Overview

URL jk8923.cn/zhuantinvzi.html
IP107.179.119.239
ASNAS46573 Global Frag Networks
Location United States
Report completed2019-05-04 21:37:51 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-05-04 2 jk8923.cn/zhuantinvzi.html Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 107.179.119.239

Date UQ / IDS / BL URL IP
2019-05-21 01:02:14 +0200
0 - 0 - 1 jk8923.cn/html/newsruxuedayi2016-08-03317.html 107.179.119.239
2019-04-22 19:24:13 +0200
0 - 0 - 1 jk8923.cn/html/jiuyejiuyezhixing2016-07-21236.html 107.179.119.239
2019-04-05 01:06:09 +0200
0 - 0 - 1 jk8923.cn/videoremensp.html 107.179.119.239
2019-02-23 21:19:31 +0100
0 - 0 - 1 jk8923.cn/html/newsjituannews2016-07-25296.html 107.179.119.239
2019-02-13 20:01:37 +0100
0 - 0 - 1 jk8923.cn/html/videojiaoxue2016-08-0425.html 107.179.119.239
2018-12-23 05:31:29 +0100
0 - 0 - 1 jk8923.cn/html/shizishebeizhiguan2016-07-2123 (...) 107.179.119.239

Last 10 reports on ASN: AS46573 Global Frag Networks

Date UQ / IDS / BL URL IP
2019-06-10 18:25:41 +0200
0 - 0 - 1 lcxunjie.cn/html/hdxzxstd86190.html 107.179.119.78
2019-06-10 18:25:19 +0200
0 - 0 - 1 sdvmj.cn/html/info345....xbjjxbjj.html 107.179.119.158
2019-06-10 18:25:02 +0200
0 - 0 - 1 jxylmuye.cn/html/bmgkjgsz.html 107.179.119.198
2019-06-10 18:24:57 +0200
0 - 0 - 1 phyxgs.com.cn/html/zsjz14252847496.html 107.179.119.182
2019-06-10 17:50:47 +0200
0 - 0 - 1 lylhf.com.cn/html/jiuyebaozhanghezuodanwei201 (...) 107.179.119.197
2019-06-10 17:50:45 +0200
0 - 0 - 1 jensmay.cn/html/.tztg201611....hysqk.html 107.179.119.216
2019-06-10 17:50:11 +0200
0 - 0 - 1 lyjiuhua136.cn/html/hyzx7641.html 107.179.119.198
2019-06-10 17:49:34 +0200
0 - 0 - 1 jinaotanye.com.cn/htmlzt2016bkhpc_hashaymnR1.html 107.179.119.16
2019-06-10 17:49:17 +0200
0 - 0 - 2 lczhggwz.com.cn/xzzxxwbgzl.html 107.179.119.77
2019-06-10 17:48:36 +0200
0 - 0 - 2 lczhggwz.com.cn/html/jxsw234404.html 107.179.119.77

Last 10 reports on domain: jk8923.cn

Date UQ / IDS / BL URL IP
2019-05-21 01:02:14 +0200
0 - 0 - 1 jk8923.cn/html/newsruxuedayi2016-08-03317.html 107.179.119.239
2019-04-22 19:24:13 +0200
0 - 0 - 1 jk8923.cn/html/jiuyejiuyezhixing2016-07-21236.html 107.179.119.239
2019-04-05 01:06:09 +0200
0 - 0 - 1 jk8923.cn/videoremensp.html 107.179.119.239
2019-02-23 21:19:31 +0100
0 - 0 - 1 jk8923.cn/html/newsjituannews2016-07-25296.html 107.179.119.239
2019-02-13 20:01:37 +0100
0 - 0 - 1 jk8923.cn/html/videojiaoxue2016-08-0425.html 107.179.119.239
2018-12-23 05:31:29 +0100
0 - 0 - 1 jk8923.cn/html/shizishebeizhiguan2016-07-2123 (...) 107.179.119.239
2018-10-31 17:15:59 +0100
0 - 0 - 2 jk8923.cn/shizishebeizhengche.html 107.179.69.127
2018-10-13 08:32:48 +0200
0 - 0 - 1 jk8923.cn/zhuantikechengjinengzongheqichejidi (...) 209.99.40.223
2018-10-13 06:12:40 +0200
0 - 0 - 1 jk8923.cn/html/jiuyebaozhang2016-07-25290.html 209.99.40.223
2018-10-13 06:09:36 +0200
0 - 0 - 1 jk8923.cn/html/newsruxuedayi2016-08-03323.html 209.99.40.223


JavaScript

Executed Scripts (2)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 88, repeated: 1) - SHA256: de844c1d024759ef14d0995c1565e90cb4e4f2be0bb3896df1278cbc7cc4be3f

                                        < script src = 'https://s95.b9823852351323h.com/cp/001.js'
type = 'text/javascript' > < /script>
                                    


HTTP Transactions (10)


Request Response
                                        
                                            GET /zhuantinvzi.html HTTP/1.1 
Host: jk8923.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         107.179.119.239
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Sat, 04 May 2019 20:02:34 GMT
Content-Length: 1001
Last-Modified: Sat, 17 Nov 2018 10:33:07 GMT
Connection: keep-alive
Etag: "5befee63-3e9"
Server: Microsoft-IIS/8.5
IP-Addr: 77.40.129.123
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1001
Md5:    6afb4d526a4c28a4c2140c90addd2cc2
Sha1:   b0d65341c790e419570e706270e37f181ce369d6
Sha256: 8f202471f891926b8f510bea3e259670e17ab2ab7e575c50d65dd8fb91291999

