Overview

URL sz-dcjg.com.cn/html/info1037....flfggj.html
IP107.179.64.87
ASNAS46573 Global Frag Networks
Location United States
Report completed2018-05-16 19:26:58 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2018-05-16 19:26:26 CEST 1  107.179.64.87 Client IP ET CURRENT_EVENTS DRIVEBY EXE Embeded in Page Likely Evil M1
2018-05-16 19:26:26 CEST 1  107.179.64.87 Client IP ET TROJAN PE EXE or DLL Windows file download Text
2018-05-16 19:26:26 CEST 1  107.179.64.87 Client IP ET TROJAN RAMNIT.A M2
2018-05-16 19:26:27 CEST 1  107.179.64.87 Client IP ET TROJAN RAMNIT.A M1


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-05-16 2 sz-dcjg.com.cn/images/_sitegray_sitegray.js Malware
2018-05-16 2 sz-dcjg.com.cn/images/systemresourcejscounter.js Malware
2018-05-16 2 sz-dcjg.com.cn/yesads.js Malware
2018-05-16 2 sz-dcjg.com.cn/images/systemresourcejsdynclicks.js Malware
2018-05-16 2 sz-dcjg.com.cn/images/systemresourcejsgotopage.js Malware
2018-05-16 2 sz-dcjg.com.cn/tongji.js Malware
2018-05-16 2 sz-dcjg.com.cn/html/info1037....flfggj.html Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 107.179.64.87

Date UQ / IDS / BL URL IP
2018-08-14 12:25:20 +0200
0 - 4 - 12 pctywbx.cn/html/info10331367.html 107.179.64.87
2018-07-19 10:41:27 +0200
0 - 4 - 12 sz-dcjg.com.cn/html/info10541160.html 107.179.64.87
2018-07-16 23:34:30 +0200
0 - 4 - 7 sz-dcjg.com.cn/html/info1052....jczscsxg.html 107.179.64.87
2018-06-27 04:20:49 +0200
0 - 4 - 2 pctywbx.cn/html/info1026..10271104.html 107.179.64.87
2018-05-18 06:37:42 +0200
0 - 4 - 7 sz-dcjg.com.cn/html/jczs..xsyjcslw.html 107.179.64.87
2018-05-18 04:50:35 +0200
0 - 4 - 7 sz-dcjg.com.cn/html/info1055....xwdtbzxw.html 107.179.64.87
2018-05-18 03:22:02 +0200
0 - 4 - 7 sz-dcjg.com.cn/html/jczs..xsyjcslw.html 107.179.64.87
2018-05-18 01:18:19 +0200
0 - 4 - 12 sz-dcjg.com.cn/html/info10561205.html 107.179.64.87
2018-05-18 00:15:01 +0200
0 - 4 - 12 www.pctywbx.cn/html/info10261192.html 107.179.64.87
2018-05-17 22:13:25 +0200
0 - 4 - 12 sz-dcjg.com.cn/html/jczs..info10461168.html 107.179.64.87

Last 10 reports on ASN: AS46573 Global Frag Networks

Date UQ / IDS / BL URL IP
2018-08-15 03:08:59 +0200
0 - 4 - 3 kimyang87.com.cn/html/.jrqszzjg....kyjy.html 107.179.69.31
2018-08-15 01:06:45 +0200
0 - 4 - 2 hgc303.cn/html/jiaoxuekeyanjiaoxuekeyan2014-0 (...) 107.179.69.101
2018-08-15 01:00:54 +0200
0 - 0 - 3 chunkai8.com/html/n20150524c186806-24981413.html 104.223.149.80
2018-08-15 00:13:41 +0200
0 - 4 - 5 hbtongfang.com/html/20140826335150.html 104.223.149.15
2018-08-14 23:19:11 +0200
0 - 4 - 3 lsflsl.cn/html/htmlxiaochixiaochiindex.html 107.179.69.157
2018-08-14 21:41:28 +0200
0 - 4 - 2 nbfxqt.cn/html/info10151360.html 107.179.69.138
2018-08-14 20:49:44 +0200
0 - 4 - 24 shengdaxy.com.cn/html/info10851347.html 107.179.64.181
2018-08-14 19:34:48 +0200
0 - 0 - 4 lsflsl.cn/html/htmlresourcenutrition_32.html 107.179.69.157
2018-08-14 19:03:43 +0200
0 - 0 - 2 lqmxzc.cn/html/cnxiaoyuanwenhua20161031300.html 107.179.69.193
2018-08-14 18:38:12 +0200
0 - 0 - 2 akclzj.com/html/zhengwugongkaiguanzhuminsheng (...) 104.223.149.123

