Overview

URL djkfhjkds.ml/
IP50.62.22.142
ASNAS26496 GoDaddy.com, LLC
Location United States
Report completed2018-06-14 15:04:01 CEST
StatusLoading report..
urlquery Alerts Scam / Cryptowall detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2018-06-14 15:03:29 CEST 1  50.62.22.142 Client IP ET CURRENT_EVENTS Microsoft Tech Support Phone Scam M2 Jul 07 2017
2018-06-14 15:03:28 CEST 2 Client IP  Internal IP ET INFO DNS Query for Suspicious .ml Domain


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 50.62.22.142

Date UQ / IDS / BL URL IP
2018-07-20 18:13:10 +0200
1 - 0 - 1 bfswqrt.ga/iedge/security.php 50.62.22.142
2018-07-20 18:01:43 +0200
3 - 0 - 0 bfswqrt.gq 50.62.22.142
2018-07-20 17:43:41 +0200
1 - 1 - 0 bfswqrt.ga/fir/security.php 50.62.22.142
2018-07-20 17:35:09 +0200
3 - 1 - 0 bfswqrt.ga 50.62.22.142
2018-07-20 17:31:56 +0200
3 - 0 - 0 bfswqrt.gq 50.62.22.142
2018-07-18 19:12:40 +0200
3 - 1 - 7 upsrtce.gq 50.62.22.142
2018-07-17 01:48:50 +0200
3 - 3 - 0 lksdert.ga/wm 50.62.22.142
2018-07-17 01:46:18 +0200
0 - 0 - 0 lksdert.ga 50.62.22.142
2018-07-17 01:36:55 +0200
0 - 0 - 0 50.62.22.142 50.62.22.142
2018-07-03 00:44:27 +0200
0 - 0 - 0 50.62.22.142 50.62.22.142

Last 10 reports on ASN: AS26496 GoDaddy.com, LLC

Date UQ / IDS / BL URL IP
2019-07-01 10:05:45 +0200
0 - 0 - 0 x.co/irbounce 45.40.140.1
2019-07-01 09:32:09 +0200
0 - 0 - 0 motoszinhasomares.com 107.180.41.254
2019-07-01 09:21:09 +0200
0 - 0 - 0 n3plcpnl0061.prod.ams3.secureserver.net 160.153.153.20
2019-07-01 08:33:23 +0200
0 - 0 - 0 https://letsfireurbossnow.com/hgh-x2-review/ 160.153.133.215
2019-07-01 07:25:19 +0200
0 - 0 - 0 globeofblogs.com/buttons/globe_blogs.gif 107.180.51.243
2019-07-01 05:43:50 +0200
0 - 3 - 1 www.solimpeks.in/exclusivityo.html 50.63.40.1
2019-07-01 04:10:30 +0200
0 - 0 - 0 madnessmedia.net 166.62.110.232
2019-07-01 01:43:02 +0200
0 - 0 - 0 boxpdfdocument.com 107.180.25.212
2019-07-01 00:58:53 +0200
0 - 0 - 0 bestficoservice.com 50.63.202.47
2019-06-30 21:03:36 +0200
0 - 0 - 0 https://pasteshr.com/arGwIsb6JP 160.153.128.0

Last 1 reports on domain: djkfhjkds.ml

Date UQ / IDS / BL URL IP
2018-06-13 22:37:41 +0200
5 - 1 - 0 djkfhjkds.ml 50.62.22.142


JavaScript

Executed Scripts (7)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 14, repeated: 4) - SHA256: eccdde065fa8994822cd57df49250f32f8a37abceecd6de92e38223be60115dd

                                        1 - 844 - 395 - 2420
                                    


HTTP Transactions (21)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: djkfhjkds.ml
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         50.62.22.142
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 14 Jun 2018 13:03:28 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII HTML document text, with very long lines, with CRLF line terminators
Size:   8664
Md5:    3c4d1ee0f7d107aa95a9bebb39663121
Sha1:   cb0d36512fc6ec5ea42cc00a3aa77cb58b745529
Sha256: 01d5b095ed08400539bc0bd36cce2447e81f9a172a8250cd31ed9d64b0988436

