Overview

URL www.lx2003.cn/html/info10111023.html
IP107.179.64.239
ASNAS46573 Global Frag Networks
Location United States
Report completed2017-11-13 07:49:43 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2017-11-13 2 www.lx2003.cn/images/_sitegray_sitegray.js Malware
2017-11-13 2 www.lx2003.cn/images/systemresourcejscounter.js Malware
2017-11-13 2 www.lx2003.cn/yesads.js Malware
2017-11-13 2 www.lx2003.cn/images/jsjquery.min.js Malware
2017-11-13 2 www.lx2003.cn/images/systemresourcejsdynclicks.js Malware
2017-11-13 2 www.lx2003.cn/images/_dwrinterfaceNewsvoteDWR.js Malware
2017-11-13 2 www.lx2003.cn/images/systemresourcejsajax.js Malware
2017-11-13 2 www.lx2003.cn/html/info10111023.html Malware
2017-11-13 2 www.lx2003.cn/images/systemresourcejsnewsnewscontent.js Malware
2017-11-13 2 www.lx2003.cn/tongji.js Malware
2017-11-13 2 www.lx2003.cn/images/_dwrengine.js Malware
2017-11-13 2 www.lx2003.cn/images/systemresourcejsjqueryjquery-latest.min.js Malware
2017-11-13 2 www.lx2003.cn/system/dwr/call/plaincall/NewsvoteDWR.getNewsLinkUrl.dwr Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 4 reports on IP: 107.179.64.239

Date UQ / IDS / BL URL IP
2017-11-02 09:58:40 +0100
0 - 3 - 9 www.lx2003.cn/html/ltgz.html 107.179.64.239
2017-10-31 22:50:56 +0100
0 - 4 - 13 www.lx2003.cn/html/info10031028.html 107.179.64.239
2017-10-09 13:53:11 +0200
0 - 0 - 1 www.lx2003.cn/ 107.179.64.239
2017-08-28 20:54:17 +0200
0 - 0 - 13 www.lx2003.cn/html/info10111025.html 107.179.64.239

Last 10 reports on ASN: AS46573 Global Frag Networks

Date UQ / IDS / BL URL IP
2017-11-24 00:46:26 +0100
0 - 4 - 13 ly707.com.cn/html/info19633502.html 107.179.64.198
2017-11-23 22:21:42 +0100
0 - 0 - 1 www.taylor-carls.com/ 104.148.122.237
2017-11-23 11:23:07 +0100
0 - 0 - 1 51zjjj.com/qspace/hompy_index_main.aspusername=hmj 157.52.209.135
2017-11-23 11:20:51 +0100
0 - 0 - 1 51zjjj.com/qspace/hompy_index_left.aspusernam (...) 157.52.209.135
2017-11-23 09:43:50 +0100
0 - 7 - 6 sxstwl360.com/ 104.223.149.227
2017-11-23 07:33:36 +0100
0 - 0 - 1 jun005202yi.cn/html/info1095....indexnews.jsp (...) 107.179.69.203
2017-11-23 05:00:54 +0100
0 - 0 - 1 www.lhzhende.cn/html/xl_list.jspurltypetree.T (...) 107.179.69.117
2017-11-23 02:17:29 +0100
0 - 0 - 1 m.peizhvn.cn/ 192.200.212.124
2017-11-22 23:13:51 +0100
0 - 4 - 14 lhw168.com.cn/html/info10071783.html 107.179.69.126
2017-11-22 23:13:11 +0100
0 - 4 - 7 promedex.com.cn/html/zdxk1sjzdxk.html 107.179.64.53

No other reports on domain: lx2003.cn



JavaScript

Executed Scripts (18)


Executed Evals (0)


Executed Writes (6)

#1 JavaScript::Write (size: 62, repeated: 1) - SHA256: 918566ef3ce2d1aa6e0bd076527b84a67d0c2d930cb8de0e4ca978948553b4b6

