Overview

URL www.jibaoclean.cn/
IP107.179.69.245
ASNAS46573 Global Frag Networks
Location United States
Report completed2018-05-17 02:44:09 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2018-05-17 02:43:38 CEST 1  107.179.69.245 Client IP ET CURRENT_EVENTS DRIVEBY EXE Embeded in Page Likely Evil M1
2018-05-17 02:43:39 CEST 1  107.179.69.245 Client IP ET TROJAN RAMNIT.A M1
2018-05-17 02:43:38 CEST 1  107.179.69.245 Client IP ET TROJAN PE EXE or DLL Windows file download Text
2018-05-17 02:43:38 CEST 1  107.179.69.245 Client IP ET TROJAN RAMNIT.A M2


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-05-17 2 www.jibaoclean.cn/yesads.js Malware
2018-05-17 2 www.jibaoclean.cn/images/skindefaultjsinc.js Malware
2018-05-17 2 www.jibaoclean.cn/images/skindefaultjsdefault.js Malware
2018-05-17 2 www.jibaoclean.cn/images/skindefaultjssliding.js Malware
2018-05-17 2 www.jibaoclean.cn/images/skindefaultjsswfobject.js Malware
2018-05-17 2 www.jibaoclean.cn/tongji.js Malware
2018-05-17 2 www.jibaoclean.cn/ Malware
2018-05-17 2 www.jibaoclean.cn/images/skindefaultjsjquery-1.2.6.min.js Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 107.179.69.245

Date UQ / IDS / BL URL IP
2018-10-10 20:00:17 +0200
0 - 0 - 1 longyan-cf.com.cn/ 107.179.69.245
2018-10-10 19:26:49 +0200
0 - 0 - 1 longyan-cf.com.cn/jgszhszx.html 107.179.69.245
2018-10-10 17:35:56 +0200
0 - 0 - 1 longyan-cf.com.cn/jgsz.html 107.179.69.245
2018-10-10 17:21:23 +0200
0 - 0 - 1 longyan-cf.com.cn/html/tzgg227318.html 107.179.69.245
2018-10-10 05:05:00 +0200
0 - 0 - 1 jibaoclean.cn/ 107.179.69.245
2018-10-09 12:45:44 +0200
0 - 0 - 1 jibaoclean.cn/html/xygk2016-06-25132.html 107.179.69.245
2018-10-09 11:38:15 +0200
0 - 0 - 1 jibaoclean.cn/html/xygk2016-06-06120.html 107.179.69.245
2018-10-09 11:00:15 +0200
0 - 0 - 1 jibaoclean.cn/html/zhaosxx2016-06-03118.html 107.179.69.245
2018-10-09 09:08:12 +0200
0 - 0 - 1 jibaoclean.cn/html/zhaosxx2016-06-07122.html 107.179.69.245
2018-10-09 05:51:06 +0200
0 - 0 - 2 jibaoclean.cn/html/news2016-05-24108.html 107.179.69.245

Last 10 reports on ASN: AS46573 Global Frag Networks

Date UQ / IDS / BL URL IP
2018-10-16 01:07:39 +0200
0 - 3 - 0 zbcaijing.com/html/3591.html 104.223.149.181
2018-10-16 00:38:34 +0200
0 - 0 - 0 track.ecampaign-stats.com/eP4Z7JsG2NpFvu9D?_xEM 209.148.95.13
2018-10-15 19:55:57 +0200
0 - 4 - 0 ahnjjx.com/html/jyys178326.html 104.223.149.208
2018-10-15 16:23:02 +0200
0 - 0 - 0 mk1.fjlnh.com/oem/u.php?p=vx/rs/zaa/w1/vy/rs 104.223.230.211
2018-10-15 10:23:11 +0200
0 - 4 - 0 shyuxinedu.com/html/yiwenjiedameirong343.html 104.223.149.201
2018-10-14 12:16:54 +0200
0 - 4 - 2 xhuayi.com/html/col13121871456712012053113384 (...) 104.223.149.107
2018-10-14 11:56:41 +0200
0 - 4 - 1 huiyi1917.com/html/courseeducation1113.html 104.223.149.11
2018-10-14 11:41:42 +0200
0 - 0 - 2 sichangsm.com/html/shiliang92091.html 104.223.149.172
2018-10-14 11:41:26 +0200
0 - 4 - 2 xarsb.com/html/.zqnj201112t20111206_30140.html 104.223.149.102
2018-10-14 11:21:32 +0200
0 - 4 - 0 www.astkq.com/html/info1044....index.html 104.223.149.10