Alerts:
  urlquery:
    - Scam / Cryptowall detected
    - Scam / Cryptowall detected
  IDS:
    - ET CURRENT_EVENTS Microsoft Tech Support Phone Scam M2 Jul 07 2017
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 14 Jun 2018 13:03:29 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    cbb53456ac331c9024ed22d915cadaed
Sha1:   3d3436eb1c40296f3569ec733c8b089ed820375e
Sha256: 42e3642d08ac0a64d9217e1add958520ed286659b9ede4ae60731bb8f2b759c0
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 14 Jun 2018 13:03:29 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            GET /files/style.css HTTP/1.1 
Host: djkfhjkds.ml
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://djkfhjkds.ml/

                                         
                                         50.62.22.142
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 14 Jun 2018 13:03:29 GMT
Server: Apache
Last-Modified: Thu, 13 Jul 2017 04:03:06 GMT
Accept-Ranges: bytes
Content-Length: 2031
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   2031
Md5:    21cb643052a72a7923cfa2299f63bee0
Sha1:   9fd2fc2fde225a947b3b450ff75bc37acd8021cb
Sha256: eeff2ae25cbbea7789eb3693c9dd4426c1dc626c5ea6ba5d7ccf1f080ab7ac56
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 14 Jun 2018 13:03:29 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    41bbb86db7035066c3028a0632b9a7cb
Sha1:   4467ff58fd57b41b786255f3bd8bd83c17a7bc0c
Sha256: 286ae8e1cbef349754d1653bcc89164532f90d42281d47363765d9b00e6c5b4f
                                        
                                            GET /css?family=Titillium+Web:400,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://djkfhjkds.ml/

                                         
                                         216.58.211.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Thu, 14 Jun 2018 13:03:29 GMT
Date: Thu, 14 Jun 2018 13:03:29 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   250
Md5:    c3ce1eabdd518f51ec7bcb1cbcc89d5a
Sha1:   1a19c2ec2bca6e3fd9b44cf2dba966cfd68345fb
Sha256: d987109bac8f66e32e6209be60dc4fda469732f7f0be6ee4bfc07ccebad0df42
                                        
                                            GET /css?family=Open+Sans:400,600,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://djkfhjkds.ml/files/style.css

                                         
                                         216.58.211.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Thu, 14 Jun 2018 13:03:29 GMT
Date: Thu, 14 Jun 2018 13:03:29 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   253
Md5:    a87063fb8af2db922194022a401c37b2
Sha1:   cfbc663c284ea018130a54c59826685a35d42d37
Sha256: e505e4f4de641628b1a2fd6786187312d707851012a5b4d844ad009b080da3b0
                                        
                                            GET /gtag/js?id=UA-116176892-2 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://djkfhjkds.ml/

                                         
                                         216.58.211.8
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Access-Control-Allow-Origin: http://www.googletagmanager.com
Access-Control-Allow-Headers: Cache-Control
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Thu, 14 Jun 2018 13:03:29 GMT
Expires: Thu, 14 Jun 2018 13:03:29 GMT
Cache-Control: private, max-age=900
Server: Google Tag Manager (scaffolding)
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   24899
Md5:    d8a27fab9ade213e7949e510b8450a97
Sha1:   c41fb72beb081fef362ee99ebc1d67fc051eaa88
Sha256: 6842c1b3b4dfb0c48b4d4ec19982d7ceaeb7dc3e4951b1bf3a2f79117b668853
                                        
                                            GET /files/microsoft.png HTTP/1.1 
Host: djkfhjkds.ml
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://djkfhjkds.ml/