Last 10 reports on domain: sz-dcjg.com.cn

Date UQ / IDS / BL URL IP
2018-07-19 10:41:27 +0200
0 - 4 - 12 sz-dcjg.com.cn/html/info10541160.html 107.179.64.87
2018-07-16 23:34:30 +0200
0 - 4 - 7 sz-dcjg.com.cn/html/info1052....jczscsxg.html 107.179.64.87
2018-05-18 06:37:42 +0200
0 - 4 - 7 sz-dcjg.com.cn/html/jczs..xsyjcslw.html 107.179.64.87
2018-05-18 04:50:35 +0200
0 - 4 - 7 sz-dcjg.com.cn/html/info1055....xwdtbzxw.html 107.179.64.87
2018-05-18 03:22:02 +0200
0 - 4 - 7 sz-dcjg.com.cn/html/jczs..xsyjcslw.html 107.179.64.87
2018-05-18 01:18:19 +0200
0 - 4 - 12 sz-dcjg.com.cn/html/info10561205.html 107.179.64.87
2018-05-17 22:13:25 +0200
0 - 4 - 12 sz-dcjg.com.cn/html/jczs..info10461168.html 107.179.64.87
2018-05-17 21:37:54 +0200
0 - 4 - 7 sz-dcjg.com.cn/html/info1052....xsyjcslw.html 107.179.64.87
2018-05-17 20:10:14 +0200
0 - 4 - 12 sz-dcjg.com.cn/html/info10521035.html 107.179.64.87
2018-05-17 18:24:29 +0200
0 - 3 - 7 sz-dcjg.com.cn/html/info1052....ywjggjj.html 107.179.64.87


JavaScript

Executed Scripts (10)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 88, repeated: 1) - SHA256: de844c1d024759ef14d0995c1565e90cb4e4f2be0bb3896df1278cbc7cc4be3f

                                        < script src = 'https://s95.b9823852351323h.com/cp/001.js'
type = 'text/javascript' > < /script>
                                    


HTTP Transactions (28)


Request Response
                                        
                                            GET /images/info1037flfg_sitegray_sitegray_dcss.css HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/html/info1037....flfggj.html

                                         
                                         107.179.64.87
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 20
Last-Modified: Wed, 02 Nov 2016 10:58:45 GMT
Accept-Ranges: bytes
Etag: "28f5f914f834d21:70c5"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:09 GMT


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   20
Md5:    311749c1d5f9bcf240ca9c25eae61f47
Sha1:   29703f0938cab5945db52e553f3f22cbd7f0b478
Sha256: 183f83b69b6f7ced023f06bc9b98b2d00c9e08b5c627c1f6e9002f48f0bbfb5c
                                        
                                            GET /images/_sitegray_sitegray.js HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/html/info1037....flfggj.html

                                         
                                         107.179.64.87
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 95
Last-Modified: Sun, 30 Oct 2016 09:16:09 GMT
Accept-Ranges: bytes
Etag: "28a779408e32d21:70c5"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:09 GMT


--- Additional Info ---
Magic:  ASCII C program text, with CRLF line terminators
Size:   95
Md5:    cb16b8b2fae1a2cb3ddba43817fdc763
Sha1:   c1bb1153a3ebb528f86fa5cc57ddd4bfbe9bd4af
Sha256: 66897f9cf68b725abd635d7dc7c1f4e91c80a41779c91bd25cf3a504d8f07407

