Overview

URL shengdaxy.com.cn/html/info10851347.html
IP107.179.64.181
ASNAS46573 Global Frag Networks
Location United States
Report completed2018-08-14 20:49:44 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2018-08-14 20:49:14 CEST 1  107.179.64.181 Client IP ET CURRENT_EVENTS DRIVEBY EXE Embeded in Page Likely Evil M1
2018-08-14 20:49:14 CEST 1  107.179.64.181 Client IP ET TROJAN RAMNIT.A M2
2018-08-14 20:49:17 CEST 1  107.179.64.181 Client IP ET TROJAN RAMNIT.A M1
2018-08-14 20:49:14 CEST 1  107.179.64.181 Client IP ET TROJAN PE EXE or DLL Windows file download Text


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-08-14 2 shengdaxy.com.cn/images/_sitegray_sitegray.js Malware
2018-08-14 2 shengdaxy.com.cn/images/systemresourcejscounter.js Malware
2018-08-14 2 shengdaxy.com.cn/yesads.js Malware
2018-08-14 2 shengdaxy.com.cn/images/systemresourcejsbase64.js Malware
2018-08-14 2 shengdaxy.com.cn/images/systemresourcejsformfunc.js Malware
2018-08-14 2 shengdaxy.com.cn/images/systemresourcejscalendarsimple.js Malware
2018-08-14 2 shengdaxy.com.cn/images/systemresourcejsmenutext.js Malware
2018-08-14 2 shengdaxy.com.cn/images/_dwrinterfaceNewsSearchDWR.js Malware
2018-08-14 2 shengdaxy.com.cn/images/systemresourcejsvsb_news_search.js Malware
2018-08-14 2 shengdaxy.com.cn/images/systemresourcejsvsb_news_search_entry.js Malware
2018-08-14 2 shengdaxy.com.cn/images/_dwrutil.js Malware
2018-08-14 2 shengdaxy.com.cn/images/_dwrengine.js Malware
2018-08-14 2 shengdaxy.com.cn/html/info10851347.html Malware
2018-08-14 2 shengdaxy.com.cn/images/_dwrinterfaceNewsvoteDWR.js Malware
2018-08-14 2 shengdaxy.com.cn/images/systemresourcejsnewsnewscontent.js Malware
2018-08-14 2 shengdaxy.com.cn/images/systemresourcejsdynclicks.js Malware
2018-08-14 2 shengdaxy.com.cn/images/systemresourcejsajax.js Malware
2018-08-14 2 shengdaxy.com.cn/images/systemresourcejslanguage.js Malware
2018-08-14 2 shengdaxy.com.cn/tongji.js Malware
2018-08-14 2 shengdaxy.com.cn/system/dwr/call/plaincall/NewsvoteDWR.getNewsLinkUrl.dwr Malware
2018-08-14 2 shengdaxy.com.cn/system/dwr/call/plaincall/NewsvoteDWR.getVoteTitle.dwr Malware
2018-08-14 2 shengdaxy.com.cn/images/news.gdut.edu.cnDepartmentUploadFiles%E5%9B%A2%E5%A (...) Malware
2018-08-14 2 shengdaxy.com.cn/images/news.gdut.edu.cnDepartmentUploadFiles%E5%9B%A2%E5%A (...) Malware
2018-08-14 2 shengdaxy.com.cn/images/news.gdut.edu.cnDepartmentUploadFiles%E5%9B%A2%E5%A (...) Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 107.179.64.181

