Overview

URL microsofthelp-line.club/
IP148.66.136.189
ASN
Location United States
Report completed2017-09-14 22:03:35 CEST
StatusLoading report..
urlQuery Alerts Scam / Cryptowall detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 148.66.136.189

Date UQ / IDS / BL URL IP
2018-11-08 21:27:04 +0100
0 - 0 - 0 netflix1.foxstream.site 148.66.136.189
2018-11-08 21:03:56 +0100
0 - 0 - 0 netflix1.foxstream.site/tv/1416-15-6/greys-an (...) 148.66.136.189
2018-05-21 10:03:54 +0200
0 - 0 - 136 naukarilo.com 148.66.136.189
2018-02-17 16:17:07 +0100
0 - 0 - 6 pelli.co.in/ 148.66.136.189
2018-02-12 23:38:28 +0100
0 - 0 - 1 www.ayurvethydroponics.com/ 148.66.136.189
2018-01-09 11:51:52 +0100
0 - 0 - 2 episode-black-clover.com/black-clover-episode (...) 148.66.136.189
2017-09-15 06:44:35 +0200
1 - 0 - 0 shopatlowprice.online/ 148.66.136.189
2017-09-15 02:12:17 +0200
1 - 0 - 0 shopatlowprice.online/ 148.66.136.189
2017-09-12 22:51:27 +0200
0 - 0 - 1 redsglobal.net/deek/index.php 148.66.136.189
2017-09-12 00:54:35 +0200
0 - 0 - 1 redsglobal.net/deek/index.php 148.66.136.189

Last 10 reports on ASN:

Date UQ / IDS / BL URL IP
2018-11-15 01:26:21 +0100
0 - 1 - 0 yalla-shoot.com/ 172.64.97.20
2018-11-15 01:22:27 +0100
0 - 0 - 2 advert-service.info/video-movie-black-guy-tal (...) 185.162.9.62
2018-11-15 01:21:44 +0100
0 - 0 - 5 dig.coinup.org/nl/ 52.178.105.179
2018-11-15 01:21:11 +0100
0 - 0 - 0 www.lsb.edu.ph 162.241.252.29
2018-11-15 01:21:09 +0100
0 - 1 - 0 4084t43r41uwdo.w3b36-ebd8.vqwmww.ga 167.99.2.203
2018-11-15 01:18:15 +0100
0 - 1 - 0 www2.topshape.me/lp/gbox-es/index.html?cid=57 (...) 172.64.107.27
2018-11-15 01:15:17 +0100
0 - 0 - 1 condition.geesejoin.fun/HY0BN9dae43mlYxa1Fpyr (...) 143.204.51.209
2018-11-15 01:15:05 +0100
0 - 0 - 1 https://www.tradeadexchange.com/a/display.php (...) 35.190.74.92
2018-11-15 01:14:13 +0100
0 - 0 - 1 https://folton.azurewebsites.net/doneopa.html 52.176.61.128
2018-11-15 01:10:57 +0100
0 - 0 - 1 epointsmarketing.com/._@_@@@/.@@@/cmd-login=4 (...) 108.167.172.159

No other reports on domain: microsofthelp-line.club



JavaScript

Executed Scripts (6)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 14, repeated: 4) - SHA256: f41a618af46ea66ac55526cd86dad1ed3cd7c799690557cfd4f21698afaae537

                                        1 - 844 - 326 - 3137
                                    


HTTP Transactions (19)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: microsofthelp-line.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         148.66.136.189
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 14 Sep 2017 20:03:02 GMT
Server: Apache
X-Powered-By: PHP/7.1.7
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2374
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2374
Md5:    e539b14b9d6731725d78d240dda08caf
Sha1:   1ffddb73d07f754b467b3ef61b78472f7df0a876
Sha256: f53d9f00f59201d43103c629bf52820c3fa7ade8f1e207c112187ddcbfe94e83
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 14 Sep 2017 20:03:02 GMT
Expires: Mon, 18 Sep 2017 20:03:02 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    ea7aa5b3bf45a1566a2716091b3a70ae
Sha1:   0c34b02212df4471d227095856ebc255f42a442d
Sha256: 0eb22c77b88704382d538483db83a5e96fc32178c9b0f3f62d1ca3b943c69733
                                        
                                            POST / HTTP/1.1 
Host: g.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1390
Content-Transfer-Encoding: binary
Cache-Control: max-age=364847, public, no-transform, must-revalidate
Last-Modified: Tue, 12 Sep 2017 01:23:19 GMT
Expires: Tue, 19 Sep 2017 01:23:19 GMT
Date: Thu, 14 Sep 2017 20:03:02 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1390
Md5:    775de2be162f21ece95211dfbf378ff2
Sha1:   5aa3f54491214e417e128fcc1b70119c2135565c
Sha256: 69abd56429cfa8fb3a69c040242457ab25397237c94b2f46ea2ce7b1848d55fe
                                        
                                            GET /css?family=Titillium+Web:400,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://microsofthelp-line.club/

