Overview

URL muserve.tk/
IP104.18.35.214
ASNAS13335 CloudFlare, Inc.
Location United States
Report completed2018-11-09 15:01:24 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2018-11-09 15:00:29 CET 2 Client IP  104.18.35.214 ET POLICY HTTP Request to a *.tk domain


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-11-09 2 muserve.tk/ Phishing
2018-11-09 2 muserve.tk/ Phishing
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 2 reports on IP: 104.18.35.214

Date UQ / IDS / BL URL IP
2018-09-07 14:09:13 +0200
0 - 1 - 0 dxdo.com/files/love-wins-34103.swf 104.18.35.214
2017-12-22 19:03:31 +0100
0 - 0 - 0 motivating.com-us3-pad1.new-year-special-gift (...) 104.18.35.214

Last 10 reports on ASN: AS13335 CloudFlare, Inc.

Date UQ / IDS / BL URL IP
2019-01-17 23:01:04 +0100
0 - 0 - 1 adfortuny.date/ 104.24.122.34
2019-01-17 23:00:12 +0100
0 - 0 - 2 https://720p-izle.com/izle/dublaj/avatar.html 104.31.64.52
2019-01-17 22:59:58 +0100
0 - 0 - 2 https://www.ilkfullfilmizle.org/avatar-720p-t (...) 104.28.24.47
2019-01-17 22:59:10 +0100
0 - 0 - 1 123moviesfull.me/ 104.27.175.20
2019-01-17 22:56:18 +0100
0 - 0 - 1 https://adjuegos.club/ 104.28.28.77
2019-01-17 22:49:16 +0100
0 - 1 - 1 lp.gowindtokopedia.pw/ 104.18.48.134
2019-01-17 22:48:03 +0100
0 - 1 - 0 lp.ucbrowser.pw/ 104.31.85.86
2019-01-17 22:46:21 +0100
2 - 0 - 37 allpornvideos.net/kerry-martin-kerrys-opener- (...) 104.27.162.66
2019-01-17 22:46:08 +0100
0 - 0 - 1 androidunderground.info/2465-easy-anal-dildo.php 104.28.21.127
2019-01-17 22:45:57 +0100
0 - 0 - 1 https://www.dpstream.net/anime-4506-boruto-na (...) 104.27.137.25

No other reports on domain: muserve.tk



JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (6)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: muserve.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.18.35.214
HTTP/1.1 301 Moved Permanently
                                        
Date: Fri, 09 Nov 2018 14:00:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 09 Nov 2018 15:00:29 GMT
Location: https://muserve.tk/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4770ce4ee5ab42b5-OSL


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Phishing
  IDS:
    - ET POLICY HTTP Request to a *.tk domain
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=142176
Date: Fri, 09 Nov 2018 14:00:31 GMT
Etag: "5be51b5f-116"
Expires: Sun, 11 Nov 2018 05:30:07 GMT
Last-Modified: Fri, 09 Nov 2018 05:30:07 GMT
Server: nginx
Content-Length: 278


--- Additional Info ---
Magic:  data
Size:   278
Md5:    02920085c375e283089cbf87b1cb4da6
Sha1:   4732765640a2ba9644ebdb5e19ab204fabb06ab6
Sha256: d380e784aace748d85b010e0a4b3c56528bdae386830f396df80a8bf12b5b21b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=155312
Date: Fri, 09 Nov 2018 14:00:31 GMT
Etag: "5be5307e-1d7"
Expires: Sun, 11 Nov 2018 09:09:03 GMT
Last-Modified: Fri, 09 Nov 2018 07:00:14 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    c1024dddaedf3f8ad00eec17c066f8b9
Sha1:   ba6fe4c24af505ff6b49a576d5ab9f302cb824bf
Sha256: fe6cc2dc1dccd6485c2f0b72bda1f5010f0eb9a82b2548883a333425f9e64c41
                                        
                                            GET / HTTP/1.1 
Host: muserve.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.18.35.214
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 09 Nov 2018 14:00:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d080f48eeeffe56a58704b0d70a25da6d1541772031; expires=Sat, 09-Nov-19 14:00:31 GMT; path=/; domain=.muserve.tk; HttpOnly; Secure
Last-Modified: Mon, 05 Nov 2018 19:59:53 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 4770ce5e6954429d-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   100
Md5:    854879e327a8ebe0a5c546fe00309529
Sha1:   4598b73038a217b4130830a724976103698a73eb
Sha256: b70d908a9a7e9710f1cdc9002a3e5886f4ddc6ac10de6c9a8400484df769f1f2

Alerts:
  Blacklists:
    - fortinet: Phishing
  IDS:
    - ET POLICY HTTP Request to a *.tk domain
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: muserve.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=d080f48eeeffe56a58704b0d70a25da6d1541772031

                                         
                                         104.18.35.214
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 09 Nov 2018 14:00:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: HIT
Expires: Fri, 09 Nov 2018 18:00:34 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4770ce71ec34428b-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   182
Md5:    e26918a572d6566f76fa74f901c866cb
Sha1:   a5dcfbfb5b613f5c482a27f230d771d5d4e22d29
Sha256: ac2206af41d4c590352b689e8c4a82a77fe82a1f27df3298b9fab1dd6572a5db
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: muserve.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=d080f48eeeffe56a58704b0d70a25da6d1541772031

                                         
                                         104.18.35.214
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 09 Nov 2018 14:00:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: MISS
Expires: Fri, 09 Nov 2018 18:00:31 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4770ce5f2a02429d-OSL
Content-Encoding: gzip


--- Additional Info ---