Overview

URL jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html
IP107.179.69.252
ASNAS46573 Global Frag Networks
Location United States
Report completed2018-05-17 21:12:48 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2018-05-17 21:12:11 CEST 1  107.179.69.252 Client IP ET CURRENT_EVENTS DRIVEBY EXE Embeded in Page Likely Evil M1
2018-05-17 21:12:11 CEST 1  107.179.69.252 Client IP ET TROJAN PE EXE or DLL Windows file download Text
2018-05-17 21:12:11 CEST 1  107.179.69.252 Client IP ET TROJAN RAMNIT.A M2


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-05-17 2 jxliulang.com.cn/yesads.js Malware
2018-05-17 2 jxliulang.com.cn/images/jsguoxy.js Malware
2018-05-17 2 jxliulang.com.cn/tongji.js Malware
2018-05-17 2 jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html Malware
2018-05-17 2 jxliulang.com.cn/images/jsjquery.yx_rotaion.js Malware
2018-05-17 2 jxliulang.com.cn/images/jsjquery.min.js Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 107.179.69.252

Date UQ / IDS / BL URL IP
2018-07-28 19:10:36 +0200
0 - 4 - 6 jxliulang.com.cn/html/ztbg87227.html 107.179.69.252
2018-07-28 19:10:36 +0200
0 - 0 - 6 jxliulang.com.cn/html/xygkxxldindex.html 107.179.69.252
2018-07-28 19:10:15 +0200
0 - 0 - 6 jxliulang.com.cn/html/xzlw84474.html 107.179.69.252
2018-07-28 19:10:07 +0200
0 - 4 - 6 jxliulang.com.cn/html/xzcg88457.html 107.179.69.252
2018-07-28 19:09:57 +0200
0 - 4 - 6 jxliulang.com.cn/html/jxkyjgjxstswindex.html 107.179.69.252
2018-07-28 19:09:54 +0200
0 - 0 - 6 jxliulang.com.cn/html/tpxw76270.html 107.179.69.252
2018-07-28 05:05:30 +0200
0 - 0 - 6 jxliulang.com.cn/html/kygzkycgindex.html 107.179.69.252
2018-07-15 06:34:31 +0200
0 - 4 - 7 jxliulang.com.cn/html/jyjxbksjx....index.html 107.179.69.252
2018-07-03 23:51:51 +0200
0 - 4 - 5 jxliulang.com.cn/html/zsgzgzszs....kygzkydtin (...) 107.179.69.252
2018-07-01 04:48:26 +0200
0 - 3 - 6 jxliulang.com.cn/html/xsgz..zsgzgzszsindex.html 107.179.69.252

Last 10 reports on ASN: AS46573 Global Frag Networks

Date UQ / IDS / BL URL IP
2018-08-14 14:11:00 +0200
0 - 4 - 2 shuangjiashangmao.com/html/articles9752015-92 (...) 104.223.149.60
2018-08-14 14:10:10 +0200
0 - 4 - 5 healthcompa.com/html/nodejkjyIndex.html 104.223.149.116
2018-08-14 13:49:05 +0200
0 - 0 - 2 svtauto.com/qianmingxinqingqianming.html 104.223.149.164
2018-08-14 13:47:56 +0200
0 - 0 - 3 facker503.com.cn/html/szdw..rcpybkszdhzyindex.html 107.179.64.244
2018-08-14 13:37:30 +0200
0 - 4 - 4 jinlixiuye.cn/html/snhyxxzthd2012327111245340 (...) 107.179.69.163
2018-08-14 13:33:38 +0200
0 - 0 - 2 shwenjie.com/html/quanquche20090915535.html 104.223.149.192
2018-08-14 13:13:55 +0200
0 - 0 - 3 jinlixiuye.cn/html/jykyxdfs201611916401536423 (...) 107.179.69.163
2018-08-14 13:13:51 +0200
0 - 4 - 2 jspzlzc.com.cn/html/html2016yxk_012313.html 107.179.69.225
2018-08-14 12:27:51 +0200
0 - 0 - 4 lqicjs.cn/html/xinli_xsyd.201305t20130501_248 (...) 107.179.69.197
2018-08-14 12:25:20 +0200
0 - 4 - 12 pctywbx.cn/html/info10331367.html 107.179.64.87

