Overview

URL jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html
IP107.179.69.252
ASNAS46573 Global Frag Networks
Location United States
Report completed2018-05-17 21:12:48 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2018-05-17 21:12:11 CEST 1  107.179.69.252 Client IP ET CURRENT_EVENTS DRIVEBY EXE Embeded in Page Likely Evil M1
2018-05-17 21:12:11 CEST 1  107.179.69.252 Client IP ET TROJAN PE EXE or DLL Windows file download Text
2018-05-17 21:12:11 CEST 1  107.179.69.252 Client IP ET TROJAN RAMNIT.A M2


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-05-17 2 jxliulang.com.cn/yesads.js Malware
2018-05-17 2 jxliulang.com.cn/images/jsguoxy.js Malware
2018-05-17 2 jxliulang.com.cn/tongji.js Malware
2018-05-17 2 jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html Malware
2018-05-17 2 jxliulang.com.cn/images/jsjquery.yx_rotaion.js Malware
2018-05-17 2 jxliulang.com.cn/images/jsjquery.min.js Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 107.179.69.252

Date UQ / IDS / BL URL IP
2018-10-10 23:32:24 +0200
0 - 0 - 1 jxliulang.com.cn/html/xzcg..jlhzhzxmindex.html 107.179.69.252
2018-10-10 21:53:23 +0200
0 - 0 - 1 jxliulang.com.cn/html/zhxw..xydtindex.html 107.179.69.252
2018-10-10 16:48:20 +0200
0 - 0 - 1 jxliulang.com.cn/html/xsgzzzjg....szdwindex.html 107.179.69.252
2018-10-10 16:23:02 +0200
0 - 0 - 1 jxliulang.com.cn/html/xzcg..xydtxyxwindex.html 107.179.69.252
2018-10-09 16:44:41 +0200
0 - 0 - 1 jxliulang.com.cn/html/xygkxxldindex.html 107.179.69.252
2018-10-09 13:40:11 +0200
0 - 0 - 1 jxliulang.com.cn/html/jxkyjgjxstsw....jlhzind (...) 107.179.69.252
2018-10-09 13:15:40 +0200
0 - 0 - 1 jxliulang.com.cn/html/xydt..xsgzgzdtindex.html 107.179.69.252
2018-10-09 12:55:35 +0200
0 - 0 - 1 jxliulang.com.cn/html/jxkyjgjxstsw..index.html 107.179.69.252
2018-10-09 01:29:41 +0200
0 - 4 - 2 jxliulang.com.cn/html/ztbg..xygkindex.html 107.179.69.252
2018-10-09 01:16:54 +0200
0 - 0 - 2 jxliulang.com.cn/html/xsgzgzdt....kygzindex.html 107.179.69.252

Last 10 reports on ASN: AS46573 Global Frag Networks

Date UQ / IDS / BL URL IP
2018-10-17 04:37:17 +0200
0 - 4 - 0 029smt.com/html/zwgkarticleshow_article.aspar (...) 104.223.149.92
2018-10-16 17:26:00 +0200
0 - 0 - 20 respiraaspira.org/ssf75xh5 104.148.116.89
2018-10-16 03:39:25 +0200
0 - 4 - 0 hdhuaxin.com/html/LDBZJFWDTBX2201208101003874 (...) 104.223.149.175
2018-10-16 01:07:39 +0200
0 - 3 - 0 zbcaijing.com/html/3591.html 104.223.149.181
2018-10-16 00:38:34 +0200
0 - 0 - 0 track.ecampaign-stats.com/eP4Z7JsG2NpFvu9D?_xEM 209.148.95.13
2018-10-15 19:55:57 +0200
0 - 4 - 0 ahnjjx.com/html/jyys178326.html 104.223.149.208
2018-10-15 16:23:02 +0200
0 - 0 - 0 mk1.fjlnh.com/oem/u.php?p=vx/rs/zaa/w1/vy/rs 104.223.230.211
2018-10-15 10:23:11 +0200
0 - 4 - 0 shyuxinedu.com/html/yiwenjiedameirong343.html 104.223.149.201
2018-10-14 12:16:54 +0200
0 - 4 - 2 xhuayi.com/html/col13121871456712012053113384 (...) 104.223.149.107
2018-10-14 11:56:41 +0200
0 - 4 - 1 huiyi1917.com/html/courseeducation1113.html 104.223.149.11

