers

Accept-Encoding
gzip, deflate, sdch
Accept-Language
en-US,en;q=0.8
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Pragma
no-cache
Host
ciirdf.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Wed, 08 Feb 2017 20:56:29 GMT
Last-Modified
Mon, 22 Sep 2014 16:08:48 GMT
Server
Zeus/4.3
Accept-Ranges
bytes
Content-Length
8787
Content-Type
application/x-javascript
ab95bbb6fd867b030d0cf582fca3569e95cc56.js
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ 		347 KB
347 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ab95bbb6fd867b030d0cf582fca3569e95cc56.js
Requested by
Host: ciirdf.ca
URL: http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Protocol
HTTP/1.1
Server
64.26.174.92 , Canada, ASN7788 (MAGMA-COMM - Magma Communications Ltd., CA),
Reverse DNS
vws2.magma.ca
Software
Zeus/4.3 /
Resource Hash
1ba6e28987701d51cbbe89271833bb00d4049978ecfe399b98bab5b4019879c1

Request headers

Pragma
no-cache
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Connection
keep-alive
Cache-Control
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
ciirdf.ca
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/

Response headers

Last-Modified
Mon, 22 Sep 2014 16:08:48 GMT
Server
Zeus/4.3
Accept-Ranges
bytes
Content-Length
354969
Content-Type
application/x-javascript
Date
Wed, 08 Feb 2017 20:56:29 GMT
5d531740a310fe115e8e091f6b23e51c85d6f9.js
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/5d531740a310fe115e8e091f6b23e51c85d6f9.js
Requested by
Host: ciirdf.ca
URL: http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Protocol
HTTP/1.1
Server
64.26.174.92 , Canada, ASN7788 (MAGMA-COMM - Magma Communications Ltd., CA),
Reverse DNS
vws2.magma.ca
Software
Zeus/4.3 /
Resource Hash
eb6f838f26f4f83874589d12375be105b093a117619ee7be32c536874fa16062

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Connection
keep-alive
Cache-Control
no-cache
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Accept-Language
en-US,en;q=0.8
Host
ciirdf.ca
Accept
*/*
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Wed, 08 Feb 2017 20:56:29 GMT
Last-Modified
Mon, 22 Sep 2014 16:08:48 GMT
Server
Zeus/4.3
Accept-Ranges
bytes
Content-Length
7686
Content-Type
application/x-javascript
pp_jscode_080706.js
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ 		60 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/pp_jscode_080706.js
Requested by
Host: ciirdf.ca
URL: http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Protocol
HTTP/1.1
Server
64.26.174.92 , Canada, ASN7788 (MAGMA-COMM - Magma Communications Ltd., CA),
Reverse DNS
vws2.magma.ca
Software
Zeus/4.3 /
Resource Hash
9bbf1ce51d9751054757ff383e410a379a4b1ee26527334f4add83fbfba1d36c

Request headers

Pragma
no-cache
Host
ciirdf.ca
Accept
*/*
Cache-Control
no-cache
Accept-Encoding
gzip, deflate, sdch
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Connection
keep-alive
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Server
Zeus/4.3
Accept-Ranges
bytes
Content-Length
61883
Content-Type
application/x-javascript
Date
Wed, 08 Feb 2017 20:56:29 GMT
Last-Modified
Mon, 22 Sep 2014 16:08:48 GMT
pa.js
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ 		66 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/pa.js
Requested by
Host: ciirdf.ca
URL: http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Protocol
HTTP/1.1
Server
64.26.174.92 , Canada, ASN7788 (MAGMA-COMM - Magma Communications Ltd., CA),
Reverse DNS
vws2.magma.ca
Software
Zeus/4.3 /
Resource Hash
98ecaad59fce14516bd1c79d6361e1f798a6cf3d077b68b5807adc153c5fb389

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Cache-Control
no-cache
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Accept-Language
en-US,en;q=0.8
Host
ciirdf.ca
Accept
*/*
Connection
keep-alive
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Length
67902
Content-Type
application/x-javascript
Date
Wed, 08 Feb 2017 20:56:29 GMT
Last-Modified
Mon, 22 Sep 2014 16:08:48 GMT
Server
Zeus/4.3
Accept-Ranges
bytes
mapuid.gif
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/mapuid.gif
Requested by
Host: ciirdf.ca
URL: http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Protocol
HTTP/1.1
Server
64.26.174.92 , Canada, ASN7788 (MAGMA-COMM - Magma Communications Ltd., CA),
Reverse DNS
vws2.magma.ca
Software
Zeus/4.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Request headers

Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Connection
keep-alive
Cache-Control
no-cache
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
ciirdf.ca
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Wed, 08 Feb 2017 20:56:29 GMT
Last-Modified
Mon, 22 Sep 2014 16:08:48 GMT
Server
Zeus/4.3
Accept-Ranges
bytes
Content-Length
43
Content-Type
image/gif
analytics.js
www.paypalobjects.com/gajs/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.paypalobjects.com/gajs/analytics.js
Requested by
Host: ciirdf.ca
URL: http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Protocol
HTTP/1.1
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
98581bf58e5c202c1742212bb1351053431567fc3da31a0ee29f4f4826bb5214