Date UQ / IDS / BL URL IP
2018-09-22 11:48:47 +0200
0 - 0 - 6 lydbd.com.cn/html/htmlnnrwzgkxyysfhzggcyys201 (...) 107.179.64.181
2018-09-22 05:18:03 +0200
0 - 0 - 6 lydbd.com.cn/html/htmlnnrwspygcxb20151210adbe (...) 107.179.64.181
2018-09-03 18:06:39 +0200
0 - 0 - 16 shengdaxy.com.cn/html/info1077....stf.html 107.179.64.181
2018-09-02 01:43:59 +0200
0 - 0 - 6 lydbd.com.cn/html/htmlnnrwzwkxxb20151208780c7 (...) 107.179.64.181
2018-09-02 01:24:29 +0200
0 - 4 - 6 lydbd.com.cn/html/htmlnnrwdwkxxb2015120940b9d (...) 107.179.64.181
2018-08-24 23:46:17 +0200
0 - 3 - 16 shengdaxy.com.cn/html/jpxm1.html 107.179.64.181
2018-08-21 05:56:14 +0200
0 - 0 - 5 lydbd.com.cn/html/htmlnnrwswyhjxb20151210a28b (...) 107.179.64.181
2018-08-21 05:39:13 +0200
0 - 0 - 6 lydbd.com.cn/html/htmlnnrwzgkxyysfhzggcyys201 (...) 107.179.64.181
2018-08-21 01:03:27 +0200
0 - 4 - 21 shengdaxy.com.cn/html/info10771443.html 107.179.64.181
2018-08-18 21:14:19 +0200
0 - 0 - 16 shengdaxy.com.cn/html/jpxm1zygyfsj.html 107.179.64.181

Last 10 reports on ASN: AS46573 Global Frag Networks

Date UQ / IDS / BL URL IP
2018-09-23 22:42:52 +0200
0 - 0 - 4 jncxjc.cn/html/htmllybindex.html 107.179.69.56
2018-09-23 22:41:12 +0200
0 - 7 - 3 hejiayule.com/html/zangaoyuanindex.phparchive (...) 104.223.149.171
2018-09-23 22:38:31 +0200
0 - 0 - 9 sxzhongce.cn/html/info10111804.html 107.179.64.101
2018-09-23 22:20:33 +0200
0 - 0 - 2 lgjjc.com.cn/html/info10771856.html 107.179.69.136
2018-09-23 22:14:58 +0200
0 - 0 - 13 sxyield.cn/html/zxxs..fsyyfzsfsyy.html 107.179.64.104
2018-09-23 22:12:50 +0200
0 - 0 - 2 jxtex888.cn/html/txxw..cyjyindex.html 107.179.69.192
2018-09-23 22:10:12 +0200
0 - 4 - 2 ycbnzx.com/html/GB40764127619179099179103inde (...) 104.223.149.189
2018-09-23 22:04:34 +0200
0 - 4 - 8 sfgm168.cn/html/info1980....kygl.html 107.179.64.207
2018-09-23 22:04:34 +0200
0 - 0 - 3 lycqjd.cn/html/plusstow.phpaid37.html 107.179.64.186
2018-09-23 22:03:17 +0200
0 - 0 - 2 lifei57.com.cn/html/xzzxhxhts....zcfgjybindex.html 107.179.69.93

Last 10 reports on domain: shengdaxy.com.cn

Date UQ / IDS / BL URL IP
2018-09-03 18:06:39 +0200
0 - 0 - 16 shengdaxy.com.cn/html/info1077....stf.html 107.179.64.181
2018-08-24 23:46:17 +0200
0 - 3 - 16 shengdaxy.com.cn/html/jpxm1.html 107.179.64.181
2018-08-21 01:03:27 +0200
0 - 4 - 21 shengdaxy.com.cn/html/info10771443.html 107.179.64.181
2018-08-18 21:14:19 +0200
0 - 0 - 16 shengdaxy.com.cn/html/jpxm1zygyfsj.html 107.179.64.181
2018-08-16 06:44:43 +0200
0 - 0 - 16 shengdaxy.com.cn/html/info1073....stf.html 107.179.64.181
2018-07-20 11:02:59 +0200
0 - 4 - 16 shengdaxy.com.cn/html/info1093....stf.html 107.179.64.181
2018-07-19 22:08:27 +0200
0 - 4 - 19 shengdaxy.com.cn/html/info1093....index.html 107.179.64.181
2018-05-07 21:50:14 +0200
0 - 4 - 16 shengdaxy.com.cn/html/xzz.html 107.179.64.181
2018-01-22 04:16:52 +0100
0 - 0 - 21 shengdaxy.com.cn/html/info10851207.html 107.179.64.181
2017-10-07 04:38:42 +0200
0 - 4 - 21 shengdaxy.com.cn/html/info10871240.html 107.179.64.181


JavaScript

Executed Scripts (29)


Executed Evals (0)


Executed Writes (7)

#1 JavaScript::Write (size: 32, repeated: 1) - SHA256: 03cfd4f8dcfb9fb30137c23a1450a0f0b211a386205ce09b18b4141daa76d20d