                                         
                                         50.62.22.142
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 14 Jun 2018 13:03:29 GMT
Server: Apache
Last-Modified: Thu, 13 Jul 2017 04:03:06 GMT
Accept-Ranges: bytes
Content-Length: 977
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 216 x 46, 8-bit colormap, non-interlaced
Size:   977
Md5:    ab563722ebc08ab73e4c72a3fa0d28c7
Sha1:   3e09d6b9395924dd01360bf11e8ef1e61fc2fad6
Sha256: 844a92ee435552f7f26b4ec467220c537841f8245a16bbb265975ce4b3081f36
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 14 Jun 2018 13:03:29 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    ec805ef1fdeb26b5fa18aba0eb728169
Sha1:   b064ec85b7270e79de9f018db991a1ed18fe28f8
Sha256: 9c4a70ec4c1d0622a04a9bfc162b284ac88c3c747a78051c45e30b75bb6a3fdf
                                        
                                            GET /files/alert.jpg HTTP/1.1 
Host: djkfhjkds.ml
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://djkfhjkds.ml/

                                         
                                         50.62.22.142
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 14 Jun 2018 13:03:29 GMT
Server: Apache
Last-Modified: Thu, 13 Jul 2017 04:03:06 GMT
Accept-Ranges: bytes
Content-Length: 38076
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   38076
Md5:    5ebe2da87a0519a0bd0801d2309ea349
Sha1:   377e171bf81b583d50104da781b470dada699abf
Sha256: 149d5b58e953bb47e15e353f7cf08c151e0e40ec0e5e090fec894cf3d863d4e3
                                        
                                            GET /report.php?num= HTTP/1.1 
Host: djkfhjkds.ml
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://djkfhjkds.ml/

                                         
                                         50.62.22.142
HTTP/1.1 401 Unauthorized
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 14 Jun 2018 13:03:29 GMT
Server: Apache
WWW-Authenticate: Basic realm="Someone Is Trying To Steal Your Banking Details, Credit Card Details & Other Logins. Please Call Microsoft At 1-844-395-2420 Immediately To Prevent Data Loss."
refresh: 0; url=login.php
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---

Alerts:
  urlquery:
    - Scam / Cryptowall detected
                                        
                                            GET /files/background-2.png HTTP/1.1 
Host: djkfhjkds.ml
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://djkfhjkds.ml/

                                         
                                         50.62.22.142
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 14 Jun 2018 13:03:29 GMT
Server: Apache
Last-Modified: Thu, 13 Jul 2017 04:03:06 GMT
Accept-Ranges: bytes
Content-Length: 75401
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 2190 x 1182, 8-bit colormap, non-interlaced
Size:   75401
Md5:    0484dc3691195f977cfbde87348871b3
Sha1:   c4f3de078c46b2d2256c7b3988a2daf5347b12e0
Sha256: 24c1f8b80ecbe76a190b19501fff9df8235dca7908d6f696ff77789868c6a26c
                                        
                                            GET /s/titilliumweb/v6/NaPecZTIAOhVxoMyOr9n_E7fdMPmCw.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Origin: http://djkfhjkds.ml

                                         
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 16416
Date: Tue, 08 May 2018 20:41:23 GMT
Expires: Wed, 08 May 2019 20:41:23 GMT
Last-Modified: Wed, 11 Oct 2017 18:27:40 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 3169327
Alt-Svc: quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  data
Size:   16416
Md5:    641b87670b606f6816aed9de136c0f92
Sha1:   996ae94bb9dfc11eb166835f517f8aa59f0c84bc
Sha256: 1071a79411e4f60a3395bd7389bd2617cb7a2bbf14cffb31224b189f70a6a1cc
                                        
                                            GET /s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0d.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Origin: http://djkfhjkds.ml

                                         
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 17704
Date: Tue, 12 Jun 2018 17:33:16 GMT
Expires: Wed, 12 Jun 2019 17:33:16 GMT
Last-Modified: Wed, 11 Oct 2017 21:49:44 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 156614
Alt-Svc: quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  data
Size:   17704
Md5:    bf2d0783515b7d75c35bde69e01b3135
Sha1:   0e92462e402c15295366d912a7b8be303d0257d8
Sha256: 054349dda27b80bb105fbc59b5973ef9889ed976aca1fbe39f77688dcff8c552
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://djkfhjkds.ml/