Request headers

Cache-Control
no-cache
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
Accept
*/*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Connection
keep-alive
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Wed, 08 Feb 2017 20:56:30 GMT
Last-Modified
Wed, 14 Sep 2016 00:07:04 GMT
Accept-Ranges
bytes
Content-Encoding
gzip
Connection
keep-alive
Content-Length
11602
Expires
Thu, 09 Feb 2017 20:56:30 GMT
X-Pad
avoid browser bug
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Cookie set hamburger2x.png
www.paypalobjects.com/webstatic/mktg/2014design/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/webstatic/mktg/2014design/hamburger2x.png
Requested by
Host: www.paypalobjects.com
URL: http://www.paypalobjects.com/gajs/analytics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
3e5e7ada07b81c61389cce569f5e54c9dec0fccf9fec0f7b25f5947bac1ecbcc

Request headers

Accept
image/webp,image/*,*/*;q=0.8
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/e3a51bf0748677664db495d10101356abd25f7.css
Connection
keep-alive
Cache-Control
no-cache
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
www.paypalobjects.com
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/e3a51bf0748677664db495d10101356abd25f7.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Type
image/png
Cache-Control
max-age=0, no-cache, no-store
Set-Cookie
PYPF=CT; expires=Wed, 08-Mar-2017 20:56:30 GMT; path=/; domain=.paypalobjects.com
Accept-Ranges
bytes
Server
Apache
P3P
CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"
Last-Modified
Tue, 07 Jan 2014 00:41:29 GMT
Connection
keep-alive
Content-Length
1443
Expires
Wed, 08 Feb 2017 20:56:30 GMT
Pragma
no-cache
Date
Wed, 08 Feb 2017 20:56:30 GMT
ppcom.svg
www.paypalobjects.com/webstatic/i/logo/rebrand/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/webstatic/i/logo/rebrand/ppcom.svg
Requested by
Host: www.paypalobjects.com
URL: http://www.paypalobjects.com/gajs/analytics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
bb230994469278cbe80e0336a575209516879ad6a5e8cc9233956e71747de578

Request headers

Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/e3a51bf0748677664db495d10101356abd25f7.css
Connection
keep-alive
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
Cache-Control
no-cache
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/e3a51bf0748677664db495d10101356abd25f7.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5588
Last-Modified
Mon, 21 Apr 2014 21:29:42 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
image/svg+xml
access-control-allow-origin
*
Expires
Fri, 10 Mar 2017 20:56:30 GMT
Date
Wed, 08 Feb 2017 20:56:30 GMT
Cookie set FR-Homepage-Hero-light.jpg
www.paypalobjects.com/webstatic/fr_FR/mktg/ 		216 KB
216 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/webstatic/fr_FR/mktg/FR-Homepage-Hero-light.jpg
Requested by
Host: www.paypalobjects.com
URL: http://www.paypalobjects.com/gajs/analytics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
74f4fc2a3fd6f901662374ee82a447226523e3e2e2701bb39910c7b4e907c105

Request headers

Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/2e80a8c4ee99494500d5436386c5ef870e00e1.css
Pragma
no-cache
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept-Encoding
gzip, deflate, sdch, br
Accept
image/webp,image/*,*/*;q=0.8
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/2e80a8c4ee99494500d5436386c5ef870e00e1.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Last-Modified
Mon, 15 Sep 2014 17:25:35 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=0, no-cache, no-store
Accept-Ranges
bytes
Content-Length
221083
Pragma
no-cache
Date
Wed, 08 Feb 2017 20:56:30 GMT
P3P
CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"
Connection
keep-alive
Set-Cookie
PYPF=CT; expires=Wed, 08-Mar-2017 20:56:30 GMT; path=/; domain=.paypalobjects.com
Expires
Wed, 08 Feb 2017 20:56:30 GMT
Cookie set home-signup.jpg
www.paypalobjects.com/webstatic/mktg/wright/videos/ 		184 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/webstatic/mktg/wright/videos/home-signup.jpg
Requested by
Host: www.paypalobjects.com
URL: http://www.paypalobjects.com/gajs/analytics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
7c65abf1ec01c147983415383b760b2ead09552e3cdd7cfaf985a8a25907b651

Request headers

Accept-Encoding
gzip, deflate, sdch, br
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Pragma
no-cache
Host
www.paypalobjects.com
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/2e80a8c4ee99494500d5436386c5ef870e00e1.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/2e80a8c4ee99494500d5436386c5ef870e00e1.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Wed, 08 Feb 2017 20:56:30 GMT
Last-Modified
Fri, 14 Mar 2014 17:51:37 GMT
Cache-Control
max-age=0, no-cache, no-store
Content-Length
188845
Expires
Wed, 08 Feb 2017 20:56:30 GMT
Pragma
no-cache
Server
Apache
P3P
CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"
Connection
keep-alive
Content-Type
image/jpeg
Set-Cookie
PYPF=CT; expires=Wed, 08-Mar-2017 20:56:30 GMT; path=/; domain=.paypalobjects.com
Accept-Ranges
bytes
festivo18.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/headlinelight/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webstatic/mktg/2014design/font/headlinelight/festivo18.woff
Requested by
Host: www.paypalobjects.com
URL: http://www.paypalobjects.com/gajs/analytics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
b935814d911d2dc8a7abfedc4e31f9cda4c2f21821107ca66b3ca23801dae353

Request headers

Origin
http://ciirdf.ca
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
Connection
keep-alive
Cache-Control
no-cache
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/e3a51bf0748677664db495d10101356abd25f7.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/e3a51bf0748677664db495d10101356abd25f7.css
Origin
http://ciirdf.ca