No other reports on domain: jibaoclean.cn



JavaScript

Executed Scripts (16)


Executed Evals (0)


Executed Writes (2)

#1 JavaScript::Write (size: 376, repeated: 1) - SHA256: 249d345422133e4a0dfa44188f6885b100763515570cbfd8f20f6baa8200c0a2

                                        < div style = "display:none;" > < table width = "100%"
border = "0"
cellspacing = "0"
cellpadding = "0"
id = "AjaxEditTable" > < tr > < td class = "head" > < h3 class = "L" > < /h3><h3 class="R"></h
3 > < span class = "eidtmodule"
onclick = "this.offsetParent.offsetParent.offsetParent.style.display='none'"
onMouseOver = "this.style.cursor='hand'" > s� < /span></td > < /tr><tr> <td class="middle"></td > < /tr></table > < /div>
                                    

#2 JavaScript::Write (size: 88, repeated: 1) - SHA256: de844c1d024759ef14d0995c1565e90cb4e4f2be0bb3896df1278cbc7cc4be3f

                                        < script src = 'https://s95.b9823852351323h.com/cp/001.js'
type = 'text/javascript' > < /script>
                                    


HTTP Transactions (34)


Request Response
                                        
                                            GET /yesads.js HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 107
Last-Modified: Sun, 16 Apr 2017 16:16:07 GMT
Accept-Ranges: bytes
Etag: "6cded8c0ccb6d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:35 GMT


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   107
Md5:    2d8836322e6dbef9fb9bae6f88e1f426
Sha1:   6122bd04902333b90037e09d74fe4d987e570692
Sha256: b49114f04157381f856f22a91a61eabef288f3fb0245d1158b5983d5ffd107a6

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/skindefaultjsinc.js HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 3119
Last-Modified: Sun, 30 Oct 2016 02:28:55 GMT
Accept-Ranges: bytes
Etag: "6ee5d05c5532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:35 GMT


--- Additional Info ---
Magic:  ISO-8859 C++ program text, with CRLF line terminators
Size:   3119
Md5:    2096fbb8533e4f9f57cefaf7072274a4
Sha1:   b79462270445e12e64541b6cfa3f6fafd5f5daec
Sha256: 6682ad26fe74fcd1076f8c581e56ba76353d4654f9d7e2adbc10eba339385bc4

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/skindefaultcssstylecss.css HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 7018
Last-Modified: Sun, 30 Oct 2016 02:29:06 GMT
Accept-Ranges: bytes
Etag: "b489ea625532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:35 GMT


--- Additional Info ---
Magic:  ISO-8859 C program text, with CRLF line terminators
Size:   7018
Md5:    e4e84ef17e7a0e665bb0f803bf9667ab
Sha1:   f78714b21a0a70c493d7b8db1685108594ca7176
Sha256: dbf819f19d52df5a2a418b2fd0e655ac5594d0502efcf7a5863bd5f11e38d215
                                        
                                            GET /images/skindefaultjsdefault.js HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 6502
Last-Modified: Sun, 30 Oct 2016 02:28:55 GMT
Accept-Ranges: bytes
Etag: "c847d35c5532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:35 GMT


--- Additional Info ---
Magic:  ISO-8859 text, with very long lines, with CRLF line terminators
Size:   6502
Md5:    f2d5a2a72ccbb316196dd555e26a197c
Sha1:   fdc83da3fc8ecff1a1fa5f196d8749462c5fdf2b
Sha256: 2fa6964a8c16290bbe2022b093ef42aec2df08b9aba15a15e57c4448abaa2384

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/skindefaultcsscmscss.css HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 10634
Last-Modified: Sun, 30 Oct 2016 02:29:06 GMT
Accept-Ranges: bytes
Etag: "7675f6625532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:35 GMT


--- Additional Info ---
Magic:  ISO-8859 text, with CRLF line terminators
Size:   10634
Md5:    d622b5ed4a17426090c4be690ff21385
Sha1:   8021715f36a41f72fdafefccc00cf3efc136696c
Sha256: a7a4d8077a1bc7d5c4a2bcffb56bb7b1a3052e73d5126d75dd4cb728aaef2b43
                                        
                                            GET /images/skindefaultjssliding.js HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 316
Last-Modified: Sun, 30 Oct 2016 02:28:55 GMT
Accept-Ranges: bytes
Etag: "30d1dc5c5532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:35 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode text, with CRLF line terminators
Size:   316
Md5:    83f988e00ee5dee243d0583d075e0d0e
Sha1:   def42ce28250bca16489edad245973bbffdfb684
Sha256: 50688979cc4a9ff7b9255053e11c7a22ffac154f5bdc1f59aaa9b6b0e33bcb04