                                         
                                         64.233.165.95
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Thu, 14 Sep 2017 20:03:03 GMT
Date: Thu, 14 Sep 2017 20:03:03 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   281
Md5:    6bcb05bb0de7d630cbc01fd3d5481385
Sha1:   711082f4e189559eb52d87993a8ca716ab344d28
Sha256: 37ea7dc7578491020efdfa77775fc201ad3fb4df67d0c73cff54da98f91452e4
                                        
                                            GET /files/style.css HTTP/1.1 
Host: microsofthelp-line.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://microsofthelp-line.club/

                                         
                                         148.66.136.189
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 14 Sep 2017 20:03:02 GMT
Server: Apache
Last-Modified: Thu, 14 Sep 2017 15:48:05 GMT
Etag: "6a004be-7ef-5592833bf3a21-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 751
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   751
Md5:    6f94e2a930507d1528ff0b87c6192642
Sha1:   de4cc6cc226f51d05dd814ffeedd60d1847e6bd2
Sha256: 81c8f5d0cdc78b2a5eb4cb056c93d0f40266173087c050a67fc7c5b9ae922692
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 14 Sep 2017 20:03:03 GMT
Expires: Mon, 18 Sep 2017 20:03:03 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    6481f06037b70acc1fa01febd8bb249f
Sha1:   8fa7b402afe7e17526a5cdf2fd67a47c543464d7
Sha256: e77176708d17b6b6b724ca5da3a9a5b35d3a2598eb6ea83d38958ec481860392
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://microsofthelp-line.club/

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Thu, 14 Sep 2017 18:50:02 GMT
Expires: Thu, 14 Sep 2017 20:50:02 GMT
Last-Modified: Tue, 12 Sep 2017 04:27:56 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 13799
Cache-Control: public, max-age=7200
Age: 4381
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   13799
Md5:    5827420884775fa5bc59382422dad59a
Sha1:   d5751bad47ec2001b05a30a1c82080b73844ffc8
Sha256: d5c5aa6307e696c9daef278433687a98c58219ba85ada7b571bee81b84c0cc53
                                        
                                            GET /files/microsoft.png HTTP/1.1 
Host: microsofthelp-line.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://microsofthelp-line.club/

                                         
                                         148.66.136.189
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 14 Sep 2017 20:03:03 GMT
Server: Apache
Last-Modified: Thu, 14 Sep 2017 15:48:05 GMT
Etag: "6a004c2-3d1-5592833bf78a1"
Accept-Ranges: bytes
Content-Length: 977
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 216 x 46, 8-bit colormap, non-interlaced
Size:   977
Md5:    ab563722ebc08ab73e4c72a3fa0d28c7
Sha1:   3e09d6b9395924dd01360bf11e8ef1e61fc2fad6
Sha256: 844a92ee435552f7f26b4ec467220c537841f8245a16bbb265975ce4b3081f36
                                        
                                            GET /css?family=Open+Sans:400,600,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://microsofthelp-line.club/files/style.css

                                         
                                         64.233.165.95
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Thu, 14 Sep 2017 20:03:03 GMT
Date: Thu, 14 Sep 2017 20:03:03 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   316
Md5:    e1258ec3bdc5f2df3637e2c7b5519dc3
Sha1:   69ab78df7bf9283e07541b951f3f27bdf808abbd
Sha256: 14a0ca3ebd8d729e853d26cf35433b004c15f3b59094e91b936dd44e366e79d3
                                        
                                            GET /files/alert.jpg HTTP/1.1 
Host: microsofthelp-line.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://microsofthelp-line.club/

                                         
                                         148.66.136.189
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 14 Sep 2017 20:03:03 GMT
Server: Apache
Last-Modified: Thu, 14 Sep 2017 15:48:05 GMT
Etag: "6a004c3-94bc-5592833bf78a1"
Accept-Ranges: bytes
Content-Length: 38076
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   38076
Md5:    5ebe2da87a0519a0bd0801d2309ea349
Sha1:   377e171bf81b583d50104da781b470dada699abf
Sha256: 149d5b58e953bb47e15e353f7cf08c151e0e40ec0e5e090fec894cf3d863d4e3
                                        
                                            GET /files/background-2.png HTTP/1.1 
Host: microsofthelp-line.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://microsofthelp-line.club/

                                         
                                         148.66.136.189
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 14 Sep 2017 20:03:03 GMT
Server: Apache
Last-Modified: Thu, 14 Sep 2017 15:48:05 GMT
Etag: "6a004bd-12689-5592833bf3639"
Accept-Ranges: bytes
Content-Length: 75401
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 2190 x 1182, 8-bit colormap, non-interlaced
Size:   75401
Md5:    0484dc3691195f977cfbde87348871b3
Sha1:   c4f3de078c46b2d2256c7b3988a2daf5347b12e0
Sha256: 24c1f8b80ecbe76a190b19501fff9df8235dca7908d6f696ff77789868c6a26c
                                        