Response headers

Last-Modified
Wed, 16 Apr 2014 15:36:56 GMT
Server
Apache
Vary
Accept-Encoding
Content-Length
54868
Expires
Fri, 10 Mar 2017 20:56:30 GMT
Date
Wed, 08 Feb 2017 20:56:30 GMT
Content-Type
application/x-font-woff
access-control-allow-origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Pad
avoid browser bug
festivo1.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/headlinedark/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webstatic/mktg/2014design/font/headlinedark/festivo1.woff
Requested by
Host: www.paypalobjects.com
URL: http://www.paypalobjects.com/gajs/analytics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
0893a0c42b636e0c1ae17b78325011c54267b003902430314d33d178ff3a0620

Request headers

Accept-Language
en-US,en;q=0.8
Connection
keep-alive
Cache-Control
no-cache
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
www.paypalobjects.com
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/e3a51bf0748677664db495d10101356abd25f7.css
Origin
http://ciirdf.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Origin
http://ciirdf.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/e3a51bf0748677664db495d10101356abd25f7.css

Response headers

X-Pad
avoid browser bug
Last-Modified
Wed, 16 Apr 2014 15:36:56 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-font-woff
Expires
Fri, 10 Mar 2017 20:56:30 GMT
Date
Wed, 08 Feb 2017 20:56:30 GMT
access-control-allow-origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37084
Cookie set quickbar-icons2x.png
www.paypalobjects.com/webstatic/mktg/wright/icons/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/webstatic/mktg/wright/icons/quickbar-icons2x.png
Requested by
Host: www.paypalobjects.com
URL: http://www.paypalobjects.com/gajs/analytics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
03e10e46f0fae29dc24f4cb322a78a321b0e53195269d78f627d78193332b8f2

Request headers

Pragma
no-cache
Accept
image/webp,image/*,*/*;q=0.8
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/2e80a8c4ee99494500d5436386c5ef870e00e1.css
Connection
keep-alive
Cache-Control
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
www.paypalobjects.com
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/2e80a8c4ee99494500d5436386c5ef870e00e1.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Wed, 08 Feb 2017 20:56:30 GMT
Set-Cookie
PYPF=CT; expires=Wed, 08-Mar-2017 20:56:30 GMT; path=/; domain=.paypalobjects.com
Expires
Wed, 08 Feb 2017 20:56:30 GMT
Pragma
no-cache
Server
Apache
P3P
CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"
Connection
keep-alive
Content-Type
image/png
Cache-Control
max-age=0, no-cache, no-store
Accept-Ranges
bytes
Content-Length
5351
Last-Modified
Wed, 30 Apr 2014 21:59:50 GMT
Cookie set sprite_countries_flag4.png
www.paypalobjects.com/webstatic/mktg/icons/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/webstatic/mktg/icons/sprite_countries_flag4.png
Requested by
Host: www.paypalobjects.com
URL: http://www.paypalobjects.com/gajs/analytics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
94ffc263295036858354cea9af2d7f0e45e1a030e781edd1655727c4b0eb226c

Request headers

Pragma
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/e3a51bf0748677664db495d10101356abd25f7.css
Cache-Control
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
Connection
keep-alive
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/e3a51bf0748677664db495d10101356abd25f7.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Pragma
no-cache
Server
Apache
Connection
keep-alive
Set-Cookie
PYPF=CT; expires=Wed, 08-Mar-2017 20:56:30 GMT; path=/; domain=.paypalobjects.com
Accept-Ranges
bytes
Expires
Wed, 08 Feb 2017 20:56:30 GMT
Date
Wed, 08 Feb 2017 20:56:30 GMT
Last-Modified
Tue, 02 Dec 2014 22:01:37 GMT
P3P
CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"
Content-Type
image/png
Cache-Control
max-age=0, no-cache, no-store
Content-Length
69730
Cookie set fancy-down-arrow2x.png
www.paypalobjects.com/webstatic/mktg/2014design/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/webstatic/mktg/2014design/fancy-down-arrow2x.png
Requested by
Host: www.paypalobjects.com
URL: http://www.paypalobjects.com/gajs/analytics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
5680450e332b59731870c82f644abce99ffe9edfa3d8096648d7bf1e04f23584

Request headers

Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/e3a51bf0748677664db495d10101356abd25f7.css
Connection
keep-alive
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Cache-Control
no-cache
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/e3a51bf0748677664db495d10101356abd25f7.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Length
1795
Date
Wed, 08 Feb 2017 20:56:30 GMT
Last-Modified
Thu, 19 Dec 2013 22:07:06 GMT
Server
Apache
P3P
CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"
Set-Cookie
PYPF=CT; expires=Wed, 08-Mar-2017 20:56:30 GMT; path=/; domain=.paypalobjects.com
Expires
Wed, 08 Feb 2017 20:56:30 GMT
Pragma
no-cache
Connection
keep-alive
Content-Type
image/png
Cache-Control
max-age=0, no-cache, no-store
Accept-Ranges
bytes
Cookie set home_n1_1x.jpg
www.paypalobjects.com/webstatic/fr_FR/mktg/wright/home/
Redirect Chain
  • https://ak1s.abmr.net/is/www.paypalobjects.com?U=/webstatic/fr_FR/mktg/wright/home/home_n1_1x.jpg&V=3-1v86k4TA9jyFPBCpw2CNzlgcC93x9cc38aMjVJEsaru%2fSUw%2ffL7xNh%2fIDedfX4tP&I=C9C7BB88F5CF648&D=payp...
  • https://www.paypalobjects.com/webstatic/fr_FR/mktg/wright/home/home_n1_1x.jpg?01AD=3alERUKV2iij-JrAB-bqAGTLl0vCcqWdwjtHQnKn8leHOmDCK66Xulg&01RI=C9C7BB88F5CF648&01NA=na
 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/webstatic/fr_FR/mktg/wright/home/home_n1_1x.jpg?01AD=3alERUKV2iij-JrAB-bqAGTLl0vCcqWdwjtHQnKn8leHOmDCK66Xulg&01RI=C9C7BB88F5CF648&01NA=na
Requested by
Host: ciirdf.ca
URL: http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
aee6175c60943c60a98f3f8522f6e864cb5bd8175b25c90ce40bbab5574bdf8f