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/skindefaultjsswfobject.js HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 6880
Last-Modified: Sun, 30 Oct 2016 02:28:55 GMT
Accept-Ranges: bytes
Etag: "22aad55c5532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:35 GMT


--- Additional Info ---
Magic:  ASCII English text, with very long lines
Size:   6880
Md5:    66d41ec7090bbdde87e09a309dea6661
Sha1:   46188f21bc027c8ac04354ec2685bc5b9fb5e725
Sha256: f2172868bc46d74ad32f2715bc25a8716e07a784b2ecb24d9d077d2125c6c993

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/skindefaultcssicon4.gif HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 452
Last-Modified: Sun, 30 Oct 2016 02:28:55 GMT
Accept-Ranges: bytes
Etag: "d66eda5c5532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:35 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 24 x 22
Size:   452
Md5:    d03d5f032fadec7a3d93c86958b688a3
Sha1:   4977d256fc6d6c387e7f6d172f90b6d073955526
Sha256: 149f6a446f64e8742135f180d89eb63808ca32ab33d3958a752aad6013d15102
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=165103
Date: Thu, 17 May 2018 00:43:38 GMT
Etag: "5afc9d0a-1d7"
Expires: Fri, 18 May 2018 22:35:21 GMT
Last-Modified: Wed, 16 May 2018 21:05:14 GMT
Server: ECS (arn/4692)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    8a6bd7279e8cd618a7f8e174ae775ca5
Sha1:   ebe6244d5e1f424e4af891c835ad2d6bb6af80e3
Sha256: 03892435d531bc4bfe0e40c4ad489c0c2abe4f0aa0c0239170cccb292016645a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=162047
Date: Thu, 17 May 2018 00:43:38 GMT
Etag: "5afc7b0b-1d7"
Expires: Fri, 18 May 2018 21:14:34 GMT
Last-Modified: Wed, 16 May 2018 18:40:11 GMT
Server: ECS (arn/469D)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    46250738b7a0df4551e10d895f490cf9
Sha1:   2327d3e91ec90e8db006e6ecbacc9ded9c0b651f
Sha256: 89db690d0e491e0f6e149b17507bbc8c81d54dfbce187eb30f22d4f53a6f535c
                                        
                                            GET /images/skindefaultcssindexcss.css HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 16969
Last-Modified: Sun, 30 Oct 2016 02:29:09 GMT
Accept-Ranges: bytes
Etag: "20aed5645532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:35 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) C program text, with CRLF line terminators
Size:   16969
Md5:    b67152d8415e720a13d80199ea07ca25
Sha1:   a4fd5436513ae1bb1f55fd3cb17ec8f1113fa489
Sha256: 7da68896df65680cef7049b58f8214c3c8b850d2472be0f90bddce1885140619
                                        
                                            GET /tongji.js HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 252
Last-Modified: Sat, 12 Nov 2016 17:13:18 GMT
Accept-Ranges: bytes
Etag: "c964ebf83dd21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:36 GMT


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   252
Md5:    dc440c2025e870f1e78bd0cfc53500ae
Sha1:   d958c753602b336fc14c4a0b0570b4ea93a2d4c2
Sha256: 36e307ce12bf62576468e6f0a0d4b341769054c726ab19aca7404379f6bcce02

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET / HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Length: 137674
Content-Location: http://www.jibaoclean.cn/index.html
Last-Modified: Fri, 28 Apr 2017 05:30:00 GMT
Accept-Ranges: bytes
Etag: "b03f437be0bfd21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:33 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   137674
Md5:    850daa43d8dee188c8b95e0b4babe51a
Sha1:   5113ecb72322ceb2882f3262007c661c9b8c38ce
Sha256: a096996c93770222d7825b1823b70a4689bca559d41c9ac1987dfeee3caaa443

Alerts:
  Blacklists:
    - fortinet: Malware
  IDS:
    - ET CURRENT_EVENTS DRIVEBY EXE Embeded in Page Likely Evil M1
    - ET TROJAN RAMNIT.A M1
    - ET TROJAN PE EXE or DLL Windows file download Text
    - ET TROJAN RAMNIT.A M2
                                        
                                            GET /images/skindefaultcsslogo.gif HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 19790
Last-Modified: Sun, 30 Oct 2016 02:28:55 GMT
Accept-Ranges: bytes
Etag: "d66eda5c5532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:35 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 231 x 94
Size:   19790
Md5:    63f5f1b7f7bb8404347fe3d0141c5409
Sha1:   5b4effe6d8880ebba972dfd220a4571c1dcb416b
Sha256: f89aa38d2ef5527625960c2544f46de8185d5c80f79823bb5f890a0cddc3c6aa
                                        
