Overview

URL vv.vs-fr13478.level-cloud.com/
IP62.75.242.81
ASNAS8972 PlusServer AG
Location Germany
Report completed2019-04-22 22:08:52 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-04-22 2 vv.vs-fr13478.level-cloud.com/ Phishing
2019-04-22 2 vv.vs-fr13478.level-cloud.com/media/system/js/core.js Phishing
2019-04-22 2 vv.vs-fr13478.level-cloud.com/media/jui/js/jquery-noconflict.js Phishing
2019-04-22 2 vv.vs-fr13478.level-cloud.com/media/jui/js/jquery-migrate.min.js Phishing
2019-04-22 2 vv.vs-fr13478.level-cloud.com/media/system/js/caption.js Phishing
2019-04-22 2 vv.vs-fr13478.level-cloud.com/media/system/js/mootools-core.js Phishing
2019-04-22 2 vv.vs-fr13478.level-cloud.com/media/jui/js/jquery.min.js Phishing
2019-04-22 2 vv.vs-fr13478.level-cloud.com/media/system/js/html5fallback.js Phishing
2019-04-22 2 vv.vs-fr13478.level-cloud.com/media/jui/js/bootstrap.min.js Phishing
2019-04-22 2 vv.vs-fr13478.level-cloud.com/templates/protostar/js/template.js?a645b4baf9 (...) Phishing
2019-04-22 2 vv.vs-fr13478.level-cloud.com/templates/protostar/css/template.css?a645b4ba (...) Phishing
2019-04-22 2 vv.vs-fr13478.level-cloud.com/media/jui/fonts/IcoMoon.woff Phishing
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 62.75.242.81

Date UQ / IDS / BL URL IP
2019-04-25 12:09:05 +0200
0 - 0 - 12 vv.vs-fr13478.level-cloud.com/ 62.75.242.81
2019-04-24 23:08:36 +0200
0 - 0 - 13 vs-fr13478.level-cloud.com/ 62.75.242.81
2019-04-24 18:08:35 +0200
0 - 0 - 13 vs-fr13478.level-cloud.com/ 62.75.242.81
2019-04-24 04:08:32 +0200
0 - 0 - 13 vs-fr13478.level-cloud.com/ 62.75.242.81
2019-04-24 00:08:30 +0200
0 - 0 - 13 vs-fr13478.level-cloud.com/ 62.75.242.81
2019-04-23 14:08:55 +0200
0 - 0 - 12 vv.vs-fr13478.level-cloud.com/ 62.75.242.81
2019-04-23 10:08:37 +0200
0 - 0 - 13 vs-fr13478.level-cloud.com/ 62.75.242.81
2019-04-22 12:09:03 +0200
0 - 0 - 12 vv.vs-fr13478.level-cloud.com/ 62.75.242.81
2019-04-20 09:08:41 +0200
0 - 0 - 13 vs-fr13478.level-cloud.com/ 62.75.242.81
2019-04-18 00:08:40 +0200
0 - 0 - 13 vs-fr13478.level-cloud.com/ 62.75.242.81

Last 10 reports on ASN: AS8972 PlusServer AG

Date UQ / IDS / BL URL IP
2019-07-01 11:37:28 +0200
0 - 0 - 0 luckylife2019.online/?u=4xfkaeg&o=8mrpkza&t=wp 62.75.230.116
2019-06-30 01:22:41 +0200
0 - 0 - 0 dates-one.com 85.25.208.132
2019-06-30 01:15:39 +0200
0 - 0 - 0 winyoursuperbonus1.com 85.25.107.72
2019-06-30 01:13:48 +0200
0 - 1 - 0 talonserinme.icu/?u=h2xkd0x&o=lxkgnum&t=48 85.25.252.199
2019-06-30 00:36:05 +0200
0 - 1 - 0 talonserinme.icu 85.25.252.199
2019-06-27 13:08:39 +0200
0 - 0 - 0 talonserinme.icu/?u=h2xkd0x&o=lxkgnum&t=320 85.25.252.199
2019-06-27 09:13:06 +0200
0 - 0 - 0 https://www.altstipendiaten.de/wp-content/upl (...) 188.138.106.73
2019-06-27 05:45:27 +0200
0 - 0 - 0 winyoursuperbonus1.com/?u=d29pte4&o=vx1wemd&m (...) 85.25.107.72
2019-06-26 14:42:44 +0200
0 - 0 - 0 85.25.159.200 85.25.159.200
2019-06-25 02:51:13 +0200
0 - 1 - 0 talonserinme.icu/ 85.25.252.199