Request headers

Cookie
PYPF=CT-1
Cache-Control
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Pragma
no-cache
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/2e80a8c4ee99494500d5436386c5ef870e00e1.css
Connection
keep-alive
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/2e80a8c4ee99494500d5436386c5ef870e00e1.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Pragma
no-cache
Server
Apache
Content-Type
image/jpeg
Accept-Ranges
bytes
Expires
Wed, 08 Feb 2017 20:56:30 GMT
Set-Cookie
PYPF=CT-USR; expires=Wed, 08-Mar-2017 20:56:30 GMT; path=/; domain=.paypalobjects.com
Content-Length
30342
Date
Wed, 08 Feb 2017 20:56:30 GMT
Last-Modified
Wed, 30 Apr 2014 15:54:50 GMT
P3P
CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store

Redirect headers

Pragma
no-cache
Date
Wed, 08 Feb 2017 20:56:30 GMT
P3P
policyref="http://www.abmr.net/w3c/policy.xml", CP="NON DSP COR CURa ADMa DEVa OUR SAMa IND"
Location
https://www.paypalobjects.com/webstatic/fr_FR/mktg/wright/home/home_n1_1x.jpg?01AD=3alERUKV2iij-JrAB-bqAGTLl0vCcqWdwjtHQnKn8leHOmDCK66Xulg&01RI=C9C7BB88F5CF648&01NA=na
Set-Cookie
01AI=2-2-CC719774C5494C3C3E5E114F55B29D59753CCA2E66800D5E2C772B7044C21929-B72E0B0F9E302BBD34CF1F68EFC5F117C31D7229809E640CE99BA0037E7DC4CD; expires=Thu, 08-Feb-2018 20:56:30 GMT; path=/; domain=.abmr.net
Content-Length
0
Expires
Wed, 08 Feb 2017 20:56:30 GMT
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store
Cookie set home_n3_1x.jpg
www.paypalobjects.com/webstatic/fr_FR/mktg/wright/home/
Redirect Chain
  • https://ak1s.abmr.net/is/www.paypalobjects.com?U=/webstatic/fr_FR/mktg/wright/home/home_n3_1x.jpg&V=3-s7KPwmRuRwhm8aMataJNUic0MHTPj54CPE34MhdypLNLjpheYbZvmjFsAYYs3PKc&I=407DEC92EBA0083&D=paypalobje...
  • https://www.paypalobjects.com/webstatic/fr_FR/mktg/wright/home/home_n3_1x.jpg?01AD=3iUAGZa_yfXJnHveGQyi6w4r5CG_5NjzFhyCf3HnPHIzrYcC4rVOM_A&01RI=407DEC92EBA0083&01NA=na
 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/webstatic/fr_FR/mktg/wright/home/home_n3_1x.jpg?01AD=3iUAGZa_yfXJnHveGQyi6w4r5CG_5NjzFhyCf3HnPHIzrYcC4rVOM_A&01RI=407DEC92EBA0083&01NA=na
Requested by
Host: ciirdf.ca
URL: http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
40a50eff9416a012b8332cd3fbf98f850d845704497350bf06e7bde141174fa0

Request headers

Pragma
no-cache
Accept
image/webp,image/*,*/*;q=0.8
Cookie
PYPF=CT-1
Connection
keep-alive
Cache-Control
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/2e80a8c4ee99494500d5436386c5ef870e00e1.css
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/2e80a8c4ee99494500d5436386c5ef870e00e1.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Wed, 08 Feb 2017 20:56:30 GMT
Server
Apache
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store
Set-Cookie
PYPF=CT-USR; expires=Wed, 08-Mar-2017 20:56:30 GMT; path=/; domain=.paypalobjects.com
Pragma
no-cache
Last-Modified
Wed, 30 Apr 2014 15:54:50 GMT
P3P
CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
33987
Expires
Wed, 08 Feb 2017 20:56:30 GMT

Redirect headers

Pragma
no-cache
Connection
keep-alive
Location
https://www.paypalobjects.com/webstatic/fr_FR/mktg/wright/home/home_n3_1x.jpg?01AD=3iUAGZa_yfXJnHveGQyi6w4r5CG_5NjzFhyCf3HnPHIzrYcC4rVOM_A&01RI=407DEC92EBA0083&01NA=na
Cache-Control
max-age=0, no-cache, no-store
Content-Length
0
Expires
Wed, 08 Feb 2017 20:56:30 GMT
Date
Wed, 08 Feb 2017 20:56:30 GMT
P3P
policyref="http://www.abmr.net/w3c/policy.xml", CP="NON DSP COR CURa ADMa DEVa OUR SAMa IND"
Set-Cookie
01AI=2-2-80C0CF2C3D40D13392C5671AB234A1588947107E7121D87B9821F54EBB4E401C-99A613E9C680BA706BF8C193D7B4CABEEE075334F896604C90A4E1DB77B6C8C9; expires=Thu, 08-Feb-2018 20:56:30 GMT; path=/; domain=.abmr.net
search_glass_large2x.png
www.paypalobjects.com/webstatic/mktg/2014design/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/webstatic/mktg/2014design/search_glass_large2x.png
Requested by
Host: www.paypalobjects.com
URL: http://www.paypalobjects.com/gajs/analytics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
994cecff0e6c4728f23d55b697d65e23dfea6d902ba8386400fa241989215b08