Last 10 reports on domain: jxliulang.com.cn

Date UQ / IDS / BL URL IP
2018-10-13 10:09:10 +0200
0 - 0 - 1 jxliulang.com.cn/html/xygkxxjj....jyjxbksjxin (...) 209.99.40.222
2018-10-13 05:54:30 +0200
0 - 0 - 1 jxliulang.com.cn/html/jyjxgzsjx....xygkxxldin (...) 209.99.40.222
2018-10-13 04:54:58 +0200
0 - 0 - 1 jxliulang.com.cn/html/zsgzyjszs....xydtindex.html 209.99.40.223
2018-10-12 20:16:23 +0200
0 - 0 - 1 jxliulang.com.cn/html/jyjxgzsjx....xydtxyxwin (...) 209.99.40.222
2018-10-12 18:46:01 +0200
0 - 0 - 1 jxliulang.com.cn/html/jlhzgnjl....tzgg82179.html 209.99.40.222
2018-10-12 17:10:40 +0200
0 - 0 - 1 jxliulang.com.cn/html/xydt..xsgzgzdtindex.html 209.99.40.222
2018-10-12 15:38:10 +0200
0 - 0 - 1 jxliulang.com.cn/html 209.99.40.222
2018-10-12 00:00:26 +0200
0 - 0 - 1 jxliulang.com.cn/html/jlhzgnjl....zhxw67933.html 209.99.40.222
2018-10-11 17:55:45 +0200
0 - 0 - 1 jxliulang.com.cn/html/zsgzyjszs....xydtindex.html 209.99.40.222
2018-10-10 23:32:24 +0200
0 - 0 - 1 jxliulang.com.cn/html/xzcg..jlhzhzxmindex.html 107.179.69.252


JavaScript

Executed Scripts (7)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 88, repeated: 1) - SHA256: f37e595fa25e7d939293b9fdae5fd21b4bcbd3f58631a4d4134bedc27554b990

                                        < script src = 'https://s95.b9823852351323h.com/cp/002.js'
type = 'text/javascript' > < /script>
                                    


HTTP Transactions (18)


Request Response
                                        
                                            GET /yesads.js HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 107
Last-Modified: Sun, 16 Apr 2017 16:26:26 GMT
Accept-Ranges: bytes
Etag: "caffe631ceb6d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:06 GMT


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   107
Md5:    0f29f40bb734fb936ee1d5073755377b
Sha1:   6aedfb1e71e1b5bf8ae35a1402a42aae3d8f25ec
Sha256: 09c0e538f739853e7e8a604fc0d49732fef675043e1452d9b35d5c4acadf7fd7

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/xzlwzsgzgzszscssstylecss.css HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 10153
Last-Modified: Mon, 21 Nov 2016 00:29:24 GMT
Accept-Ranges: bytes
Etag: "78f1964f8e43d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:06 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode text, with CRLF line terminators
Size:   10153
Md5:    c35b2ce447c9a99caa28d94c1bac1a56
Sha1:   583a582ba417d5e8cbaa454fa67b956a99d9dc4a
Sha256: bbebb195e2f6e8e2a0251371c0fc02ed85ef5769c9b7c0240e7ff79ab6433658
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=170182
Date: Thu, 17 May 2018 19:12:11 GMT
Etag: "5afd9a2c-1d7"
Expires: Sat, 19 May 2018 18:14:20 GMT
Last-Modified: Thu, 17 May 2018 15:05:16 GMT
Server: ECS (arn/46D1)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    800eb8551ea4b780544cfaceac36f5e1
Sha1:   432865de312b82b9cc2d15615503ea647192a7f1
Sha256: 36bad1c6e5781348294251a3fd37ff2c651bf04630ae0047a2c2891143237b8e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=156530
Date: Thu, 17 May 2018 19:12:11 GMT
Etag: "5afd7832-1d7"
Expires: Sat, 19 May 2018 14:15:00 GMT
Last-Modified: Thu, 17 May 2018 12:40:18 GMT
Server: ECS (arn/467B)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    3494ee3b800f1741f5f2cc250ec1340b
Sha1:   e0b0812e2a905f33d09b08319f3ef8b16557dad2
Sha256: 90d5dd8bc94f5b083abe827e3b419826f4efcf9bae2eec0c4276b87ef3a1cef3
                                        