No other reports on domain: level-cloud.com



JavaScript

Executed Scripts (10)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (16)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: vv.vs-fr13478.level-cloud.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         62.75.242.81
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Mon, 22 Apr 2019 20:08:19 GMT
Content-Length: 3082
Connection: keep-alive
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: c2ec3d3b8fc19e7e6e5e9cd9f1b48b9b=03f8nn15rtvijc5sbqacouln40; path=/; HttpOnly
Last-Modified: Mon, 22 Apr 2019 20:08:19 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin, PleskLin


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3082
Md5:    e2172c63915e04cd1a8ca00039d20a09
Sha1:   f10c1252ee46c566afee35b1cb3203116b7c85fc
Sha256: 2004967f4f250a447cb68c1f8129f35f7a353f1997c35a759f87792eb96a257f

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /css?family=Open+Sans HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://vv.vs-fr13478.level-cloud.com/

                                         
                                         216.58.211.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Mon, 22 Apr 2019 20:08:19 GMT
Date: Mon, 22 Apr 2019 20:08:19 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   199
Md5:    ce0821de30dbc15f57743c2ca73611d1
Sha1:   c856ee8575e918b606519ba6cb57b2df29bf5e6b
Sha256: 8cf87f6c63a6ff5fff4a412608222765a682e4d3b9d958ea2bfb662eb2c2392d
                                        
                                            GET /media/system/js/core.js HTTP/1.1 
Host: vv.vs-fr13478.level-cloud.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://vv.vs-fr13478.level-cloud.com/
Cookie: c2ec3d3b8fc19e7e6e5e9cd9f1b48b9b=03f8nn15rtvijc5sbqacouln40

                                         
                                         62.75.242.81
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 22 Apr 2019 20:08:19 GMT
Content-Length: 5699
Last-Modified: Fri, 23 Dec 2016 02:46:12 GMT
Connection: keep-alive
Etag: "585c8ff4-1643"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  UTF-8 Unicode English text, with very long lines, with no line terminators
Size:   5699
Md5:    8decc0cb86ff4206b9b9a2c40506cce2
Sha1:   32e2e31e13f68c6a42b0e048395e52181b2c96bf
Sha256: 35d501087fa40cde8559fda5f51e210e9b2c26d97668d94c74af1bb88f8d27a4

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /media/jui/js/jquery-noconflict.js HTTP/1.1 
Host: vv.vs-fr13478.level-cloud.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://vv.vs-fr13478.level-cloud.com/
Cookie: c2ec3d3b8fc19e7e6e5e9cd9f1b48b9b=03f8nn15rtvijc5sbqacouln40

                                         
                                         62.75.242.81
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 22 Apr 2019 20:08:19 GMT
Content-Length: 21
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 23 Dec 2016 02:46:12 GMT
Etag: "15-5444a638ce500"
Accept-Ranges: bytes
X-Powered-By: PleskLin, PleskLin


--- Additional Info ---
Magic:  ASCII text
Size:   21
Md5:    e2060c4e5e5955c824723b13a212d3ec
Sha1:   18420ce484978f8ba3d7371febf1638828bb7a67
Sha256: 5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /templates/protostar/favicon.ico HTTP/1.1 
Host: vv.vs-fr13478.level-cloud.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: c2ec3d3b8fc19e7e6e5e9cd9f1b48b9b=03f8nn15rtvijc5sbqacouln40

                                         
                                         62.75.242.81
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Server: nginx
Date: Mon, 22 Apr 2019 20:08:19 GMT
Content-Length: 13430
Last-Modified: Thu, 25 Sep 2014 08:52:54 GMT
Connection: keep-alive
Etag: "5423d7e6-3476"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 2 icons, 48x48, 256-colors
Size:   13430
Md5:    177ab590203121daf8fd2a8755ea5902
Sha1:   a3e42c8562d89986c686b28ac941c1addf3c02a5
Sha256: b4243b305bab6cd8bb9a2168976f75ce3070692c1d52b06d1ad3911dd692fcb2
                                        
                                            GET /media/jui/js/jquery-migrate.min.js HTTP/1.1 
Host: vv.vs-fr13478.level-cloud.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://vv.vs-fr13478.level-cloud.com/
Cookie: c2ec3d3b8fc19e7e6e5e9cd9f1b48b9b=03f8nn15rtvijc5sbqacouln40