Request headers

Cookie
PYPF=CT-1
Pragma
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/e3a51bf0748677664db495d10101356abd25f7.css
Accept
image/webp,image/*,*/*;q=0.8
Connection
keep-alive
Cache-Control
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/e3a51bf0748677664db495d10101356abd25f7.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Server
Apache
Content-Type
image/png
Cache-Control
max-age=0, no-cache, no-store
Last-Modified
Tue, 07 Jan 2014 00:41:29 GMT
Date
Wed, 08 Feb 2017 20:56:30 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1826
Expires
Wed, 08 Feb 2017 20:56:30 GMT
Pragma
no-cache
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j46&a=1405714978&t=pageview&_s=1&dl=http%3A%2F%2Fciirdf.ca%2Fthankyou%2Fpaypal.ca%2Fwebapps%2Fmpp-home%2FAuthentification.verified-moi-information.ca%...
  • https://www.google-analytics.com/collect?v=1&_v=j46&a=1405714978&t=pageview&_s=1&dl=http%3A%2F%2Fciirdf.ca%2Fthankyou%2Fpaypal.ca%2Fwebapps%2Fmpp-home%2FAuthentification.verified-moi-information.ca...
 		35 B
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j46&a=1405714978&t=pageview&_s=1&dl=http%3A%2F%2Fciirdf.ca%2Fthankyou%2Fpaypal.ca%2Fwebapps%2Fmpp-home%2FAuthentification.verified-moi-information.ca%2Finformation-compte-demande.ca%2F&dp=%2Ffr%2Fthankyou%2Fpaypal.ca%2Fwebapps%2Fmpp-home%2FAuthentification.verified-moi-information.ca%2Finformation-compte-demande.ca%2F&ul=en-us&de=UTF-8&dt=PayPal%3A%20Achetez%2C%20envoyez%20de%20l%27argent%20et%20acceptez%20les%20paiements&sd=24-bit&sr=1600x1200&vp=1583x1132&je=0&fl=24.0%20r0&_u=QGAAgEAB~&jid=904342247&cid=1611876988.1486587390&tid=UA-53389718-2&cd1=%20UTC0&cd2=Wed%20Feb%2008%202017%2020%3A56%3A30%20GMT%2B0000%20(UTC)&z=1874734400
Requested by
Host: ciirdf.ca
URL: http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:400e:805::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept
image/webp,image/*,*/*;q=0.8
:authority
www.google-analytics.com
referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
:scheme
https
:method
GET
cache-control
no-cache
:path
/collect?v=1&_v=j46&a=1405714978&t=pageview&_s=1&dl=http%3A%2F%2Fciirdf.ca%2Fthankyou%2Fpaypal.ca%2Fwebapps%2Fmpp-home%2FAuthentification.verified-moi-information.ca%2Finformation-compte-demande.ca%2F&dp=%2Ffr%2Fthankyou%2Fpaypal.ca%2Fwebapps%2Fmpp-home%2FAuthentification.verified-moi-information.ca%2Finformation-compte-demande.ca%2F&ul=en-us&de=UTF-8&dt=PayPal%3A%20Achetez%2C%20envoyez%20de%20l%27argent%20et%20acceptez%20les%20paiements&sd=24-bit&sr=1600x1200&vp=1583x1132&je=0&fl=24.0%20r0&_u=QGAAgEAB~&jid=904342247&cid=1611876988.1486587390&tid=UA-53389718-2&cd1=%20UTC0&cd2=Wed%20Feb%2008%202017%2020%3A56%3A30%20GMT%2B0000%20(UTC)&z=1874734400
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

age
168445
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
date
Mon, 06 Feb 2017 22:09:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Golfe2
alt-svc
quic=":443"; ma=2592000; v="35,34"

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j46&a=1405714978&t=pageview&_s=1&dl=http%3A%2F%2Fciirdf.ca%2Fthankyou%2Fpaypal.ca%2Fwebapps%2Fmpp-home%2FAuthentification.verified-moi-information.ca%2Finformation-compte-demande.ca%2F&dp=%2Ffr%2Fthankyou%2Fpaypal.ca%2Fwebapps%2Fmpp-home%2FAuthentification.verified-moi-information.ca%2Finformation-compte-demande.ca%2F&ul=en-us&de=UTF-8&dt=PayPal%3A%20Achetez%2C%20envoyez%20de%20l%27argent%20et%20acceptez%20les%20paiements&sd=24-bit&sr=1600x1200&vp=1583x1132&je=0&fl=24.0%20r0&_u=QGAAgEAB~&jid=904342247&cid=1611876988.1486587390&tid=UA-53389718-2&cd1=%20UTC0&cd2=Wed%20Feb%2008%202017%2020%3A56%3A30%20GMT%2B0000%20(UTC)&z=1874734400
Non-Authoritative-Reason
HSTS
ga-audiences
www.google.com/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j46&tid=UA-53389718-2&cid=1611876988.1486587390&jid=904342247&_u=QGAAgEAB~&z=378562424
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53389718-2&cid=1611876988.1486587390&jid=904342247&_v=j46&z=378562424
 		0
0
5d531740a310fe115e8e091f6b23e51c85d6f9.js
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/5d531740a310fe115e8e091f6b23e51c85d6f9.js
Requested by
Host: ciirdf.ca
URL: http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Protocol
HTTP/1.1
Server
64.26.174.92 , Canada, ASN7788 (MAGMA-COMM - Magma Communications Ltd., CA),
Reverse DNS
vws2.magma.ca
Software
Zeus/4.3 /
Resource Hash
eb6f838f26f4f83874589d12375be105b093a117619ee7be32c536874fa16062