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/systemresourcejscounter.js HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/html/info1037....flfggj.html

                                         
                                         107.179.64.87
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 1329
Last-Modified: Sun, 30 Oct 2016 09:16:09 GMT
Accept-Ranges: bytes
Etag: "8ab8ab408e32d21:70c5"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:09 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
Size:   1329
Md5:    7d62c6043b946796b8446a113629e597
Sha1:   650f80553b43a5518814a92f1185ecd3d31a13fe
Sha256: ac09ff2c779832d9df2e3370a647bce1422ada5e0faa7195b135a03559c61b56

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/info1037flfglistvsbcss.css HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/html/info1037....flfggj.html

                                         
                                         107.179.64.87
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 4694
Last-Modified: Wed, 02 Nov 2016 10:58:45 GMT
Accept-Ranges: bytes
Etag: "e4682e15f834d21:70c5"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:09 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode C program text, with CRLF, LF line terminators
Size:   4694
Md5:    cb39edff799a8e7c4113bf3a3855ce51
Sha1:   f2ffc72ad3716ab4d87e56f2fa5a0c5a7e5498fb
Sha256: d0547ff33b76303b41030a9e509e3081f6819bef772c6a5bb14daee892e8e43e
                                        
                                            GET /images/info1037flfgstylestylecss.css HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/html/info1037....flfggj.html

                                         
                                         107.179.64.87
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 14202
Last-Modified: Wed, 02 Nov 2016 10:58:45 GMT
Accept-Ranges: bytes
Etag: "c6e3c714f834d21:70c5"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:09 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode text, with very long lines, with CRLF line terminators
Size:   14202
Md5:    3152a7b9ad75ece673e766f2bed74d93
Sha1:   e7587c87b236d18a5d4222585cd58fad7127d322
Sha256: 4b767562fff58ec5d11cf4737160ea1c2c4030d631f54dd314fa681a4bcc9fc0
                                        
                                            GET /yesads.js HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/html/info1037....flfggj.html

                                         
                                         107.179.64.87
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 107
Last-Modified: Mon, 17 Apr 2017 00:16:28 GMT
Accept-Ranges: bytes
Etag: "7e759fdbfb7d21:70c5"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:09 GMT


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   107
Md5:    2d8836322e6dbef9fb9bae6f88e1f426
Sha1:   6122bd04902333b90037e09d74fe4d987e570692
Sha256: b49114f04157381f856f22a91a61eabef288f3fb0245d1158b5983d5ffd107a6

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /system/resource/code/datainput.jsp?owner=1141627933&e=1&w=1176&h=885&treeid=1040&refer=&pagename=L2xpc3QuanNw&newsid=-1 HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/html/info1037....flfggj.html

                                         
                                         107.179.64.87
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:10 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /images/systemresourcejsdynclicks.js HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/html/info1037....flfggj.html

                                         
                                         107.179.64.87
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 3474
Last-Modified: Sun, 30 Oct 2016 09:16:11 GMT
Accept-Ranges: bytes
Etag: "dc98af418e32d21:70c5"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:10 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) text, with CRLF line terminators
Size:   3474
Md5:    2561c5a10d2059006a2ee239d9ded193
Sha1:   6cd6f5cd2fcb5b39553fe39bdaf39747111fc9ee
Sha256: 5d56867bfdea9d9e2ee9e65c538ae05d29c75cf6fe602ef211c3df6a325c25da

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/systemresourcejsgotopage.js HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/html/info1037....flfggj.html

                                         
                                         107.179.64.87
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 3141
Last-Modified: Sun, 30 Oct 2016 22:40:00 GMT
Accept-Ranges: bytes
Etag: "2cc7c8cfe32d21:70c5"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:10 GMT


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   3141
Md5:    58e53c7e20c2b2e69119d74025b26af0
Sha1:   d84f7d7c169b8cf995050753725c39ba690b9c32
Sha256: 2e385312f28ca5d58dcaa8601486f38db668f90ba189e579cf7f81c0df6d0f24

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /tongji.js HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/html/info1037....flfggj.html