                                        < meta http - equiv = "X-UA-Compatible"
content = "IE=edge,chrome=1" >
                                    

#2 JavaScript::Write (size: 39, repeated: 1) - SHA256: 99a94ea8db124489c35731188bcfaefd07ace73e5c7a9d6453a3cd930d20577c

                                        < meta name = "renderer"
content = "webkit" >
                                    

#3 JavaScript::Write (size: 88, repeated: 1) - SHA256: 8c624108a27a4268ce8b2bae04fc30452f065cd8aaa118c1abbf50bc1a331f98

                                        < meta name = "viewport"
content = "width=device-width, initial-scale=1.0, user-scalable=no" >
                                    

#4 JavaScript::Write (size: 88, repeated: 1) - SHA256: f37e595fa25e7d939293b9fdae5fd21b4bcbd3f58631a4d4134bedc27554b990

                                        < script src = 'https://s95.b9823852351323h.com/cp/002.js'
type = 'text/javascript' > < /script>
                                    

#5 JavaScript::Write (size: 77, repeated: 1) - SHA256: 49dd7192e5ec95072b666f5f510c66b983ecc77c48833564ee35b24b8bba7285

                                        < span id = "dynclicks_wbnews_1023_487"
name = "dynclicks_wbnews_1023_487" > < /span>
                                    

#6 JavaScript::Write (size: 201, repeated: 1) - SHA256: 5bbba051e036cd1348ce8d653eb361e558189d0ca08c6d0640c85414e23a22ad

                                        < style > * {
    margin: 0!important;padding: 0!important
}
html, body {
    height: 100 % !important;width: 100 % !important;min - width: 100 % !important;max - width: 100 % !important
}
body * : not(iframe) {
    display: none!important
} < /style>
                                    


HTTP Transactions (28)


Request Response
                                        
                                            GET /images/info1011_sitegray_sitegraycss.css HTTP/1.1 
Host: www.lx2003.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.lx2003.cn/html/info10111023.html

                                         
                                         107.179.64.239
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 20
Last-Modified: Mon, 31 Oct 2016 04:17:04 GMT
Accept-Ranges: bytes
Etag: "86eeefa22d33d21:6cd3"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 13 Nov 2017 22:53:14 GMT


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   20
Md5:    311749c1d5f9bcf240ca9c25eae61f47
Sha1:   29703f0938cab5945db52e553f3f22cbd7f0b478
Sha256: 183f83b69b6f7ced023f06bc9b98b2d00c9e08b5c627c1f6e9002f48f0bbfb5c
                                        
                                            GET /images/_sitegray_sitegray.js HTTP/1.1 
Host: www.lx2003.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.lx2003.cn/html/info10111023.html

                                         
                                         107.179.64.239
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 95
Last-Modified: Sun, 30 Oct 2016 09:42:47 GMT
Accept-Ranges: bytes
Etag: "ea51f99132d21:6cd3"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 13 Nov 2017 22:53:14 GMT


--- Additional Info ---
Magic:  ASCII C program text, with CRLF line terminators
Size:   95
Md5:    cb16b8b2fae1a2cb3ddba43817fdc763
Sha1:   c1bb1153a3ebb528f86fa5cc57ddd4bfbe9bd4af
Sha256: 66897f9cf68b725abd635d7dc7c1f4e91c80a41779c91bd25cf3a504d8f07407

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/info1011cssmenucss.css HTTP/1.1 
Host: www.lx2003.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.lx2003.cn/html/info10111023.html

                                         
                                         107.179.64.239
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 705
Last-Modified: Mon, 31 Oct 2016 04:17:04 GMT
Accept-Ranges: bytes
Etag: "16b6b6a22d33d21:6cd3"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 13 Nov 2017 22:53:14 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) text, with CRLF line terminators
Size:   705
Md5:    0afcfea9c1e9186ad92d861103d2d1a3
Sha1:   47fc00137d966204cd305c894ae33a4c6e06e138
Sha256: ef47e39105ca6e09e670198e9bdcb0541c7ebfb5e1c81aad8f35aea08980bf1b
                                        