                                         
                                         62.75.242.81
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 22 Apr 2019 20:08:19 GMT
Content-Length: 10056
Last-Modified: Fri, 23 Dec 2016 02:46:12 GMT
Connection: keep-alive
Etag: "585c8ff4-2748"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII English text, with very long lines
Size:   10056
Md5:    7121994eec5320fbe6586463bf9651c2
Sha1:   90532aff6d4121954254cdf04994d834f7ec169b
Sha256: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /media/system/js/caption.js HTTP/1.1 
Host: vv.vs-fr13478.level-cloud.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://vv.vs-fr13478.level-cloud.com/
Cookie: c2ec3d3b8fc19e7e6e5e9cd9f1b48b9b=03f8nn15rtvijc5sbqacouln40

                                         
                                         62.75.242.81
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 22 Apr 2019 20:08:19 GMT
Content-Length: 336
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 23 Dec 2016 02:46:12 GMT
Etag: "1eb-5444a638ce500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin, PleskLin


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   336
Md5:    6d37e4491c806fe1280ea6af868c307c
Sha1:   76bd49025156b7c2507189bb48cc83142e8177dd
Sha256: fcdc70db37bd7884b1b94358f4849eb7e6a88bcafe82c93df635913ae03039cb

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /media/system/js/mootools-core.js HTTP/1.1 
Host: vv.vs-fr13478.level-cloud.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://vv.vs-fr13478.level-cloud.com/
Cookie: c2ec3d3b8fc19e7e6e5e9cd9f1b48b9b=03f8nn15rtvijc5sbqacouln40

                                         
                                         62.75.242.81
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 22 Apr 2019 20:08:19 GMT
Content-Length: 83893
Last-Modified: Fri, 23 Dec 2016 02:46:12 GMT
Connection: keep-alive
Etag: "585c8ff4-147b5"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII English text, with very long lines
Size:   83893
Md5:    dae9bedb881e4fa30a39d88aae444a0d
Sha1:   c7b66b70133c005c8283f3e1843db92769f71d38
Sha256: b0fc8a4f81d13b1f3bc1843a6f2d43f46e5c9128837096b8d53f2360b8daec18

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /media/jui/js/jquery.min.js HTTP/1.1 
Host: vv.vs-fr13478.level-cloud.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://vv.vs-fr13478.level-cloud.com/
Cookie: c2ec3d3b8fc19e7e6e5e9cd9f1b48b9b=03f8nn15rtvijc5sbqacouln40

                                         
                                         62.75.242.81
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 22 Apr 2019 20:08:19 GMT
Content-Length: 97163
Last-Modified: Fri, 23 Dec 2016 02:46:12 GMT
Connection: keep-alive
Etag: "585c8ff4-17b8b"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   97163
Md5:    4f252523d4af0b478c810c2547a63e19
Sha1:   5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
Sha256: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /media/system/js/html5fallback.js HTTP/1.1 
Host: vv.vs-fr13478.level-cloud.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://vv.vs-fr13478.level-cloud.com/
Cookie: c2ec3d3b8fc19e7e6e5e9cd9f1b48b9b=03f8nn15rtvijc5sbqacouln40

                                         
                                         62.75.242.81
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 22 Apr 2019 20:08:19 GMT
Content-Length: 6528
Last-Modified: Fri, 23 Dec 2016 02:46:12 GMT
Connection: keep-alive
Etag: "585c8ff4-1980"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  UTF-8 Unicode text, with very long lines, with no line terminators
Size:   6528
Md5:    6e64c1cba3f5e39eda10cca48fb8499c
Sha1:   3c5911a0798acb3e1ddd44dd35dbe8aad3d96f0d
Sha256: 13a17f2ba661f32d05a3e18cc6ca0719e96d81ad43cb69b8ebbd187e84ccd53a

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /media/jui/js/bootstrap.min.js HTTP/1.1 
Host: vv.vs-fr13478.level-cloud.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://vv.vs-fr13478.level-cloud.com/
Cookie: c2ec3d3b8fc19e7e6e5e9cd9f1b48b9b=03f8nn15rtvijc5sbqacouln40

                                         
                                         62.75.242.81
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 22 Apr 2019 20:08:19 GMT
Content-Length: 29161
Last-Modified: Fri, 23 Dec 2016 11:46:40 GMT
Connection: keep-alive
Etag: "585d0ea0-71e9"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines, with CRLF line terminators
Size:   29161
Md5:    a5e71141e20adf984627813c5c15cf3f
Sha1:   6db3ff5e3c553e06bd59435cf3a487614394db54
Sha256: da9de9ee6b9c2a4ffb8a870220c7995987623c61b4c2c0804eaeb07d6cd4b303