                                        & nbsp; & nbsp;��\��
R� |
                                    

#2 JavaScript::Write (size: 18, repeated: 1) - SHA256: c82e05b87f279b0c2ac9277efdb89ea1fad6b41a56822e03f0194f1b222c66bf

                                        & nbsp; & nbsp;ĸ
a�
                                    

#3 JavaScript::Write (size: 25, repeated: 1) - SHA256: d103b74b1749d18d2b96baf5030acf90897ff0193b9f87fc8dbacbcf2c7355ef

                                        2018�� 8�� 14��
                                    

#4 JavaScript::Write (size: 6, repeated: 1) - SHA256: aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23

                                        < /div>
                                    

#5 JavaScript::Write (size: 52, repeated: 1) - SHA256: a594475e7db13e7895c7c66d6288ec050b0e38e37678a38427038af7484438dc

                                        < div id = "c_lunar130040"
class = "fontstyle130040" >
                                    

#6 JavaScript::Write (size: 88, repeated: 2) - SHA256: de844c1d024759ef14d0995c1565e90cb4e4f2be0bb3896df1278cbc7cc4be3f

                                        < script src = 'https://s95.b9823852351323h.com/cp/001.js'
type = 'text/javascript' > < /script>
                                    

#7 JavaScript::Write (size: 77, repeated: 1) - SHA256: a097b8d186d3732c5849d82fbc461d38222c99280880485a38ee621d83c06cdc

                                        < span id = "dynclicks_wbnews_1347_396"
name = "dynclicks_wbnews_1347_396" > < /span>
                                    


HTTP Transactions (53)


Request Response
                                        
                                            GET /images/_sitegray_sitegray.js HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 95
Last-Modified: Sun, 30 Oct 2016 09:52:55 GMT
Accept-Ranges: bytes
Etag: "44d868639332d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  ASCII C program text, with CRLF line terminators
Size:   95
Md5:    cb16b8b2fae1a2cb3ddba43817fdc763
Sha1:   c1bb1153a3ebb528f86fa5cc57ddd4bfbe9bd4af
Sha256: 66897f9cf68b725abd635d7dc7c1f4e91c80a41779c91bd25cf3a504d8f07407

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/info1085_sitegray_sitegray_dcss.css HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 20
Last-Modified: Mon, 31 Oct 2016 01:22:28 GMT
Accept-Ranges: bytes
Etag: "68ab5a3e1533d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   20
Md5:    311749c1d5f9bcf240ca9c25eae61f47
Sha1:   29703f0938cab5945db52e553f3f22cbd7f0b478
Sha256: 183f83b69b6f7ced023f06bc9b98b2d00c9e08b5c627c1f6e9002f48f0bbfb5c
                                        
                                            GET /images/systemresourcejscounter.js HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 1329
Last-Modified: Sun, 30 Oct 2016 09:52:56 GMT
Accept-Ranges: bytes
Etag: "5aae9f639332d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
Size:   1329
Md5:    7d62c6043b946796b8446a113629e597
Sha1:   650f80553b43a5518814a92f1185ecd3d31a13fe
Sha256: ac09ff2c779832d9df2e3370a647bce1422ada5e0faa7195b135a03559c61b56

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/info1085stylecsscss.css HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 1623
Last-Modified: Mon, 31 Oct 2016 01:22:42 GMT
Accept-Ranges: bytes
Etag: "5447d4461533d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1623
Md5:    0577407ac0660e2edded8b264e63a28a
Sha1:   b9f7797b901b92d48fdb921f726cf0a6246e28b7
Sha256: 8bf6423ed1d7d2ee9ee53b68d8698cef13d4cd96d691add1e3d6e259ccf79d9a
                                        
                                            GET /yesads.js HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 107
Last-Modified: Mon, 17 Apr 2017 00:16:27 GMT
Accept-Ranges: bytes
Etag: "8ea6cddafb7d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   107
Md5:    2d8836322e6dbef9fb9bae6f88e1f426
Sha1:   6122bd04902333b90037e09d74fe4d987e570692
Sha256: b49114f04157381f856f22a91a61eabef288f3fb0245d1158b5983d5ffd107a6