Last 10 reports on domain: jxliulang.com.cn

Date UQ / IDS / BL URL IP
2018-07-28 19:10:36 +0200
0 - 4 - 6 jxliulang.com.cn/html/ztbg87227.html 107.179.69.252
2018-07-28 19:10:36 +0200
0 - 0 - 6 jxliulang.com.cn/html/xygkxxldindex.html 107.179.69.252
2018-07-28 19:10:15 +0200
0 - 0 - 6 jxliulang.com.cn/html/xzlw84474.html 107.179.69.252
2018-07-28 19:10:07 +0200
0 - 4 - 6 jxliulang.com.cn/html/xzcg88457.html 107.179.69.252
2018-07-28 19:09:57 +0200
0 - 4 - 6 jxliulang.com.cn/html/jxkyjgjxstswindex.html 107.179.69.252
2018-07-28 19:09:54 +0200
0 - 0 - 6 jxliulang.com.cn/html/tpxw76270.html 107.179.69.252
2018-07-28 05:05:30 +0200
0 - 0 - 6 jxliulang.com.cn/html/kygzkycgindex.html 107.179.69.252
2018-07-15 06:34:31 +0200
0 - 4 - 7 jxliulang.com.cn/html/jyjxbksjx....index.html 107.179.69.252
2018-07-03 23:51:51 +0200
0 - 4 - 5 jxliulang.com.cn/html/zsgzgzszs....kygzkydtin (...) 107.179.69.252
2018-07-01 04:48:26 +0200
0 - 3 - 6 jxliulang.com.cn/html/xsgz..zsgzgzszsindex.html 107.179.69.252


JavaScript

Executed Scripts (7)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 88, repeated: 1) - SHA256: f37e595fa25e7d939293b9fdae5fd21b4bcbd3f58631a4d4134bedc27554b990

                                        < script src = 'https://s95.b9823852351323h.com/cp/002.js'
type = 'text/javascript' > < /script>
                                    


HTTP Transactions (18)


Request Response
                                        
                                            GET /yesads.js HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 107
Last-Modified: Sun, 16 Apr 2017 16:26:26 GMT
Accept-Ranges: bytes
Etag: "caffe631ceb6d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:06 GMT


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   107
Md5:    0f29f40bb734fb936ee1d5073755377b
Sha1:   6aedfb1e71e1b5bf8ae35a1402a42aae3d8f25ec
Sha256: 09c0e538f739853e7e8a604fc0d49732fef675043e1452d9b35d5c4acadf7fd7

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/xzlwzsgzgzszscssstylecss.css HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 10153
Last-Modified: Mon, 21 Nov 2016 00:29:24 GMT
Accept-Ranges: bytes
Etag: "78f1964f8e43d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:06 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode text, with CRLF line terminators
Size:   10153
Md5:    c35b2ce447c9a99caa28d94c1bac1a56
Sha1:   583a582ba417d5e8cbaa454fa67b956a99d9dc4a
Sha256: bbebb195e2f6e8e2a0251371c0fc02ed85ef5769c9b7c0240e7ff79ab6433658
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=170182
Date: Thu, 17 May 2018 19:12:11 GMT
Etag: "5afd9a2c-1d7"
Expires: Sat, 19 May 2018 18:14:20 GMT
Last-Modified: Thu, 17 May 2018 15:05:16 GMT
Server: ECS (arn/46D1)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    800eb8551ea4b780544cfaceac36f5e1
Sha1:   432865de312b82b9cc2d15615503ea647192a7f1
Sha256: 36bad1c6e5781348294251a3fd37ff2c651bf04630ae0047a2c2891143237b8e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=156530
Date: Thu, 17 May 2018 19:12:11 GMT
Etag: "5afd7832-1d7"
Expires: Sat, 19 May 2018 14:15:00 GMT
Last-Modified: Thu, 17 May 2018 12:40:18 GMT
Server: ECS (arn/467B)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    3494ee3b800f1741f5f2cc250ec1340b
Sha1:   e0b0812e2a905f33d09b08319f3ef8b16557dad2
Sha256: 90d5dd8bc94f5b083abe827e3b419826f4efcf9bae2eec0c4276b87ef3a1cef3
                                        