                                            GET /images/info1011nryvsbcss.css HTTP/1.1 
Host: www.lx2003.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.lx2003.cn/html/info10111023.html

                                         
                                         107.179.64.239
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 1875
Last-Modified: Mon, 31 Oct 2016 04:17:05 GMT
Accept-Ranges: bytes
Etag: "f62629a32d33d21:6cd3"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 13 Nov 2017 22:53:14 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode text
Size:   1875
Md5:    ad36a88c44a6e336960ebe36a8d99de8
Sha1:   23b2a030f15a218e29f97621fe0a75a1fe53c517
Sha256: cfc53e5c0a6ef174ca487982e9b69ccb6f2178053c6e2807ad73fc0841101672
                                        
                                            GET /images/systemresourcejscounter.js HTTP/1.1 
Host: www.lx2003.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.lx2003.cn/html/info10111023.html

                                         
                                         107.179.64.239
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 1329
Last-Modified: Sun, 30 Oct 2016 09:42:48 GMT
Accept-Ranges: bytes
Etag: "b4a03cf99132d21:6cd3"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 13 Nov 2017 22:53:14 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
Size:   1329
Md5:    7d62c6043b946796b8446a113629e597
Sha1:   650f80553b43a5518814a92f1185ecd3d31a13fe
Sha256: ac09ff2c779832d9df2e3370a647bce1422ada5e0faa7195b135a03559c61b56

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /yesads.js HTTP/1.1 
Host: www.lx2003.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.lx2003.cn/html/info10111023.html

                                         
                                         107.179.64.239
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 107
Last-Modified: Mon, 17 Apr 2017 00:25:57 GMT
Accept-Ranges: bytes
Etag: "90f6e42e11b7d21:6cd3"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 13 Nov 2017 22:53:14 GMT


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   107
Md5:    0f29f40bb734fb936ee1d5073755377b
Sha1:   6aedfb1e71e1b5bf8ae35a1402a42aae3d8f25ec
Sha256: 09c0e538f739853e7e8a604fc0d49732fef675043e1452d9b35d5c4acadf7fd7

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/info1011csscsscss.css HTTP/1.1 
Host: www.lx2003.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.lx2003.cn/html/info10111023.html

                                         
                                         107.179.64.239
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 7937
Last-Modified: Mon, 31 Oct 2016 04:17:03 GMT
Accept-Ranges: bytes
Etag: "a67d7da22d33d21:6cd3"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 13 Nov 2017 22:53:14 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode C program text, with CRLF line terminators
Size:   7937
Md5:    0b0937137440a594cb95cba2f68a80ba
Sha1:   4578b9c2e55623244f0da09005280acf1196db1d
Sha256: e8f7a259c85eee9c495a539210ce4becd02578769a7e9af8ff13242afeb09f0e
                                        
                                            GET /images/jsjquery.min.js HTTP/1.1 
Host: www.lx2003.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.lx2003.cn/html/info10111023.html

                                         
                                         107.179.64.239
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 55774
Last-Modified: Sun, 30 Oct 2016 09:42:47 GMT
Accept-Ranges: bytes
Etag: "7acdc7f89132d21:6cd3"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 13 Nov 2017 22:53:14 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) C program text, with very long lines, with CRLF line terminators
Size:   55774
Md5:    652bda55c3e23f2d66ee020cacba11eb
Sha1:   bcae1d3e242adb561ad8b983230b789f126b0311
Sha256: 05e6e907e8a7bced0aeb895de75acdc45ada2e65884462b2674a18798d623a05

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/systemresourcejsdynclicks.js HTTP/1.1 
Host: www.lx2003.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.lx2003.cn/html/info10111023.html