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/info1085contentvsbcss.css HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 3328
Last-Modified: Mon, 31 Oct 2016 01:22:37 GMT
Accept-Ranges: bytes
Etag: "30f033441533d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Size:   3328
Md5:    3dbf23a0dcf5d56c949644da1074100e
Sha1:   7dcaf5d96bfd3a74c4222dc3da36adbf4cc01b4c
Sha256: edb052a4b2b6f3739830c5767b456a6bb6e6088c3f70dd3b9e4e6f118d3298e3
                                        
                                            GET /images/systemresourcejsbase64.js HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 4025
Last-Modified: Sun, 30 Oct 2016 09:52:58 GMT
Accept-Ranges: bytes
Etag: "8cff15659332d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) C++ program text, with CRLF line terminators
Size:   4025
Md5:    00b6f6e633d233972647ed727770bb95
Sha1:   1fd81768a34000749f28de5e0ae1331ec23bd323
Sha256: 34bf7cc3ebf6cb87f35b92e5d8d7e1d9d39958ff805cab0758b3489b37d0c0ba

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/systemresourcejsformfunc.js HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 648
Last-Modified: Sun, 30 Oct 2016 09:52:59 GMT
Accept-Ranges: bytes
Etag: "f6bf77659332d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) text, with CRLF line terminators
Size:   648
Md5:    78d80475f6c6d75956a8b8ece6ef384d
Sha1:   6517ad661c1f6f000edf80a84065de4a2d5d2c07
Sha256: 241aa991e6ecb25d54b1f46422f27df612308427d5426848538c36a3cdbc23a9

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         80.239.159.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Fri, 10 Aug 2018 14:28:30 GMT
Etag: 6B35BE4F47774AB921E5E0EE26B362E8B051CF27
X-OCSP-Responder-ID: rmdccaocsp21
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=242980
Expires: Fri, 17 Aug 2018 14:18:55 GMT
Date: Tue, 14 Aug 2018 18:49:15 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    e5ed3d89c4e0f1d34cd3e3f091f6e4cd
Sha1:   6b35be4f47774ab921e5e0ee26b362e8b051cf27
Sha256: 1a3ce0d40bff28b2e7b08ccaae658d416d2bfc0e9dc586e7c0824692acf64ff8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         80.239.159.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Thu, 09 Aug 2018 10:51:21 GMT
Etag: 28971123BCF643EA9A58E36ECEC787D80B84AB32
X-OCSP-Responder-ID: rmdccaocsp23
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=143561
Expires: Thu, 16 Aug 2018 10:41:56 GMT
Date: Tue, 14 Aug 2018 18:49:15 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    d54f0d62e279c1b27e00fd5cce39e2ef
Sha1:   28971123bcf643ea9a58e36ecec787d80b84ab32
Sha256: 61e53ae77000c1d35e99a68d9033f6c7c6f5233e5f5a79b5a865209248392e59
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         80.239.159.56
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Thu, 09 Aug 2018 10:51:21 GMT
Etag: 10474AAFC209129B796273A3C28D83077EF7B9E2
X-OCSP-Responder-ID: rmdccaocsp22
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=143486
Expires: Thu, 16 Aug 2018 10:40:41 GMT
Date: Tue, 14 Aug 2018 18:49:15 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    239f956800471481ba1882c0fd0f8c42
Sha1:   10474aafc209129b796273a3c28d83077ef7b9e2
Sha256: 367af60e16a595fe9b2d075a2cabea2593dc4f2131103d91b3254401e98c8f19
                                        
                                            GET /images/systemresourcejscalendarsimple.js HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 9191
Last-Modified: Sun, 30 Oct 2016 09:52:58 GMT
Accept-Ranges: bytes
Etag: "1cc7dc649332d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode text, with CRLF line terminators
Size:   9191
Md5:    f51af6c6420dadb5056c6005d2fb58c6
Sha1:   f111be58604aafc5b5084f171197053d58cf1eb4
Sha256: 783d1b4c058e515073acf227740d59d5240e9a554ed09e467e9aa9e417ee853f

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/systemresourcejsmenutext.js HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 5120
Last-Modified: Sun, 30 Oct 2016 09:52:57 GMT
Accept-Ranges: bytes
Etag: "889165649332d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) text, with CRLF line terminators
Size:   5120
Md5:    f14861a61f01a0324e31c9f85658df40
Sha1:   37900aad75ec74e80425e987372022b7dd2a4694
Sha256: 0fc73d172ff1778b184a8d9555b37012fc32ccbd72a4071fa654005a91b9d755