                                            GET /images/imagesbg.jpg HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/images/xzlwzsgzgzszscssstylecss.css

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 418
Last-Modified: Sun, 30 Oct 2016 02:26:32 GMT
Accept-Ranges: bytes
Etag: "16125275532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:07 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   418
Md5:    936d935d1b75233df8abefbce186e8ea
Sha1:   58b89cd18f199f44cb28b901e034c52cc6fc6cd3
Sha256: eaa522dff31deedbb57e6a7171a4e9f454de9be94d4d29e441dd33911707270f
                                        
                                            GET /images/jsguoxy.js HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 333
Last-Modified: Sun, 30 Oct 2016 02:26:29 GMT
Accept-Ranges: bytes
Etag: "964e8855532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:07 GMT


--- Additional Info ---
Magic:  ASCII C++ program text, with CRLF line terminators
Size:   333
Md5:    4f685f38c5a1b62184a35cc087cb412b
Sha1:   bcecf4785e4563cf19e37de3c9736f7b2b169ce6
Sha256: 3a48b99d0dcb6cd69cc17a16fd1f20cd699600955ed55bdbf76d2e7f2f0c82b5

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/imagesnav_bg.jpg HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/images/xzlwzsgzgzszscssstylecss.css

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 384
Last-Modified: Sun, 30 Oct 2016 02:26:42 GMT
Accept-Ranges: bytes
Etag: "c281dd5532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:07 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   384
Md5:    837815c47be99caff6d4b8390a22e9f9
Sha1:   edd78fadfdad0d710daa8e6f3e5c7ae062aa03bb
Sha256: dfc638f1281c4ba166464f1eb938a7b7bf0421fa6bce6edb00423f4ef50c574a
                                        
                                            GET /images/imagesser.jpg HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/images/xzlwzsgzgzszscssstylecss.css

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 19884
Last-Modified: Sun, 30 Oct 2016 02:26:32 GMT
Accept-Ranges: bytes
Etag: "1ec18175532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:07 GMT


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   19884
Md5:    2111cfae739556ac87c2276d4518d4f9
Sha1:   e87ed9618341c3d70a8f00598f716c1a0c554218
Sha256: f074f59b7ce1d62e67f8a293a7a7be6be34565f62010df2175a949552372b16b
                                        
                                            GET /images/imageslogo.jpg HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 52978
Last-Modified: Sun, 30 Oct 2016 02:25:32 GMT
Accept-Ranges: bytes
Etag: "e1d5fe35432d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:06 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   52978
Md5:    70cff82da7d124f1166ba92a5212f409
Sha1:   ecc06322ceb87bb9ee668b981af9b52b05e63e08
Sha256: c12929f7c581d13dd0c19058abedfb66e0ec7a5d629cefbad591d1a727617ccb
                                        
                                            GET /tongji.js HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 252
Last-Modified: Sat, 12 Nov 2016 17:13:18 GMT
Accept-Ranges: bytes
Etag: "eada1083dd21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:07 GMT


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   252
Md5:    dc440c2025e870f1e78bd0cfc53500ae
Sha1:   d958c753602b336fc14c4a0b0570b4ea93a2d4c2
Sha256: 36e307ce12bf62576468e6f0a0d4b341769054c726ab19aca7404379f6bcce02