                                            GET /images/skindefaultjsjquery-1.2.6.min.js HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 91327
Last-Modified: Sun, 30 Oct 2016 02:28:55 GMT
Accept-Ranges: bytes
Etag: "7ccd85c5532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:35 GMT


--- Additional Info ---
Magic:  ASCII C program text, with very long lines
Size:   91327
Md5:    09fc784c56959ccb6a6a9f3afed688fc
Sha1:   76f23abe1d515339fb23a05862513cb76d093dfd
Sha256: 38d5992fb49cffb0c616aa39e7acc811a6b7daa961aa10b2fd4fe7699c1a16ce

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/skindefaultcssSearch.gif HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 2049
Last-Modified: Sun, 30 Oct 2016 02:28:55 GMT
Accept-Ranges: bytes
Etag: "d66eda5c5532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:36 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 65 x 23
Size:   2049
Md5:    47dc868258503fb27413bba38dbc29a5
Sha1:   bcd289d1bd68c94d2885c940d7a8da1b8fa57eb5
Sha256: 887bfaca6ba755a1c403f77daa73f867b86b5772ed300295f8e907880f9c555a
                                        
                                            GET /images/topbga.gif HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/images/skindefaultcssstylecss.css

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 151
Last-Modified: Sun, 30 Oct 2016 02:29:05 GMT
Accept-Ranges: bytes
Etag: "4c0e1625532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:36 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 28
Size:   151
Md5:    c94566616dd1ef589a5d12a014273026
Sha1:   31d1c181e5d93183c0c2be9d01bf5106ab8b7380
Sha256: 2d89f9967b541deab0d05c539a4489d68acf5cda7c284071d2bfc21ee34ee0d4
                                        
                                            GET /images/menu_note.gif HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/images/skindefaultcssstylecss.css

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 530
Last-Modified: Sun, 30 Oct 2016 02:29:06 GMT
Accept-Ranges: bytes
Etag: "0c5e5625532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:36 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 8 x 18
Size:   530
Md5:    1222c7b01a56785c49123741adf90d63
Sha1:   8d9b12b1209160e4d8130ba4066b0fb536bee7d6
Sha256: 06324dd0da47c0a40c43b4804a6a69ea0c3f617962f312fb29f92cf0563056a8
                                        
                                            GET /images/header_menu.gif HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/images/skindefaultcssstylecss.css

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 3000
Last-Modified: Sun, 30 Oct 2016 02:29:05 GMT
Accept-Ranges: bytes
Etag: "a662e3625532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:36 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 990 x 38
Size:   3000
Md5:    d372b348154d4a1bfde60f52259fa835
Sha1:   d9ac640f4a0ba6e1e54297606d708ed6bb16fec4
Sha256: 14a98353774734a3fd92ec18a990da53ec0ec74faa711cfee137105f887a5910
                                        
                                            GET /images/menu_spacing.gif HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/images/skindefaultcssstylecss.css

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 1094
Last-Modified: Sun, 30 Oct 2016 02:29:05 GMT
Accept-Ranges: bytes
Etag: "a662e3625532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:36 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 14
Size:   1094
Md5:    95887f00bbbbdeb7814235fd20d41a73
Sha1:   3901a6113919255571e6518ec8d3586133af5e55
Sha256: 990e027201ae38481bd996e28d3e8f7b220d3da248c75dc37f45e0f47889aa66
                                        
                                            GET /images/menu_post.gif HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/images/skindefaultcssstylecss.css

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 1102
Last-Modified: Sun, 30 Oct 2016 02:29:06 GMT
Accept-Ranges: bytes
Etag: "0c5e5625532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:36 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 2 x 38
Size:   1102
Md5:    756b11330dc69220c2e2544ca202b343
Sha1:   217c57fa12f318400a802697f116615453ce1f60
Sha256: f954c5d229e6ab633a76e0f190141277b28703937c496ac7716ad3df3af66642
                                        
                                            GET /images/menuon.gif HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/images/skindefaultcssstylecss.css

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 1710
Last-Modified: Sun, 30 Oct 2016 02:29:06 GMT
Accept-Ranges: bytes
Etag: "0c5e5625532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:36 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 120 x 200
Size:   1710
Md5:    290ae139406b78889519629a46e5a188
Sha1:   894fb42a0731006c760b40c232df92d786108e3e
Sha256: 16d2f2a6defb6ae5cf0c813cd1b3c7dcc3a09d8778aed716dfd8c4ee1244f705
                                        