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/imagesxslogo.png HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 43779
Last-Modified: Sun, 30 Oct 2016 09:52:56 GMT
Accept-Ranges: bytes
Etag: "18592c649332d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  PNG image, 611 x 110, 8-bit/color RGBA, non-interlaced
Size:   43779
Md5:    b25b739178a991085dc3614ca70b63d4
Sha1:   453e3506d78f91a0578475d7ddfeac379191dc06
Sha256: e13eebe175b568ff9950806359487ff9ad58c4179af21cb5d04b1faa053e6fe7
                                        
                                            GET /cp/001.js HTTP/1.1 
Host: s95.b9823852351323h.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         45.65.46.3
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: Apache
Date: Tue, 14 Aug 2018 20:46:35 GMT
Content-Length: 600
Connection: keep-alive
Keep-Alive: timeout=60


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   600
Md5:    4f3c016bccb974c09a8cfeb9a1148706
Sha1:   d32d0020066c8108093270e743096ee00b9be300
Sha256: 544c5890d9f0156afb8ba90fdef23470296234849d469217aee905cfd7881260
                                        
                                            GET /cp/001.js HTTP/1.1 
Host: s95.b9823852351323h.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         45.65.46.3
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: Apache
Date: Tue, 14 Aug 2018 20:46:35 GMT
Content-Length: 600
Connection: keep-alive
Keep-Alive: timeout=60


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   600
Md5:    4f3c016bccb974c09a8cfeb9a1148706
Sha1:   d32d0020066c8108093270e743096ee00b9be300
Sha256: 544c5890d9f0156afb8ba90fdef23470296234849d469217aee905cfd7881260
                                        
                                            GET /images/_dwrinterfaceNewsSearchDWR.js HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 961
Last-Modified: Sun, 30 Oct 2016 09:53:05 GMT
Accept-Ranges: bytes
Etag: "fef53a699332d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   961
Md5:    b584776efb31b1ef95dc452cf127a1a4
Sha1:   8c53a46c33e814a986c0046901c828f69fd07e04
Sha256: 8578c9a0eafa88732131a5bdb15e11ea8d8d1a82e3b7151bf0e2785235a39bb7

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/systemresourcejsvsb_news_search.js HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 3880
Last-Modified: Sun, 30 Oct 2016 09:53:06 GMT
Accept-Ranges: bytes
Etag: "b4f197699332d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) text, with CRLF line terminators
Size:   3880
Md5:    fb5d6e426a99860a60132247f3955ee1
Sha1:   c611c562f968460f63292c504d775f0b82804913
Sha256: fc43d2b7a82948ecd64ffab60b964a72309368af7ce24e4b32c205748f5576d8

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/systemresourcejsvsb_news_search_entry.js HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 5233
Last-Modified: Sun, 30 Oct 2016 09:53:06 GMT
Accept-Ranges: bytes
Etag: "242ad1699332d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
Size:   5233
Md5:    01911a03a5f6e240461c1cdcdf35ae5b
Sha1:   5391d0abfad157548d560d65e6a222e84856e3da
Sha256: 9971dead7cb6a41088160ac98c3560799707fd9451a1a38071cfc9fededb7d5b

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/_dwrutil.js HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 46648
Last-Modified: Sun, 30 Oct 2016 09:53:05 GMT
Accept-Ranges: bytes
Etag: "e81f4699332d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  ASCII C program text
Size:   46648
Md5:    19163613e46d44c92bc4271a25f0eb61
Sha1:   dcf2bbcf73c8e25eea3eda0afce15ad37e27cc2a
Sha256: 8a68d32839da2dcb301f75c8e7bf0af796084a298cf128bf3da5876fb8ea2dd4

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/_dwrengine.js HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 47416
Last-Modified: Sun, 30 Oct 2016 09:53:00 GMT
Accept-Ranges: bytes
Etag: "86b46f669332d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  ASCII C program text
Size:   47416
Md5:    d7a768bce1c2a3728b63af4261ff9694
Sha1:   a984cfa102eef0dd333d09c73375a5a0948126ab
Sha256: 430555e30091fe33176a6cf0469a24297d8b86374c5e6001aa82a8f42247c759

