Overview

URL muserve.tk/
IP104.18.35.214
ASNAS13335 CloudFlare, Inc.
Location United States
Report completed2018-11-09 15:01:24 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2018-11-09 15:00:29 CET 2 Client IP  104.18.35.214 ET POLICY HTTP Request to a *.tk domain


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-11-09 2 muserve.tk/ Phishing
2018-11-09 2 muserve.tk/ Phishing
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 2 reports on IP: 104.18.35.214

Date UQ / IDS / BL URL IP
2018-09-07 14:09:13 +0200
0 - 1 - 0 dxdo.com/files/love-wins-34103.swf 104.18.35.214
2017-12-22 19:03:31 +0100
0 - 0 - 0 motivating.com-us3-pad1.new-year-special-gift (...) 104.18.35.214

Last 10 reports on ASN: AS13335 CloudFlare, Inc.

Date UQ / IDS / BL URL IP
2018-11-16 19:43:46 +0100
0 - 0 - 0 install.nitropdf.com 104.16.5.133
2018-11-16 19:43:14 +0100
0 - 0 - 0 https://tinyurl.com/yakgqp7j 104.20.218.42
2018-11-16 19:39:21 +0100
0 - 0 - 0 hastebin.com/ 104.24.100.6
2018-11-16 19:31:30 +0100
0 - 0 - 2 theseblogs.com/angfa 104.27.174.158
2018-11-16 19:24:56 +0100
0 - 0 - 0 dreamed.ru 104.28.25.215
2018-11-16 19:24:31 +0100
0 - 1 - 0 www.simplefreemovie.tk 104.27.145.209
2018-11-16 19:24:03 +0100
0 - 0 - 0 https://payroll-calendar.com/wp-content/uploa (...) 104.27.173.130
2018-11-16 19:23:41 +0100
0 - 0 - 3 magadownloader.com/ 104.16.92.133
2018-11-16 19:16:46 +0100
0 - 0 - 1 goneviral.com/AStQn 104.25.239.113
2018-11-16 19:15:28 +0100
0 - 2 - 0 https://matthewsxstreet.ml/0992/index.php 104.24.103.203

No other reports on domain: muserve.tk



JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (6)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: muserve.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.18.35.214
HTTP/1.1 301 Moved Permanently
                                        
Date: Fri, 09 Nov 2018 14:00:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 09 Nov 2018 15:00:29 GMT
Location: https://muserve.tk/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4770ce4ee5ab42b5-OSL


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Phishing
  IDS:
    - ET POLICY HTTP Request to a *.tk domain
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=142176
Date: Fri, 09 Nov 2018 14:00:31 GMT
Etag: "5be51b5f-116"
Expires: Sun, 11 Nov 2018 05:30:07 GMT
Last-Modified: Fri, 09 Nov 2018 05:30:07 GMT
Server: nginx
Content-Length: 278


--- Additional Info ---
Magic:  data
Size:   278
Md5:    02920085c375e283089cbf87b1cb4da6
Sha1:   4732765640a2ba9644ebdb5e19ab204fabb06ab6
Sha256: d380e784aace748d85b010e0a4b3c56528bdae386830f396df80a8bf12b5b21b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=155312
Date: Fri, 09 Nov 2018 14:00:31 GMT
Etag: "5be5307e-1d7"
Expires: Sun, 11 Nov 2018 09:09:03 GMT
Last-Modified: Fri, 09 Nov 2018 07:00:14 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    c1024dddaedf3f8ad00eec17c066f8b9
Sha1:   ba6fe4c24af505ff6b49a576d5ab9f302cb824bf
Sha256: fe6cc2dc1dccd6485c2f0b72bda1f5010f0eb9a82b2548883a333425f9e64c41
                                        
                                            GET / HTTP/1.1 
Host: muserve.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.18.35.214
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 09 Nov 2018 14:00:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d080f48eeeffe56a58704b0d70a25da6d1541772031; expires=Sat, 09-Nov-19 14:00:31 GMT; path=/; domain=.muserve.tk; HttpOnly; Secure
Last-Modified: Mon, 05 Nov 2018 19:59:53 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 4770ce5e6954429d-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   100
Md5:    854879e327a8ebe0a5c546fe00309529
Sha1:   4598b73038a217b4130830a724976103698a73eb
Sha256: b70d908a9a7e9710f1cdc9002a3e5886f4ddc6ac10de6c9a8400484df769f1f2

Alerts:
  Blacklists:
    - fortinet: Phishing
  IDS:
    - ET POLICY HTTP Request to a *.tk domain
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: muserve.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=d080f48eeeffe56a58704b0d70a25da6d1541772031

                                         
                                         104.18.35.214
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 09 Nov 2018 14:00:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: HIT
Expires: Fri, 09 Nov 2018 18:00:34 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4770ce71ec34428b-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   182
Md5:    e26918a572d6566f76fa74f901c866cb
Sha1:   a5dcfbfb5b613f5c482a27f230d771d5d4e22d29
Sha256: ac2206af41d4c590352b689e8c4a82a77fe82a1f27df3298b9fab1dd6572a5db
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: muserve.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=d080f48eeeffe56a58704b0d70a25da6d1541772031

                                         
                                         104.18.35.214
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 09 Nov 2018 14:00:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: MISS
Expires: Fri, 09 Nov 2018 18:00:31 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4770ce5f2a02429d-OSL
Content-Encoding: gzip


--- Additional Info ---