Request headers

Accept-Encoding
gzip, deflate, sdch
Host
ciirdf.ca
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Cache-Control
no-cache
Pragma
no-cache
Accept
*/*
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/

Response headers

Date
Wed, 08 Feb 2017 20:56:30 GMT
Last-Modified
Mon, 22 Sep 2014 16:08:48 GMT
Server
Zeus/4.3
Accept-Ranges
bytes
Content-Length
7686
Content-Type
application/x-javascript
pp_jscode_080706.js
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ 		60 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/pp_jscode_080706.js
Requested by
Host: ciirdf.ca
URL: http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Protocol
HTTP/1.1
Server
64.26.174.92 , Canada, ASN7788 (MAGMA-COMM - Magma Communications Ltd., CA),
Reverse DNS
vws2.magma.ca
Software
Zeus/4.3 /
Resource Hash
9bbf1ce51d9751054757ff383e410a379a4b1ee26527334f4add83fbfba1d36c

Request headers

Host
ciirdf.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Connection
keep-alive
Cache-Control
no-cache
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Accept-Language
en-US,en;q=0.8
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Length
61883
Content-Type
application/x-javascript
Date
Wed, 08 Feb 2017 20:56:30 GMT
Last-Modified
Mon, 22 Sep 2014 16:08:48 GMT
Server
Zeus/4.3
Accept-Ranges
bytes
pa.js
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ 		66 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/pa.js
Requested by
Host: ciirdf.ca
URL: http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Protocol
HTTP/1.1
Server
64.26.174.92 , Canada, ASN7788 (MAGMA-COMM - Magma Communications Ltd., CA),
Reverse DNS
vws2.magma.ca
Software
Zeus/4.3 /
Resource Hash
98ecaad59fce14516bd1c79d6361e1f798a6cf3d077b68b5807adc153c5fb389

Request headers

Accept-Encoding
gzip, deflate, sdch
Accept-Language
en-US,en;q=0.8
Accept
*/*
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Pragma
no-cache
Host
ciirdf.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Length
67902
Content-Type
application/x-javascript
Date
Wed, 08 Feb 2017 20:56:31 GMT
Last-Modified
Mon, 22 Sep 2014 16:08:48 GMT
Server
Zeus/4.3
Accept-Ranges
bytes
mapuid.gif
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/mapuid.gif
Requested by
Host: ciirdf.ca
URL: http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Protocol
HTTP/1.1
Server
64.26.174.92 , Canada, ASN7788 (MAGMA-COMM - Magma Communications Ltd., CA),
Reverse DNS
vws2.magma.ca
Software
Zeus/4.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Request headers

Pragma
no-cache
Host
ciirdf.ca
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Connection
keep-alive
Accept-Encoding
gzip, deflate, sdch
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Cache-Control
no-cache
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Wed, 08 Feb 2017 20:56:31 GMT
Last-Modified
Mon, 22 Sep 2014 16:08:48 GMT
Server
Zeus/4.3
Accept-Ranges
bytes
Content-Length
43
Content-Type
image/gif
Cookie set ts
t.paypal.com/ 		42 B
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://t.paypal.com/ts?v=0.1&t=1486587393305&g=0&e=im&pgrp=main%3Amktg%3Apersonal%3A%3Ahome&page=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&tmpl=home.dust&pgst=Unknown&lgin=out&calc=3d5ab1dfaa922&rsta=fr_FR&s=ci&ccpg=fr&csci=51e896fb94094aff866fe6b6975ee65e&pgld=Unknown&bzsr=main&bchn=mktg&pgsf=personal&shir=main_mktg_personal_&gacook=1611876988.1486587390&pt=PayPal%3A%20Achetez%2C%20envoyez%20de%20l%27argent%20et%20acceptez%20les%20paiements&cd=24&sw=1600&sh=1200&bw=1598&bh=1132&ce=1&pl=pdf%2CShockwave%20Flash%2024.0%20r0&t1=269&t1c=269&t1d=159&t1s=0&t2=551&t3=442&t4d=0&t4=0&t4e=0&tt=0&teal=h%252FKJCfLFqEvUbjBsDt9huNW1xwi51JGqfY%252BdEh8FG6CkR9euBYRI7%252BmlPunyzQnqyIWFj1auQMc_1489cd45329
Requested by
Host: ciirdf.ca
URL: http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Protocol
HTTP/1.1
Server
95.101.242.51 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-51.deploy.akamaitechnologies.com
Software
Apache-Coyote/1.1 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Cache-Control
no-cache
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
t.paypal.com
Accept-Language
en-US,en;q=0.8
Accept
image/webp,image/*,*/*;q=0.8
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/