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /html/info10851347.html HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Length: 136217
Last-Modified: Fri, 28 Apr 2017 13:39:52 GMT
Accept-Ranges: bytes
Etag: "de3dd7e924c0d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   136217
Md5:    ada4b3d041d32f55cee160958a965350
Sha1:   4b348a3cc71516ee7ae78e697789e33ea974bcb8
Sha256: 3a6c2d8b5316024c05346aa9b1debdec51f82a31b06ada5f8def5015718e9d38

Alerts:
  Blacklists:
    - fortinet: Malware
  IDS:
    - ET CURRENT_EVENTS DRIVEBY EXE Embeded in Page Likely Evil M1
    - ET TROJAN RAMNIT.A M2
    - ET TROJAN RAMNIT.A M1
    - ET TROJAN PE EXE or DLL Windows file download Text
                                        
                                            GET /images/_dwrinterfaceNewsvoteDWR.js HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 1494
Last-Modified: Mon, 31 Oct 2016 01:20:52 GMT
Accept-Ranges: bytes
Etag: "fc709951533d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   1494
Md5:    5a03f81fa16f8b3843e4ab33a0994b40
Sha1:   ab9a5becf7eb7adf9cbd456cd4797ddee358926c
Sha256: 1a43d6facd97b91dd8609f4aa515c4ee75ec232e1261acbe699cd41d455b45db

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/systemresourcejsnewsnewscontent.js HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 10289
Last-Modified: Mon, 31 Oct 2016 01:20:53 GMT
Accept-Ranges: bytes
Etag: "ea81361533d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) English text, with CRLF line terminators
Size:   10289
Md5:    9cb978ee56666afaac51e5a49415b81d
Sha1:   8ba47620a5299c637077c6fd6c264624f6d3b8a9
Sha256: 7d0b2b60f8544e125b3e7ef97fc9fe64cc8fc21862da844c4adbf83f95ac6459

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/systemresourcejsdynclicks.js HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 3474
Last-Modified: Sun, 30 Oct 2016 09:53:09 GMT
Accept-Ranges: bytes
Etag: "c77a46b9332d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) text, with CRLF line terminators
Size:   3474
Md5:    2561c5a10d2059006a2ee239d9ded193
Sha1:   6cd6f5cd2fcb5b39553fe39bdaf39747111fc9ee
Sha256: 5d56867bfdea9d9e2ee9e65c538ae05d29c75cf6fe602ef211c3df6a325c25da

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/systemresourcejsajax.js HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 5127
Last-Modified: Sun, 30 Oct 2016 09:53:08 GMT
Accept-Ranges: bytes
Etag: "e0ca366b9332d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) C++ program text, with CRLF line terminators
Size:   5127
Md5:    94ccdfac6d79e3250f70e83b2c799aa3
Sha1:   dc14703575563e850cb2eac53659419dcba9788a
Sha256: ed87248762f8831b77e9811545dbe082a9d5a5a7babaca7e9a437aea07fe8e72

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/systemresourcejslanguage.js HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 15011
Last-Modified: Sun, 30 Oct 2016 09:53:07 GMT
Accept-Ranges: bytes
Etag: "80c32b6a9332d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) C++ program text, with very long lines, with CRLF line terminators
Size:   15011
Md5:    b8326b46dba11fdf5fb65a879e7eff0e
Sha1:   36252e6b974cff0c6d45ac86ed6dec931dfc7b84
Sha256: 64dccb6436f1f2ad643673f240ebb3cce73a654aec310e1f85022c63924cbee3

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /system/resource/code/datainput.jsp?owner=1257438836&e=1&w=1176&h=885&treeid=1085&refer=&pagename=L2NvbnRlbnQuanNw&newsid=1347 HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /images/imagesindex_08.gif HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 1575
Last-Modified: Sun, 30 Oct 2016 09:53:07 GMT
Accept-Ranges: bytes
Etag: "36bf886a9332d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 26 x 30
Size:   1575
Md5:    e4b0ff63c022fce71eb13f8afda69602
Sha1:   e941ba642048541c75bf77ad12ea1189eecbc0b8
Sha256: 0b35d9f958830f1e4c5867802ffe9dffdaf6a59af55c1a3f6f7daeb1103994d1
                                        