                                            GET /r/collect?v=1&_v=j62&a=653115281&t=pageview&_s=1&dl=http%3A%2F%2Fmicrosofthelp-line.club%2F&ul=en-us&de=UTF-8&dt=Microsoft%20Official%20Support&sd=24-bit&sr=1176x885&vp=1176x754&je=1&fl=10.0%20r45&_u=IEBAAMQAI~&jid=1785367656&gjid=800191405&cid=1222541911.1505419384&tid=UA-72605089-1&_gid=1207488861.1505419384&_r=1&z=64769454 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://microsofthelp-line.club/

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Thu, 14 Sep 2017 20:03:04 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 14 Sep 2017 20:03:04 GMT
Expires: Mon, 18 Sep 2017 20:03:04 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    2296a9308954688cc1a545804eb7114a
Sha1:   408d6127543d5fbfd77168e9296b5e3a6edd3a31
Sha256: f8325655e8e0d51dca0f759097528e3ad2fa55c4ff4fed9bb7947c86c6d7f880
                                        
                                            GET /report.php?num= HTTP/1.1 
Host: microsofthelp-line.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://microsofthelp-line.club/
Cookie: _ga=GA1.2.1222541911.1505419384; _gid=GA1.2.1207488861.1505419384; _gat=1

                                         
                                         148.66.136.189
HTTP/1.1 401 Unauthorized
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 14 Sep 2017 20:03:04 GMT
Server: Apache
X-Powered-By: PHP/7.1.7
WWW-Authenticate: Basic realm="Someone Is Trying To Steal Your Banking Details, Credit Card Details & Other Logins. Please Call Microsoft At 1-844-326-3137 Immediately To Prevent Data Loss."
refresh: 0; url=login.php
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---

Alerts:
  urlquery:
    - Scam / Cryptowall detected
                                        
                                            GET /s/titilliumweb/v5/7XUFZ5tgS-tD6QamInJTcdGU7DQ8I6RFMlK0vgclk7w.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Origin: http://microsofthelp-line.club

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 15472
Date: Mon, 04 Sep 2017 10:50:37 GMT
Expires: Tue, 04 Sep 2018 10:50:37 GMT
Last-Modified: Tue, 16 May 2017 22:23:37 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 897147
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  data
Size:   15472
Md5:    43566a877e3d590c9645b24a30959800
Sha1:   8105949c2ed9dded1213618b23869e5d03c2630b
Sha256: 042e8c763be97c477d6992c36c267c0360494b5af8e027102455424a33eff0d4
                                        
                                            GET /s/opensans/v14/k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Origin: http://microsofthelp-line.club

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 18408
Date: Wed, 06 Sep 2017 13:58:26 GMT
Expires: Thu, 06 Sep 2018 13:58:26 GMT
Last-Modified: Wed, 14 Jun 2017 16:46:23 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 713078
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  data
Size:   18408
Md5:    15aa9eb56fc3628ba270a5e1edf45284
Sha1:   b0cdb11242b86872aaa6e53ef315d571f9cdd0af
Sha256: 60c1bc05d0e5f1a20b9b92e4186534932cfb9c8d9b9a897a6f56eb155d823c77
                                        
                                            GET /s/titilliumweb/v5/anMUvcNT0H1YN4FII8wpr0bathaSTBR2c4i13_wzlb0.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Origin: http://microsofthelp-line.club

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 14684
Date: Mon, 04 Sep 2017 15:57:19 GMT
Expires: Tue, 04 Sep 2018 15:57:19 GMT
Last-Modified: Tue, 16 May 2017 22:22:37 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 878745
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  data
Size:   14684
Md5:    9177a47d3375190a49c812a8e1c4a9f0
Sha1:   8f6dbb26e93dd1408d61be5fae12932666b5d6f3
Sha256: e51c1873e7ae0db17602a86fa7ffa63992ff78cd2926a2cf3a448334cd94aadd
                                        
                                            GET /s/opensans/v14/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Origin: http://microsofthelp-line.club

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 17640
Date: Thu, 14 Sep 2017 17:44:56 GMT
Expires: Fri, 14 Sep 2018 17:44:56 GMT
Last-Modified: Wed, 14 Jun 2017 16:46:30 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 8288
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  data
Size:   17640
Md5:    e447d08f4d164f3995e7c5090a735332
Sha1:   affe866d1f2c13b1a91772c652392838f98e43ad
Sha256: 3fdc38539d2762cd1293e2822c97fa7972a89e3096c7b1163877344021d8fbf9
                                        
                                            GET /s/opensans/v14/MTP_ySUJH_bn48VBG8sNSnhCUOGz7vYGh680lGh-uXM.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Origin: http://microsofthelp-line.club

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 18232
Date: Wed, 13 Sep 2017 14:56:54 GMT
Expires: Thu, 13 Sep 2018 14:56:54 GMT
Last-Modified: Wed, 14 Jun 2017 16:46:35 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 104770
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  data
Size:   18232
Md5:    bc53f23f7d5dd1a5934ef4b68d7e675d
Sha1:   c3a13ed878f1bd756ac420f1dc1c5142c95273f7
Sha256: 9b967e752d4df93fd2bf19158ba059eca1a79cd8a12e0c17bfac980fac2f13d5