                                            GET /images/imagesbg.jpg HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/images/xzlwzsgzgzszscssstylecss.css

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 418
Last-Modified: Sun, 30 Oct 2016 02:26:32 GMT
Accept-Ranges: bytes
Etag: "16125275532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:07 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   418
Md5:    936d935d1b75233df8abefbce186e8ea
Sha1:   58b89cd18f199f44cb28b901e034c52cc6fc6cd3
Sha256: eaa522dff31deedbb57e6a7171a4e9f454de9be94d4d29e441dd33911707270f
                                        
                                            GET /images/jsguoxy.js HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 333
Last-Modified: Sun, 30 Oct 2016 02:26:29 GMT
Accept-Ranges: bytes
Etag: "964e8855532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:07 GMT


--- Additional Info ---
Magic:  ASCII C++ program text, with CRLF line terminators
Size:   333
Md5:    4f685f38c5a1b62184a35cc087cb412b
Sha1:   bcecf4785e4563cf19e37de3c9736f7b2b169ce6
Sha256: 3a48b99d0dcb6cd69cc17a16fd1f20cd699600955ed55bdbf76d2e7f2f0c82b5

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/imagesnav_bg.jpg HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/images/xzlwzsgzgzszscssstylecss.css

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 384
Last-Modified: Sun, 30 Oct 2016 02:26:42 GMT
Accept-Ranges: bytes
Etag: "c281dd5532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:07 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   384
Md5:    837815c47be99caff6d4b8390a22e9f9
Sha1:   edd78fadfdad0d710daa8e6f3e5c7ae062aa03bb
Sha256: dfc638f1281c4ba166464f1eb938a7b7bf0421fa6bce6edb00423f4ef50c574a
                                        
                                            GET /images/imagesser.jpg HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/images/xzlwzsgzgzszscssstylecss.css

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 19884
Last-Modified: Sun, 30 Oct 2016 02:26:32 GMT
Accept-Ranges: bytes
Etag: "1ec18175532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:07 GMT


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   19884
Md5:    2111cfae739556ac87c2276d4518d4f9
Sha1:   e87ed9618341c3d70a8f00598f716c1a0c554218
Sha256: f074f59b7ce1d62e67f8a293a7a7be6be34565f62010df2175a949552372b16b
                                        
                                            GET /images/imageslogo.jpg HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 52978
Last-Modified: Sun, 30 Oct 2016 02:25:32 GMT
Accept-Ranges: bytes
Etag: "e1d5fe35432d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:06 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   52978
Md5:    70cff82da7d124f1166ba92a5212f409
Sha1:   ecc06322ceb87bb9ee668b981af9b52b05e63e08
Sha256: c12929f7c581d13dd0c19058abedfb66e0ec7a5d629cefbad591d1a727617ccb
                                        
                                            GET /tongji.js HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 252
Last-Modified: Sat, 12 Nov 2016 17:13:18 GMT
Accept-Ranges: bytes
Etag: "eada1083dd21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:07 GMT


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   252
Md5:    dc440c2025e870f1e78bd0cfc53500ae
Sha1:   d958c753602b336fc14c4a0b0570b4ea93a2d4c2
Sha256: 36e307ce12bf62576468e6f0a0d4b341769054c726ab19aca7404379f6bcce02