                                            GET /tongji.js HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 252
Last-Modified: Sat, 12 Nov 2016 17:20:24 GMT
Accept-Ranges: bytes
Etag: "57ce34e93dd21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   252
Md5:    f2cbc78c122a007044395cc3b115e715
Sha1:   e7742d7b2cff39e54f4782eb6873d1c348b3a32d
Sha256: 5b36f027eb8dac81629cc591a5a4bcd44b5ca300717033c34a5b8a7f28d02f4b

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST /system/dwr/call/plaincall/NewsvoteDWR.getNewsLinkUrl.dwr HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Referer: http://shengdaxy.com.cn/html/info10851347.html
Content-Length: 252
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         107.179.64.181
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /system/resource/code/news/click/dynclicks.jsp?clickid=1347&owner=1257438836&clicktype=wbnews HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            POST /system/dwr/call/plaincall/NewsvoteDWR.getVoteTitle.dwr HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Referer: http://shengdaxy.com.cn/html/info10851347.html
Content-Length: 229
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         107.179.64.181
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/banner2.jpg HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /images/imagesindex_05.gif HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 1578
Last-Modified: Sun, 30 Oct 2016 09:52:57 GMT
Accept-Ranges: bytes
Etag: "522ca1649332d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 27 x 30
Size:   1578
Md5:    50c6b6e279d5d04f6d6de84b6f51a7f4
Sha1:   4faf646ab18573e7b2c6c202a2470b292252ed0a
Sha256: 530d6d94776747b8ff974ddcfe6459c9e50bead7d81da8e487c9056684c96eb0
                                        
                                            GET /images/index_03.gif HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /hm.js?4db8f5e2528727a83a3fb7e2ce6017e9 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 9140
Date: Tue, 14 Aug 2018 18:49:18 GMT
Etag: cbf287374b534fe256e71f77d1fe939f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=025DB2D917A099D6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   9140
Md5:    3d118cb0ff79f39b969c6b78dd79e306
Sha1:   b7118985d5858e6b33ab1b86417328bd5e73eceb
Sha256: 73024a61a1cd2c418baea3545f4df05418d8f9e07f472fea9a954a3954860ed5
                                        
                                            GET /images/index_07.gif HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /images/imagesindex_10.gif HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 1551
Last-Modified: Sun, 30 Oct 2016 09:52:59 GMT
Accept-Ranges: bytes
Etag: "7ccee7659332d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 53 x 19
Size:   1551
Md5:    7a6bb8f40133d446176689fa7df5e5a9
Sha1:   8c20f3174e0c8db41dee4db1e18a03488d25fbed
Sha256: 4d85a0c99e73e00bce44c430a23480df22f5d35cef2cd21f9170f481ecd71007
                                        
                                            GET /images/list_lfbg1.gif HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1176x885&vl=754&et=0&fl=10.0&ja=1&ln=en-us&lo=0&rnd=63829438&si=4db8f5e2528727a83a3fb7e2ce6017e9&v=1.2.34&lv=1&ct=!!&tt=%E5%AE%89%E5%85%A8%E7%9A%84%E9%87%8D%E5%BA%86%E6%97%B6%E6%97%B6%E5%BD%A9%E6%8A%95%E6%B3%A8%E7%BD%91%E5%9D%80%E7%AC%AC%E4%BA%94%E6%9C%9F%E2%80%9C%E9%9D%92%E9%A9%AC%E5%B7%A5%E7%A8%8B%E2%80%9D%E7%8F%AD%E5%AD%A6%E5%91%98%E8%B5%B4%E4%BA%95%E5%86%88%E5%B1%B1%E5%8F%82%E5%8A%A0%E7%BA%A2%E8%89%B2%E6%95%99%E8%82%B2%E5%AE%9E%E8%B7%B5-%E5%85%B1%E9%9D%92%E5%9B%A2%E5%B9%BF%E4%B8%9C%E5%B7%A5%E4%B8%9A%E5%A4%A7%E5%AD%A6%E5%A7%94%E5%91%98%E4%BC%9A&sn=32674 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html
Cookie: HMACCOUNT=025DB2D917A099D6