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/zhuantinvzicsscsscss.css HTTP/1.1 
Host: jk8923.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jk8923.cn/zhuantinvzi.html

                                         
                                         107.179.119.239
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sat, 04 May 2019 20:02:34 GMT
Content-Length: 967
Last-Modified: Tue, 01 Nov 2016 11:12:04 GMT
Connection: keep-alive
Etag: "58187884-3c7"
Server: Microsoft-IIS/8.5
IP-Addr: 77.40.129.123
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C program text, with CRLF line terminators
Size:   967
Md5:    14fad30693ec35d087261b4290ef15c3
Sha1:   0fbd8c49116aa6e8a048b980b779f16d2f5547d0
Sha256: 33179d80ca65e0bbd531eb49717c0416b88e9ec88ad7c1330c92cb2cf39acfc8
                                        
                                            GET /yesads.js HTTP/1.1 
Host: jk8923.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jk8923.cn/zhuantinvzi.html

                                         
                                         107.179.119.239
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 04 May 2019 20:02:34 GMT
Content-Length: 107
Last-Modified: Sun, 16 Apr 2017 16:16:09 GMT
Connection: keep-alive
Etag: "58f398c9-6b"
Server: Microsoft-IIS/8.5
IP-Addr: 77.40.129.123
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   107
Md5:    2d8836322e6dbef9fb9bae6f88e1f426
Sha1:   6122bd04902333b90037e09d74fe4d987e570692
Sha256: b49114f04157381f856f22a91a61eabef288f3fb0245d1158b5983d5ffd107a6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sat, 04 May 2019 07:33:04 GMT
Etag: F424CA3EA8B0013D425F121754B08E42B7162627
X-OCSP-Responder-ID: mcdpcaocsp15
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=301544
Expires: Wed, 08 May 2019 07:23:03 GMT
Date: Sat, 04 May 2019 19:37:19 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    c8ec543df7449423155a62c1822f8568
Sha1:   f424ca3ea8b0013d425f121754b08e42b7162627
Sha256: d683abecaedc56fd318cb1a26b152b6aa8db0b7a48e981f105e11a19d825624f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Wed, 01 May 2019 15:20:45 GMT
Etag: D1D780D1F4F471E70305E3EA658337227F26387F
X-OCSP-Responder-ID: mcdpcaocsp2
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=329592
Expires: Wed, 08 May 2019 15:10:31 GMT
Date: Sat, 04 May 2019 19:37:19 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    cfca85a1efe4e358a9880941b5c258d7
Sha1:   d1d780d1f4f471e70305e3ea658337227f26387f
Sha256: 15c14c89ea7ee6a97641669cf6ea7ec53c2db5ba72211093394153b1eaa0c27a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Wed, 01 May 2019 15:20:45 GMT
Etag: BF75644F15A279C19DA43C7B76BD51428BCF1656
X-OCSP-Responder-ID: mcdpcaocsp2
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=329604
Expires: Wed, 08 May 2019 15:10:43 GMT
Date: Sat, 04 May 2019 19:37:19 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    da3010034dda8e2d015c14986686c021
Sha1:   bf75644f15a279c19da43c7b76bd51428bcf1656
Sha256: c61acfe607ee269bf93a483847e7f4b6f45daaad5509c9e170426f843308c409
                                        
                                            GET /images/imagesimg_17.jpg HTTP/1.1 
Host: jk8923.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jk8923.cn/images/zhuantinvzicsscsscss.css

                                         
                                         107.179.119.239
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sat, 04 May 2019 20:02:35 GMT
Last-Modified: Tue, 01 Nov 2016 11:12:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: W/"58187884-1070b"
Server: Microsoft-IIS/8.5
IP-Addr: 77.40.129.123
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   64241
Md5:    4d0c55fbc61cfca173d51b870c951b20
Sha1:   8aa2bef006f842bd80690925db20b02ccec17468
Sha256: 2f9352d5826fdb2ba20284f97c28c34d0b5a6c1e5ded37d228f48c879639175a
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: jk8923.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         107.179.119.239
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Sat, 04 May 2019 20:02:36 GMT
Content-Length: 166
Connection: keep-alive
Server: Microsoft-IIS/8.5
IP-Addr: 77.40.129.123


--- Additional Info ---
Magic:  HTML document text
Size:   166
Md5:    68b370690b488d04badc85eb3240a30b
Sha1:   522921200201872b838867b6925c7f840788d449
Sha256: 7ab4ab9fdc8e1ee7d30e1f35fcb4dc25c25f2703ad86a869c757e5c006b980d5
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: jk8923.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         107.179.119.239
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Sat, 04 May 2019 20:02:39 GMT
Content-Length: 166
Connection: keep-alive
Server: Microsoft-IIS/8.5
IP-Addr: 77.40.129.123


--- Additional Info ---
Magic:  HTML document text
Size:   166
Md5:    68b370690b488d04badc85eb3240a30b
Sha1:   522921200201872b838867b6925c7f840788d449
Sha256: 7ab4ab9fdc8e1ee7d30e1f35fcb4dc25c25f2703ad86a869c757e5c006b980d5
                                        
                                            GET /cp/001.js HTTP/1.1 
Host: s95.b9823852351323h.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jk8923.cn/zhuantinvzi.html

                                         
                                         0.0.0.0
                                        


--- Additional Info ---