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /html/xzlw..zsgzgzszsindex.html HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Length: 122314
Last-Modified: Fri, 28 Apr 2017 06:28:18 GMT
Accept-Ranges: bytes
Etag: "46f0d99fe8bfd21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:06 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   122314
Md5:    7239eec510bcce6b701fdc5daa2779f2
Sha1:   e46ca585c94924e4b304307e909695c90561a66b
Sha256: d3be4e7c9fd1991b56e92186f433d976f4412627d813ee20c641d5df38b0f4d6

Alerts:
  Blacklists:
    - fortinet: Malware
  IDS:
    - ET CURRENT_EVENTS DRIVEBY EXE Embeded in Page Likely Evil M1
    - ET TROJAN PE EXE or DLL Windows file download Text
    - ET TROJAN RAMNIT.A M2
                                        
                                            GET /images/jsjquery.yx_rotaion.js HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 4280
Last-Modified: Sun, 30 Oct 2016 02:26:31 GMT
Accept-Ranges: bytes
Etag: "f88ceb65532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:07 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) C++ program text, with CRLF line terminators
Size:   4280
Md5:    ef1267cd65b218ac4d46d5e2f5b4917e
Sha1:   c1a9be18d7c297c481e4804742ee86846bcc17f1
Sha256: 5b7b65ca24a9f3f54b16ade5c8bc713df426e195360f1e6a0cbb898718091e04

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/imagespic01.jpg HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 200798
Last-Modified: Sun, 30 Oct 2016 02:25:35 GMT
Accept-Ranges: bytes
Etag: "587b64e55432d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:06 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   200798
Md5:    4e1fb2a73c76fd776d70f2f2d9197114
Sha1:   8baeee12d5604352c68b7c77904fe429bc1d0908
Sha256: bc7d77f2a95fd75de6e60c08f3543f770344be115f58d46dd3c22766a5347a6c
                                        
                                            GET /images/jsjquery.min.js HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html

                                         
                                         107.179.69.252
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 93637
Last-Modified: Sun, 30 Oct 2016 02:26:31 GMT
Accept-Ranges: bytes
Etag: "f0ddbb65532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:07 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines, with CRLF line terminators
Size:   93637
Md5:    e1288116312e4728f98923c79b034b67
Sha1:   8b6babff47b8a9793f37036fd1b1a3ad41d38423
Sha256: ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /hm.js?f53da8843726457e9c5c6862188915be HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html

                                         
                                         220.181.7.190
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 9033
Date: Thu, 17 May 2018 19:12:13 GMT
Etag: 216482caec616426624417e6117a665f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=295D01A9EDEFC692; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   9033
Md5:    8537071bac5633eb3075017b9406035a
Sha1:   d633f579dd1952c42fd526c9f5fcba2af495074d
Sha256: 1ad67a83e08d6678f4d92e3b8a9507defb765cca6b1b1eeb525217a155b08450
                                        
                                            GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1176x885&vl=754&et=0&fl=10.0&ja=1&ln=en-us&lo=0&rnd=2124619252&si=f53da8843726457e9c5c6862188915be&v=1.2.30&lv=1&ct=!!&tt=%E5%8D%8E%E5%8C%97%E7%94%B5%E5%8A%9B%E5%A4%A7%E5%AD%A6%E7%8E%AF%E5%A2%83%E4%B8%8E%E5%8C%96%E5%AD%A6%E5%B7%A5%E7%A8%8B%E7%B3%BB&sn=12045 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxliulang.com.cn/html/xzlw..zsgzgzszsindex.html
Cookie: HMACCOUNT=295D01A9EDEFC692

                                         
                                         220.181.7.190
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Thu, 17 May 2018 19:12:14 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: Hm_lvt_f53da8843726457e9c5c6862188915be=1526584335; Hm_lpvt_f53da8843726457e9c5c6862188915be=1526584335

                                         
                                         107.179.69.252
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:10 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: jxliulang.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: Hm_lvt_f53da8843726457e9c5c6862188915be=1526584335; Hm_lpvt_f53da8843726457e9c5c6862188915be=1526584335

                                         
                                         107.179.69.252
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 May 2018 03:00:13 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075