                                         
                                         107.179.64.87
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 252
Last-Modified: Sat, 12 Nov 2016 17:20:22 GMT
Accept-Ranges: bytes
Etag: "32cdaac93dd21:70c5"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:10 GMT


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   252
Md5:    f2cbc78c122a007044395cc3b115e715
Sha1:   e7742d7b2cff39e54f4782eb6873d1c348b3a32d
Sha256: 5b36f027eb8dac81629cc591a5a4bcd44b5ca300717033c34a5b8a7f28d02f4b

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=168658
Date: Wed, 16 May 2018 17:26:27 GMT
Etag: "5afc48a7-1d7"
Expires: Fri, 18 May 2018 16:10:22 GMT
Last-Modified: Wed, 16 May 2018 15:05:11 GMT
Server: ECS (arn/467B)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    29f73ad900411d9be555ae7c06375644
Sha1:   2a2297b28a67ae46723b33b280cf8b4967943d6d
Sha256: 18a194705f162a12258211793a78745dcb4539ba80b3a5cffaa5d772f92f1dc6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=165068
Date: Wed, 16 May 2018 17:26:27 GMT
Etag: "5afc2459-1d7"
Expires: Fri, 18 May 2018 15:11:48 GMT
Last-Modified: Wed, 16 May 2018 12:30:17 GMT
Server: ECS (arn/4691)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    46250738b7a0df4551e10d895f490cf9
Sha1:   2327d3e91ec90e8db006e6ecbacc9ded9c0b651f
Sha256: 89db690d0e491e0f6e149b17507bbc8c81d54dfbce187eb30f22d4f53a6f535c
                                        
                                            GET /images/imageslogo.png HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/html/info1037....flfggj.html

                                         
                                         107.179.64.87
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 43223
Last-Modified: Sun, 30 Oct 2016 09:16:10 GMT
Accept-Ranges: bytes
Etag: "a83d12418e32d21:70c5"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:09 GMT


--- Additional Info ---
Magic:  PNG image, 500 x 84, 8-bit/color RGBA, non-interlaced
Size:   43223
Md5:    18fe39095aad65097a394ebd7dad1bb2
Sha1:   b8a379a8d21d9079aa9a0d67ad93199de23e8b48
Sha256: 8d3fb0f00bd56a3469906b1ff173ed1861ff2cfe5998dd7d046b70d71849d85c
                                        
                                            GET /html/info1037....flfggj.html HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         107.179.64.87
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Length: 125853
Last-Modified: Fri, 28 Apr 2017 14:29:28 GMT
Accept-Ranges: bytes
Etag: "681d9cd72bc0d21:70c5"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:09 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   125853
Md5:    a7414aa40176089bbac534298d468580
Sha1:   41d1adf608476b2a7604e9517292b3303a0789b2
Sha256: f216180e2529c7182dadd74f703b763cafc7ba9868598c05bdd7520de8838c5f

Alerts:
  Blacklists:
    - fortinet: Malware
  IDS:
    - ET CURRENT_EVENTS DRIVEBY EXE Embeded in Page Likely Evil M1
    - ET TROJAN PE EXE or DLL Windows file download Text
    - ET TROJAN RAMNIT.A M2
    - ET TROJAN RAMNIT.A M1
                                        
                                            GET /images/imagesbg.jpg HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/images/info1037flfgstylestylecss.css

                                         
                                         107.179.64.87
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 1291
Last-Modified: Sun, 30 Oct 2016 09:16:28 GMT
Accept-Ranges: bytes
Etag: "b6f9d34b8e32d21:70c5"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:10 GMT


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   1291
Md5:    eaa40239ed654a892bbb9a65db3441c0
Sha1:   914c413fe2c92fd5daa0d7ccf8c6ab81b12b5816
Sha256: 462dfb37ebfbafbf479c538a354722099ca0f22046894b68e51580d372dc6802
                                        
                                            GET /images/imagesnav_bg.png HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/images/info1037flfgstylestylecss.css