                                            GET /images/index_hl3.gif HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/images/skindefaultcssindexcss.css

                                         
                                         107.179.69.245
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:37 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /images/index_bottom.gif HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/images/skindefaultcssindexcss.css

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 1135
Last-Modified: Sun, 30 Oct 2016 02:29:06 GMT
Accept-Ranges: bytes
Etag: "defeff625532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:37 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 400 x 2
Size:   1135
Md5:    aa2c1e1701b8e1a2585c89c359133657
Sha1:   aff070e31c8b62c49b600a8156c99fdcdfb7107a
Sha256: e53aaadb14024a2ee98e3e8e65dadd6650a332996da21062d69f958a688fb441
                                        
                                            GET /images/index_icon4.gif HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/images/skindefaultcssindexcss.css

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 50
Last-Modified: Sun, 30 Oct 2016 02:29:09 GMT
Accept-Ranges: bytes
Etag: "20aed5645532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:37 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 3 x 3
Size:   50
Md5:    8afa99e8a97026837cbb8cd364595997
Sha1:   30ca52a5d3c6882e3735bf9870e5621bc2d9d022
Sha256: 156bcdb7e2a219d07b3fcb6ba52e32e1cf01af0d23f508f2368be1966c7e9b06
                                        
                                            GET /images/index_hbg.gif HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/images/skindefaultcssindexcss.css

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 1307
Last-Modified: Sun, 30 Oct 2016 02:29:06 GMT
Accept-Ranges: bytes
Etag: "849cfd625532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:37 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 991 x 33
Size:   1307
Md5:    723be5552b2887be3bf3a8b8442ca895
Sha1:   d11e65de705ddd47fa02e10b1f0dd70f91271afc
Sha256: 7ff78c16b55a9f024530bbc4350074f1649ee9c07aa375c8a72e8bbbe95daa1d
                                        
                                            GET /images/index_hl4.gif HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/images/skindefaultcssindexcss.css

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 1605
Last-Modified: Sun, 30 Oct 2016 02:29:06 GMT
Accept-Ranges: bytes
Etag: "defeff625532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:37 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 231 x 36
Size:   1605
Md5:    30282bdeecbc157af8fef3eeb5dedf5f
Sha1:   ad6034f698ac3d909f2c8e81dbea02cc2412d918
Sha256: d60061afc81d6b3f2076502e1c4b2b887d0d6608f31c96c635ebbc346729a161
                                        
                                            GET /images/footbg.gif HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/images/skindefaultcssstylecss.css

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 166
Last-Modified: Sun, 30 Oct 2016 02:29:06 GMT
Accept-Ranges: bytes
Etag: "b489ea625532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:37 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 2 x 29
Size:   166
Md5:    56e674b1704d377cc40bf0d592d05083
Sha1:   830c65301a359bfb0c4b3fab546509c6e94a8df5
Sha256: 6228ac1b1f4244ec6ae64d0d97346ae8f51fd9c13aca2521980ebadcb1fe720f
                                        
                                            GET /images/dfilexygk2013-12-246049e93e3a128b917b8d734c80f88cbc.jpg HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 133913
Last-Modified: Sun, 30 Oct 2016 02:28:55 GMT
Accept-Ranges: bytes
Etag: "985ae65c5532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:36 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 500 x 375
Size:   133913
Md5:    a481179ac57d8d92bb172616301143ce
Sha1:   bad53f52b49bc538e462959fcc36067f82251329
Sha256: d12ebac8cc96ff9cf34f46d0c03759ef31abf1a3bd949a56e29aed59dee14358
                                        
                                            GET /images/indexbg1.gif HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/images/skindefaultcssindexcss.css

                                         
                                         107.179.69.245
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 3148
Last-Modified: Sun, 30 Oct 2016 02:29:06 GMT
Accept-Ranges: bytes
Etag: "2a3afb625532d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:36 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 500 x 400
Size:   3148
Md5:    3ef4b2a2ec2612224bca5fa36298ee68
Sha1:   4055515fd8058a9f1405c5df91d5567d3b5f90a1
Sha256: cd5addce34a0154cc5ac742a6a81a3cca8fb8d79dee1eb5a04d0a0e1e721f430
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         107.179.69.245
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:38 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.jibaoclean.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         107.179.69.245
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:31:41 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /cp/001.js HTTP/1.1 
Host: s95.b9823852351323h.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /hm.js?f53da8843726457e9c5c6862188915be HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jibaoclean.cn/

                                         
                                         0.0.0.0
                                        


--- Additional Info ---