Response headers

Content-Type
image/gif
Content-Length
42
Date
Wed, 08 Feb 2017 20:56:33 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store
Rlogid
hLNnIYcTh1BcytWAzr9t%2FD3uo1xGOYFRq8p4%2FFhUk8nIj6dE8dS09c59wcYjZhTpCx52HNR7BNaZe02PrIKRtUFUAtYapcVky%2BQZY6i1OaI_15a1f8375a0
Set-Cookie
JSESSIONID=3288D9E8D2B05D0955C806BD8211E6FB; Path=/webapps/tracking ts=vreXpYrS%3D1581258170%26vteXpYrS%3D1486589193%26vr%3D1f8375a015a0a491a407c6c7fedc7489%26vt%3D1f8375a015a0a491a407c6c7fedc7488; Domain=.paypal.com; Expires=Sun, 09-Feb-2020 14:22:50 GMT; Path=/
Expires
Wed, 08 Feb 2017 20:56:33 GMT
Pragma
no-cache
P3P
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
s67478430706757
paypal.d1.sc.omtrdc.net/b/ss/paypalglobal/1/H.25.3/ 		0
0
pp32.png
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/pp32.png
Protocol
HTTP/1.1
Server
64.26.174.92 , Canada, ASN7788 (MAGMA-COMM - Magma Communications Ltd., CA),
Reverse DNS
vws2.magma.ca
Software
Zeus/4.3 /
Resource Hash
9e208d404c81e5fc7170c13b8564b1368100d668b2071b16ee14600d08519ac4

Request headers

Accept-Encoding
gzip, deflate, sdch
Host
ciirdf.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Connection
keep-alive
Pragma
no-cache
Accept-Language
en-US,en;q=0.8
Accept
image/webp,image/*,*/*;q=0.8
Cookie
s_pers=%20s_fid%3D0F6676FE406C6FC9-032B1AC478486C2F%7C1549659393532%3B%20gpv_c43%3Dmain%253Amktg%253Apersonal%253A%253Ahome%7C1486589193534%3B%20tr_p1%3Dmain%253Amktg%253Apersonal%253A%253Ahome%7C1486589193535%3B%20gpv_events%3Dno%2520value%7C1486589193536%3B; s_sess=%20s_ppv%3D39%3B%20s_cc%3Dtrue%3B%20v31%3Dmain%253Amktg%253Apersonal%253A%253Ahome%3B%20s_sq%3D%3B
Cache-Control
no-cache
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Type
image/png
Date
Wed, 08 Feb 2017 20:56:32 GMT
Last-Modified
Mon, 08 Sep 2014 22:38:58 GMT
Server
Zeus/4.3
Accept-Ranges
bytes
Content-Length
3972
midOpt.swf
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/midOpt.swf
Protocol
HTTP/1.1
Server
64.26.174.92 , Canada, ASN7788 (MAGMA-COMM - Magma Communications Ltd., CA),
Reverse DNS
vws2.magma.ca
Software
Zeus/4.3 /
Resource Hash
0ccb75f987d5cd3ae4aa52bac7875c2977a44f5851258c466c73bfb209cb47ce

Request headers

Pragma
no-cache
Host
ciirdf.ca
Accept-Language
en-US,en;q=0.8
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Connection
keep-alive
Cache-Control
no-cache
Accept-Encoding
gzip, deflate, sdch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
X-Requested-With
ShockwaveFlash/24.0.0.194
X-Requested-With
ShockwaveFlash/24.0.0.194
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Wed, 08 Feb 2017 20:56:33 GMT
Last-Modified
Mon, 22 Sep 2014 16:08:48 GMT
Server
Zeus/4.3
Accept-Ranges
bytes
Content-Length
3455
Content-Type
application/x-shockwave-flash
midOpt.swf
www.paypalobjects.com/en_US/m/ 		335 B
335 B 		Other
General
Check archive.org
Download Go to
Full URL
http://www.paypalobjects.com/en_US/m/midOpt.swf
Protocol
HTTP/1.1
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
1ad0d534c724af7e45da87aab5ed45f8ed68027751ad7e3c773bd947e45e776c

Request headers

Cache-Control
no-cache
Host
www.paypalobjects.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
X-Requested-With
ShockwaveFlash/24.0.0.194
Connection
keep-alive
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Accept-Language
en-US,en;q=0.8
Accept
*/*
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
X-Requested-With
ShockwaveFlash/24.0.0.194

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
335
Expires
Wed, 08 Feb 2017 20:56:33 GMT
Pragma
no-cache
Date
Wed, 08 Feb 2017 20:56:33 GMT
Server
Apache
Content-Type
text/html; charset=iso-8859-1
favicon.ico
ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/ 		5 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/files/favicon.ico
Protocol
HTTP/1.1
Server
64.26.174.92 , Canada, ASN7788 (MAGMA-COMM - Magma Communications Ltd., CA),
Reverse DNS
vws2.magma.ca
Software
Zeus/4.3 /
Resource Hash
1690c4e20869c3763b7fc111e2f94035b0a7ee830311dd680ac91421daad3667