                                         
                                         107.179.64.87
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 1037
Last-Modified: Sun, 30 Oct 2016 09:16:29 GMT
Accept-Ranges: bytes
Etag: "b2b8544c8e32d21:70c5"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:10 GMT


--- Additional Info ---
Magic:  PNG image, 4 x 33, 8-bit/color RGB, non-interlaced
Size:   1037
Md5:    d47666b47d4ced8c1f4a025602270281
Sha1:   375154c707336dd6d2286aefce514182b9ad8936
Sha256: 9cd6895ef250db6c75bb40bc8723437dc12ab9085fdae5c7c1e5984046a5c7b6
                                        
                                            GET /images/imagesnav_r.png HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/images/info1037flfgstylestylecss.css

                                         
                                         107.179.64.87
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 1030
Last-Modified: Sun, 30 Oct 2016 09:16:36 GMT
Accept-Ranges: bytes
Etag: "10109b508e32d21:70c5"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:10 GMT


--- Additional Info ---
Magic:  PNG image, 2 x 13, 8-bit/color RGB, non-interlaced
Size:   1030
Md5:    5f059e650136373afce02849e3207513
Sha1:   10f2e666ed5e3b16ca7ff4a9b0b092e2d5bfa661
Sha256: 1fe11a425dce2e6aa53e606086e4e449327491aaf03a751f918290c5092e16d6
                                        
                                            GET /images/imagesbgline.png HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/images/info1037flfgstylestylecss.css

                                         
                                         107.179.64.87
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 1025
Last-Modified: Sun, 30 Oct 2016 09:16:34 GMT
Accept-Ranges: bytes
Etag: "1892994f8e32d21:70c5"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:10 GMT


--- Additional Info ---
Magic:  PNG image, 245 x 4, 8-bit/color RGB, non-interlaced
Size:   1025
Md5:    3fccd9e23cf0b1b7d97b62d1962438f2
Sha1:   da54cf76ca858f5011fedfd3d9852a66402eb37f
Sha256: f2490cfda2a10c8785b4f1c9072ee6c6bb75afbc4b8e3dae3004ca4e9e93c517
                                        
                                            GET /images/imagessidebg.jpg HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/images/info1037flfgstylestylecss.css

                                         
                                         107.179.64.87
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 3707
Last-Modified: Sun, 30 Oct 2016 09:16:35 GMT
Accept-Ranges: bytes
Etag: "7aa3cb4f8e32d21:70c5"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:11 GMT


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   3707
Md5:    413e03ec3e31c1dc647006e588290c26
Sha1:   6abe5ae5c2635a4677191e8a7847020db846a698
Sha256: 9fc389932156ac8395a581dc37c57d569f6f9ba6c8601e82d82e9267c1d7013c
                                        
                                            GET /images/imagesdot2.png HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/images/info1037flfgstylestylecss.css

                                         
                                         107.179.64.87
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 1044
Last-Modified: Sun, 30 Oct 2016 09:16:35 GMT
Accept-Ranges: bytes
Etag: "36170508e32d21:70c5"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:11 GMT


--- Additional Info ---
Magic:  PNG image, 5 x 12, 8-bit/color RGB, non-interlaced
Size:   1044
Md5:    ecbe9afcb95181dd9890060d7ca67a07
Sha1:   432e6e6a2fdad48df5e2be3e100b4f7dd95837f4
Sha256: f5164f1da2a53685a4c137da5e2ad615399fc0e84dea555c741dd1908d3fbb89
                                        
                                            GET /images/imagesstatus.jpg HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/images/info1037flfgstylestylecss.css

                                         
                                         107.179.64.87
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 2459
Last-Modified: Sun, 30 Oct 2016 09:16:36 GMT
Accept-Ranges: bytes
Etag: "549c66508e32d21:70c5"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:11 GMT


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   2459
Md5:    b32bcd73ca386b8f651acd3b1aa1edca
Sha1:   7c71df1dcec6eb6a15562af023f7cf0c434edb35
Sha256: e581b877aeea1f567ef3bdd440da880e53113c2af58584ed68589f5a4085929c
                                        