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /html/xzlw..zsgzgzszsindex.html HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Length: 122314
Last-Modified: Fri, 28 Apr 2017 06:28:18 GMT
Accept-Ranges: bytes
Etag: "46f0d99fe8bfd21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:06 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   122314
Md5:    7239eec510bcce6b701fdc5daa2779f2
Sha1:   e46ca585c94924e4b304307e909695c90561a66b
Sha256: d3be4e7c9fd1991b56e92186f433d976f4412627d813ee20c641d5df38b0f4d6

Alerts:
  Blacklists:
    - fortinet: Malware
  IDS:
    - ET CURRENT_EVENTS DRIVEBY EXE Embeded in Page Likely Evil M1
    - ET TROJAN PE EXE or DLL Windows file download Text
    - ET TROJAN RAMNIT.A M2
                                        
                                            GET /images/jsjquery.yx_rotaion.js HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 4280
Last-Modified: Sun, 30 Oct 2016 02:26:31 GMT
Accept-Ranges: bytes
Etag: "f88ceb65532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:07 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) C++ program text, with CRLF line terminators
Size:   4280
Md5:    ef1267cd65b218ac4d46d5e2f5b4917e
Sha1:   c1a9be18d7c297c481e4804742ee86846bcc17f1
Sha256: 5b7b65ca24a9f3f54b16ade5c8bc713df426e195360f1e6a0cbb898718091e04

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/imagespic01.jpg HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 200798
Last-Modified: Sun, 30 Oct 2016 02:25:35 GMT
Accept-Ranges: bytes
Etag: "587b64e55432d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:06 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   200798
Md5:    4e1fb2a73c76fd776d70f2f2d9197114
Sha1:   8baeee12d5604352c68b7c77904fe429bc1d0908
Sha256: bc7d77f2a95fd75de6e60c08f3543f770344be115f58d46dd3c22766a5347a6c
                                        
                                            GET /images/jsjquery.min.js HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 93637
Last-Modified: Sun, 30 Oct 2016 02:26:31 GMT
Accept-Ranges: bytes
Etag: "f0ddbb65532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:07 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines, with CRLF line terminators
Size:   93637
Md5:    e1288116312e4728f98923c79b034b67
Sha1:   8b6babff47b8a9793f37036fd1b1a3ad41d38423
Sha256: ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /hm.js?f53da8843726457e9c5c6862188915be HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html

                                         
                                         220.181.7.190
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 9033
Date: Thu, 17 May 2018 19:12:13 GMT
Etag: 216482caec616426624417e6117a665f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=295D01A9EDEFC692; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   9033
Md5:    8537071bac5633eb3075017b9406035a
Sha1:   d633f579dd1952c42fd526c9f5fcba2af495074d
Sha256: 1ad67a83e08d6678f4d92e3b8a9507defb765cca6b1b1eeb525217a155b08450
                                        
                                            GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1176x885&vl=754&et=0&fl=10.0&ja=1&ln=en-us&lo=0&rnd=2124619252&si=f53da8843726457e9c5c6862188915be&v=1.2.30&lv=1&ct=!!&tt=%E5%8D%8E%E5%8C%97%E7%94%B5%E5%8A%9B%E5%A4%A7%E5%AD%A6%E7%8E%AF%E5%A2%83%E4%B8%8E%E5%8C%96%E5%AD%A6%E5%B7%A5%E7%A8%8B%E7%B3%BB&sn=12045 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html
Cookie: HMACCOUNT=295D01A9EDEFC692

                                         
                                         220.181.7.190
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Thu, 17 May 2018 19:12:14 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: Hm_lvt_f53da8843726457e9c5c6862188915be=1526584335; Hm_lpvt_f53da8843726457e9c5c6862188915be=1526584335

                                         
                                         107.179.69.252
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:10 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: Hm_lvt_f53da8843726457e9c5c6862188915be=1526584335; Hm_lpvt_f53da8843726457e9c5c6862188915be=1526584335

                                         
                                         107.179.69.252
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:13 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075