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Tue, 14 Aug 2018 18:49:19 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /images/title_1.gif HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /images/systemresourceimagesresearchseach_bg.gif HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/images/info1085contentvsbcss.css

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 660
Last-Modified: Sun, 30 Oct 2016 09:53:21 GMT
Accept-Ranges: bytes
Etag: "e8878d729332d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 138 x 20
Size:   660
Md5:    0249010ec61b9c11f97181412913312f
Sha1:   0562af1cff2b31ddd86e8ce5b6d80404e2555290
Sha256: 74abae81759456177a4755d9c557db131126e2a166abb472d6811822081bcdcb
                                        
                                            GET /html/images/imagesleftdh_bg.gif HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /hm.js?4db8f5e2528727a83a3fb7e2ce6017e9 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html
Cookie: HMACCOUNT=025DB2D917A099D6
If-None-Match: cbf287374b534fe256e71f77d1fe939f

                                         
                                         103.235.46.191
HTTP/1.1 304 Not Modified
                                        
Cache-Control: max-age=0, must-revalidate
Date: Tue, 14 Aug 2018 18:49:19 GMT
Etag: cbf287374b534fe256e71f77d1fe939f
Server: apache


--- Additional Info ---
                                        
                                            GET /images/title_2.gif HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /images/index_endbg.gif HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /images/news.gdut.edu.cnDepartmentUploadFiles%E5%9B%A2%E5%A7%94images20160903001.JPG HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 265622
Last-Modified: Mon, 31 Oct 2016 01:22:05 GMT
Accept-Ranges: bytes
Etag: "f2b2d311533d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   265622
Md5:    50df0f9789e3ca81393d1576fdfdbb26
Sha1:   4a44735ba37b9dd9b26aa1018b674082c57d3004
Sha256: 3811ccce7c78b90d43e02d99abab1b84d4591d01a8f3c4f82600462bdc67388d

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/news.gdut.edu.cnDepartmentUploadFiles%E5%9B%A2%E5%A7%94images20160903005.jpg HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 95710
Last-Modified: Thu, 03 Nov 2016 04:06:30 GMT
Accept-Ranges: bytes
Etag: "b42bdda78735d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   95710
Md5:    0180a3d8b57b4abf215db7a47e09e68c
Sha1:   fd96e38b9f4773fa58812eb00b722c09446f5803
Sha256: 5d93caf1a6cb545d5b0b938119595ce5957661ab0786860091eb68f92fcdfb25
                                        
                                            GET /images/news.gdut.edu.cnDepartmentUploadFiles%E5%9B%A2%E5%A7%94images20160903004.JPG HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 212033
Last-Modified: Thu, 03 Nov 2016 04:06:28 GMT
Accept-Ranges: bytes
Etag: "fcf827a78735d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   212033
Md5:    ceacca4cf1a9895a26f8fe2bea146420
Sha1:   af1c0197c8d74de8df82bcaf1b31d2b7bc014d71
Sha256: ac3980dd947369b4acc9114aabde4515305603b75f7e19baf4cf3a4fc4d30295

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/news.gdut.edu.cnDepartmentUploadFiles%E5%9B%A2%E5%A7%94images20160903006.JPG HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://shengdaxy.com.cn/html/info10851347.html

                                         
                                         107.179.64.181
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 297025
Last-Modified: Thu, 03 Nov 2016 04:06:31 GMT
Accept-Ranges: bytes
Etag: "a6317a98735d21:76a8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   297025
Md5:    54c4a5ad52accb167f10004bcae12cbf
Sha1:   684dcd411d5830776c8c060993db14088b660efa
Sha256: 34fa5f63f0ed1aa81dce255a4cfeadaa6daceeb5296d07955edae676a27ba57a

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: Hm_lvt_4db8f5e2528727a83a3fb7e2ce6017e9=1534272559; Hm_lpvt_4db8f5e2528727a83a3fb7e2ce6017e9=1534272559

                                         
                                         107.179.64.181
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: shengdaxy.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: Hm_lvt_4db8f5e2528727a83a3fb7e2ce6017e9=1534272559; Hm_lpvt_4db8f5e2528727a83a3fb7e2ce6017e9=1534272559

                                         
                                         107.179.64.181
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 14 Aug 2018 23:09:42 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075