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /templates/protostar/js/template.js?a645b4baf9bfacc7fbd5ca0267ef5cda HTTP/1.1 
Host: vv.vs-fr13478.level-cloud.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://vv.vs-fr13478.level-cloud.com/
Cookie: c2ec3d3b8fc19e7e6e5e9cd9f1b48b9b=03f8nn15rtvijc5sbqacouln40

                                         
                                         62.75.242.81
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 22 Apr 2019 20:08:19 GMT
Content-Length: 1783
Last-Modified: Fri, 23 Dec 2016 02:46:12 GMT
Connection: keep-alive
Etag: "585c8ff4-6f7"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   1783
Md5:    40ccaec242cd403551f829bade73dd5d
Sha1:   9b0ab5b1771cc6a6a60d7c762077779171a52e2b
Sha256: 2d683828bf726277b2c6e0ea5629c75097836f3fe4a62537bd7c80d99f4f08b0

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /templates/protostar/css/template.css?a645b4baf9bfacc7fbd5ca0267ef5cda HTTP/1.1 
Host: vv.vs-fr13478.level-cloud.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://vv.vs-fr13478.level-cloud.com/
Cookie: c2ec3d3b8fc19e7e6e5e9cd9f1b48b9b=03f8nn15rtvijc5sbqacouln40

                                         
                                         62.75.242.81
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Mon, 22 Apr 2019 20:08:19 GMT
Content-Length: 170075
Last-Modified: Fri, 23 Dec 2016 12:47:34 GMT
Connection: keep-alive
Etag: "585d1ce6-2985b"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   170075
Md5:    6f9f7642c262ad7fa67dae5083b15d81
Sha1:   2ff69463dda53ae10e68e6597ef286506e63155f
Sha256: 89128c1ca5f1d1f90be8edd04f3332e727a0790e68ac308ba0e94f779acc3a2d

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /images/headers/blue-flower.jpg HTTP/1.1 
Host: vv.vs-fr13478.level-cloud.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://vv.vs-fr13478.level-cloud.com/
Cookie: c2ec3d3b8fc19e7e6e5e9cd9f1b48b9b=03f8nn15rtvijc5sbqacouln40

                                         
                                         62.75.242.81
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 22 Apr 2019 20:08:19 GMT
Content-Length: 37020
Last-Modified: Fri, 23 Dec 2016 02:46:12 GMT
Connection: keep-alive
Etag: "585c8ff4-909c"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   37020
Md5:    0c304f7a60d02e61ad54445899e13675
Sha1:   900f6fea706b7b7a11e80878fb535325fdc3eb34
Sha256: 784ca8df1acefa81f847938c71971e54b90c58856b42528f97b1fdb95b6a0974
                                        
                                            GET /s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0d.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fonts.googleapis.com/css?family=Open+Sans
Origin: http://vv.vs-fr13478.level-cloud.com

                                         
                                         172.217.21.163
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 18100
Date: Fri, 19 Apr 2019 15:26:30 GMT
Expires: Sat, 18 Apr 2020 15:26:30 GMT
Last-Modified: Mon, 25 Mar 2019 20:11:28 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 276110


--- Additional Info ---
Magic:  data
Size:   18100
Md5:    de0869e324680c99efa1250515b4b41c
Sha1:   8033a128504f11145ea791e481e3cf79dcd290e2
Sha256: 81f0ec27796225ea29f9f1c7b74f083edcd7bc97a09d5fc4e8d03c0134e62445
                                        
                                            GET /media/jui/fonts/IcoMoon.woff HTTP/1.1 
Host: vv.vs-fr13478.level-cloud.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://vv.vs-fr13478.level-cloud.com/templates/protostar/css/template.css?a645b4baf9bfacc7fbd5ca0267ef5cda
Cookie: c2ec3d3b8fc19e7e6e5e9cd9f1b48b9b=03f8nn15rtvijc5sbqacouln40

                                         
                                         62.75.242.81
HTTP/1.1 200 OK
Content-Type: application/x-font-woff
                                        
Server: nginx
Date: Mon, 22 Apr 2019 20:08:20 GMT
Content-Length: 25424
Last-Modified: Fri, 23 Dec 2016 02:46:12 GMT
Connection: keep-alive
Etag: "585c8ff4-6350"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  data
Size:   25424
Md5:    910a8fd387e6c5ac62dbe014dc131960
Sha1:   78d797741e92a0fb3094ad076dfd0ae8f1c36713
Sha256: 6d362fa22342a2d22cbe8d4472d2d11a8d0864310ee2e8e48ede3148465a609d

Alerts:
  Blacklists:
    - fortinet: Phishing