                                            GET /images/imagesftbg.png HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/images/info1037flfgstylestylecss.css

                                         
                                         107.179.64.87
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 1107
Last-Modified: Sun, 30 Oct 2016 09:16:34 GMT
Accept-Ranges: bytes
Etag: "5c1e654f8e32d21:70c5"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:11 GMT


--- Additional Info ---
Magic:  PNG image, 6 x 5, 8-bit/color RGB, non-interlaced
Size:   1107
Md5:    81716aaedc744d771adfdd7e9355de55
Sha1:   0713d4239413cce7e7af6d46a6d15129280a60a4
Sha256: 1081551577bf00e8474d2efdfaadf69393b2132f5669c968be44afd388194a57
                                        
                                            GET /images/imagesdot.png HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/images/info1037flfgstylestylecss.css

                                         
                                         107.179.64.87
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 1041
Last-Modified: Sun, 30 Oct 2016 09:16:30 GMT
Accept-Ranges: bytes
Etag: "4825244d8e32d21:70c5"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:11 GMT


--- Additional Info ---
Magic:  PNG image, 10 x 9, 8-bit/color RGB, non-interlaced
Size:   1041
Md5:    d7fb847eac6d82d6d8522c2181d96b78
Sha1:   33a206bc60234346166de43ad29a4ac4745c0fb9
Sha256: 6d73d35bf0d8a80adcaea92125f48d2612a7204675fafca464f017988cf5b764
                                        
                                            GET /images/imagesheader_bg.jpg HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/images/info1037flfgstylestylecss.css

                                         
                                         107.179.64.87
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 33177
Last-Modified: Sun, 30 Oct 2016 09:16:29 GMT
Accept-Ranges: bytes
Etag: "f644204c8e32d21:70c5"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:10 GMT


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   33177
Md5:    d3f76b281cf4e0d7e341538259a13dd9
Sha1:   5eaa0fc4b3bdf8a97d6a5f25842fa7603a25d969
Sha256: 0cc02998b86cd594b50ddfc00369205ead257cb9b72423591a751d36a7bcae50
                                        
                                            GET /hm.js?4db8f5e2528727a83a3fb7e2ce6017e9 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/html/info1037....flfggj.html

                                         
                                         220.181.7.190
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 9033
Date: Wed, 16 May 2018 17:26:27 GMT
Etag: 8fc6afc1fea14cc0ac2baba858698fbd
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=B7793DC1FB13FFE8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   9033
Md5:    6f03bab0d638ea411f677ec561c41f10
Sha1:   77b6cbe3f13ec1e21dcef720032c7d76449c4fd3
Sha256: 8a868131aaa29869673a8dc21c9af36faa8e4f7323b38d7fc2c9c835db95586d
                                        
                                            GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1176x885&vl=775&et=0&fl=10.0&ja=1&ln=en-us&lo=0&rnd=1595918434&si=4db8f5e2528727a83a3fb7e2ce6017e9&v=1.2.30&lv=1&ct=!!&tt=%E5%9B%BD%E5%AE%B6-%E6%99%AE%E9%80%9A%E8%AF%9D%E5%9F%B9%E8%AE%AD%E6%B5%8B%E8%AF%95%E7%AB%99&sn=50369 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sz-dcjg.com.cn/html/info1037....flfggj.html
Cookie: HMACCOUNT=B7793DC1FB13FFE8

                                         
                                         220.181.7.190
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Wed, 16 May 2018 17:26:29 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: Hm_lvt_4db8f5e2528727a83a3fb7e2ce6017e9=1526491589; Hm_lpvt_4db8f5e2528727a83a3fb7e2ce6017e9=1526491589

                                         
                                         107.179.64.87
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:13 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: sz-dcjg.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: Hm_lvt_4db8f5e2528727a83a3fb7e2ce6017e9=1526491589; Hm_lpvt_4db8f5e2528727a83a3fb7e2ce6017e9=1526491589

                                         
                                         107.179.64.87
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 09:23:17 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075