Request headers

Host
ciirdf.ca
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Cache-Control
no-cache
Accept-Encoding
gzip, deflate, sdch
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
Connection
keep-alive
Pragma
no-cache
Referer
http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Last-Modified
Mon, 08 Sep 2014 22:35:12 GMT
Server
Zeus/4.3
Accept-Ranges
bytes
Content-Length
5430
Content-Type
image/x-icon
Date
Wed, 08 Feb 2017 20:56:33 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53389718-2&cid=1611876988.1486587390&jid=904342247&_v=j46&z=378562424
Domain
paypal.d1.sc.omtrdc.net
URL
http://paypal.d1.sc.omtrdc.net/b/ss/paypalglobal/1/H.25.3/s67478430706757?AQB=1&ndh=1&t=8%2F1%2F2017%2020%3A56%3A33%203%200&fid=0F6676FE406C6FC9-032B1AC478486C2F&vmt=51437A79&vmf=paypal.112.2o7.net&ce=UTF-8&ns=paypal&pageName=main%3Amktg%3Apersonal%3A%3Ahome&g=http%3A%2F%2Fciirdf.ca%2Fthankyou%2Fpaypal.ca%2Fwebapps%2Fmpp-home%2FAuthentification.verified-moi-information.ca%2Finformation-compte-demande.ca%2F&cc=USD&ch=mktg&server=main&c1=home.dust&c7=none&v7=none%3Anone%3Anone&c8=none&c9=none&c17=PayPal%3A%20Achetez%2C%20envoyez%20de%20l%27argent%20et%20acceptez%20les%20paiements&c19=main%3Amktg%3Apersonal%3A%3Ahome&v19=D%3Dc7&c20=Unknown&c25=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&v25=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&c28=Unknown&c30=fr&c31=personal&v31=main%3Amktg%3Apersonal%3A%3Ahome&c35=out&c36=ciirdf.ca%2Fthankyou%2Fpaypal.ca%2Fwebapps%2Fmpp-home%2FAuthentification.verified-moi-information.ca%2Finformation-compte-demande.ca&c39=D%3DpageName&c40=3d5ab1dfaa922&c47=D%3DpageName&c50=fr_fr&c53=h.25.3%7C01.17.2013&c71=Nodejs&c72=UTF-8&h1=main_mktg_personal_&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1598&bh=1132&p=Chrome%20PDF%20Viewer%3BShockwave%20Flash%3BWidevine%20Content%20Decryption%20Module%3BNative%20Client%3B&AQE=1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
.ciirdf.ca/ Name: s_sess
Value: %20s_ppv%3D39%3B%20s_cc%3Dtrue%3B%20v31%3Dmain%253Amktg%253Apersonal%253A%253Ahome%3B%20s_sq%3D%3B
.ciirdf.ca/ Name: s_pers
Value: %20s_fid%3D0F6676FE406C6FC9-032B1AC478486C2F%7C1549659393532%3B%20gpv_c43%3Dmain%253Amktg%253Apersonal%253A%253Ahome%7C1486589193534%3B%20tr_p1%3Dmain%253Amktg%253Apersonal%253A%253Ahome%7C1486589193535%3B%20gpv_events%3Dno%2520value%7C1486589193536%3B

1 Console Messages

Source Level URL
Text
console-api log URL: http://ciirdf.ca/thankyou/paypal.ca/webapps/mpp-home/Authentification.verified-moi-information.ca/information-compte-demande.ca/(Line 848)
Message:
Other

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ciirdf.ca
paypal.d1.sc.omtrdc.net
t.paypal.com
www.google-analytics.com
www.google.com
www.paypalobjects.com
paypal.d1.sc.omtrdc.net
www.google.com
2a00:1450:400e:805::200e
64.26.174.92
95.101.242.48
95.101.242.51
03e10e46f0fae29dc24f4cb322a78a321b0e53195269d78f627d78193332b8f2
0893a0c42b636e0c1ae17b78325011c54267b003902430314d33d178ff3a0620
0ccb75f987d5cd3ae4aa52bac7875c2977a44f5851258c466c73bfb209cb47ce
1690c4e20869c3763b7fc111e2f94035b0a7ee830311dd680ac91421daad3667
1ad0d534c724af7e45da87aab5ed45f8ed68027751ad7e3c773bd947e45e776c
1ba6e28987701d51cbbe89271833bb00d4049978ecfe399b98bab5b4019879c1
3b76dc63be619f59219bf3cb6d1efe76c5d7759f8fe34a251b604df99a29d096
3e5e7ada07b81c61389cce569f5e54c9dec0fccf9fec0f7b25f5947bac1ecbcc
40a50eff9416a012b8332cd3fbf98f850d845704497350bf06e7bde141174fa0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
54bd5c318bbe7054546c25210272518082a2ae7edfb77645b2003f0270221cf4
5680450e332b59731870c82f644abce99ffe9edfa3d8096648d7bf1e04f23584
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
74f4fc2a3fd6f901662374ee82a447226523e3e2e2701bb39910c7b4e907c105
7c65abf1ec01c147983415383b760b2ead09552e3cdd7cfaf985a8a25907b651
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
91a4ad2cb6333a7d8799e1fe241004d2726959c26facc98aa15a6cf617e0e609
94ffc263295036858354cea9af2d7f0e45e1a030e781edd1655727c4b0eb226c
98581bf58e5c202c1742212bb1351053431567fc3da31a0ee29f4f4826bb5214
98ecaad59fce14516bd1c79d6361e1f798a6cf3d077b68b5807adc153c5fb389
994cecff0e6c4728f23d55b697d65e23dfea6d902ba8386400fa241989215b08
9bbf1ce51d9751054757ff383e410a379a4b1ee26527334f4add83fbfba1d36c
9e208d404c81e5fc7170c13b8564b1368100d668b2071b16ee14600d08519ac4
aee6175c60943c60a98f3f8522f6e864cb5bd8175b25c90ce40bbab5574bdf8f
b3087c485bf57fe2873693d950ec3d7bba1b35ddee8ab85ffa47d4ec39a70ff9
b935814d911d2dc8a7abfedc4e31f9cda4c2f21821107ca66b3ca23801dae353
bb230994469278cbe80e0336a575209516879ad6a5e8cc9233956e71747de578
d0cedbc32feda8a7d49d8001322349facde45156b6d9ec572ca2b15444b3c110
e3c743b9295adde3148e2295d616cfba622401545a4d09f1ee6ed91a8723e5b9
eb6f838f26f4f83874589d12375be105b093a117619ee7be32c536874fa16062