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Thu, 14 Jun 2018 12:58:51 GMT
Expires: Thu, 14 Jun 2018 14:58:51 GMT
Last-Modified: Fri, 18 May 2018 01:10:24 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 14386
Cache-Control: public, max-age=7200
Age: 279
Alt-Svc: quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   14386
Md5:    b3de885583a477d4e31568948d6bebd7
Sha1:   2ce8d853244dde551c41d5207d6f71c567bde8c6
Sha256: e1bb5aa555a0d875e2a67884ceaa0629e08994a8aabadc2fac5b6915793dbf75
                                        
                                            GET /s/opensans/v15/mem5YaGs126MiZpBA-UNirkOUuhv.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Origin: http://djkfhjkds.ml

                                         
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 18296
Date: Tue, 12 Jun 2018 17:33:20 GMT
Expires: Wed, 12 Jun 2019 17:33:20 GMT
Last-Modified: Wed, 11 Oct 2017 21:49:52 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 156610
Alt-Svc: quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  data
Size:   18296
Md5:    1cd5320f8937d337b61d5117cf9d7b28
Sha1:   24798ef7ac55ba93aaa033fefdb7ca4d57da44ad
Sha256: e19b28ad1aafcb23735d02cbec4e2697ebbf7d608cf47fb8f8565def01b28c2a
                                        
                                            GET /s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhv.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Origin: http://djkfhjkds.ml

                                         
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 18476
Date: Tue, 29 May 2018 23:32:49 GMT
Expires: Wed, 29 May 2019 23:32:49 GMT
Last-Modified: Wed, 11 Oct 2017 21:49:43 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 1344641
Alt-Svc: quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  data
Size:   18476
Md5:    623e3205570002af47fc2b88f9335d19
Sha1:   b5f79d1934da79c8a4ba381092dad82ffb0582cb
Sha256: 5e03e0c7668266486cab9529702019d75c219fcec2b1e82a7c11797ba9b78506
                                        
                                            GET /s/titilliumweb/v6/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzZQ.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Origin: http://djkfhjkds.ml

                                         
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 15636
Date: Tue, 05 Jun 2018 16:16:43 GMT
Expires: Wed, 05 Jun 2019 16:16:43 GMT
Last-Modified: Wed, 11 Oct 2017 18:26:19 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 766008
Alt-Svc: quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  data
Size:   15636
Md5:    f659347bbb047294ed974af44724c7ca
Sha1:   09aa2c44d816e9987295def195763b38c2dc010b
Sha256: ace94b66609ef2d37cebf5318af0c930518f018cdac9c6f78f1bcdb7a503f95f
                                        
                                            POST /j/collect?v=1&_v=j68&a=1659545113&t=pageview&_s=1&dl=http%3A%2F%2Fdjkfhjkds.ml%2F&ul=en-us&de=UTF-8&dt=Microsoft%20Official%20Support&sd=24-bit&sr=1176x885&vp=1159x754&je=1&fl=10.0%20r45&_u=IEBAAcQAAAAAAC~&jid=155756694&gjid=1089199389&cid=1586795572.1528981411&tid=UA-116176892-2&_gid=306692521.1528981411&_r=1&gtm=u64&z=1628093786 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Referer: http://djkfhjkds.ml/
Content-Length: 0
Origin: http://djkfhjkds.ml
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: text/plain
                                        
Access-Control-Allow-Origin: http://djkfhjkds.ml
Date: Thu, 14 Jun 2018 13:03:31 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 1
Alt-Svc: quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            GET /analytics/ds/beacon HTTP/1.1 
Host: www.renewablepowerportal.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://djkfhjkds.ml/

                                         
                                         0.0.0.0
                                        


--- Additional Info ---