                                         
                                         107.179.64.239
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 3474
Last-Modified: Sun, 30 Oct 2016 09:42:49 GMT
Accept-Ranges: bytes
Etag: "5eaceaf99132d21:6cd3"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 13 Nov 2017 22:53:16 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) text, with CRLF line terminators
Size:   3474
Md5:    2561c5a10d2059006a2ee239d9ded193
Sha1:   6cd6f5cd2fcb5b39553fe39bdaf39747111fc9ee
Sha256: 5d56867bfdea9d9e2ee9e65c538ae05d29c75cf6fe602ef211c3df6a325c25da

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/_dwrinterfaceNewsvoteDWR.js HTTP/1.1 
Host: www.lx2003.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.lx2003.cn/html/info10111023.html

                                         
                                         107.179.64.239
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 1494
Last-Modified: Mon, 31 Oct 2016 04:16:54 GMT
Accept-Ranges: bytes
Etag: "a8d3df9c2d33d21:6cd3"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 13 Nov 2017 22:53:16 GMT


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   1494
Md5:    5a03f81fa16f8b3843e4ab33a0994b40
Sha1:   ab9a5becf7eb7adf9cbd456cd4797ddee358926c
Sha256: 1a43d6facd97b91dd8609f4aa515c4ee75ec232e1261acbe699cd41d455b45db

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/systemresourcejsajax.js HTTP/1.1 
Host: www.lx2003.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.lx2003.cn/html/info10111023.html

                                         
                                         107.179.64.239
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 6767
Last-Modified: Mon, 31 Oct 2016 04:16:55 GMT
Accept-Ranges: bytes
Etag: "6a4929d2d33d21:6cd3"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 13 Nov 2017 22:53:16 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) C++ program text, with CRLF line terminators
Size:   6767
Md5:    910b0be124413cb49c6b9bb007baf456
Sha1:   ff4caa611c6477983c297b9d28afa66acbfdbd90
Sha256: 2e4f07ca3e11cc046fc9dfe772e4c7a8534fd8b4f1f85df21902c07534dc0390

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /html/info10111023.html HTTP/1.1 
Host: www.lx2003.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         107.179.64.239
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Length: 131452
Last-Modified: Fri, 28 Apr 2017 15:17:15 GMT
Accept-Ranges: bytes
Etag: "906dcf8432c0d21:6cd3"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 13 Nov 2017 22:53:14 GMT


--- Additional Info ---
Magic:  ISO-8859 HTML document text, with very long lines, with CRLF line terminators
Size:   131452
Md5:    e30da70a62078f12b6cbc74d6ddeda35
Sha1:   7d292e5ea4271abe402677ba76b4c65ac9d22f9d
Sha256: 6cb00511586d2dd415ee47d22e187e66bb7e6385f2bebf6da82a7816ef9f0dd0

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/systemresourcejsnewsnewscontent.js HTTP/1.1 
Host: www.lx2003.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.lx2003.cn/html/info10111023.html

                                         
                                         107.179.64.239
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 11267
Last-Modified: Mon, 31 Oct 2016 04:16:55 GMT
Accept-Ranges: bytes
Etag: "3c9579d2d33d21:6cd3"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 13 Nov 2017 22:53:16 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) English text, with CRLF line terminators
Size:   11267
Md5:    97cae9730a52698c0c35a89643f16b92
Sha1:   f41edf63fff73d226b0b0f868f45b1a05e0cc0d3
Sha256: 84207a6f03a178d818e56a013df38474efbae838ab90eb8f9c51976a6c31c103

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /system/resource/code/datainput.jsp?owner=1223788235&e=1&w=1176&h=885&treeid=1011&refer=&pagename=L25yeS5qc3A%3D&newsid=1023 HTTP/1.1 
Host: www.lx2003.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.lx2003.cn/html/info10111023.html

                                         
                                         107.179.64.239
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 13 Nov 2017 22:53:16 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /tongji.js HTTP/1.1 
Host: www.lx2003.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.lx2003.cn/html/info10111023.html

                                         
                                         107.179.64.239
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 252
Last-Modified: Sat, 12 Nov 2016 17:20:26 GMT
Accept-Ranges: bytes
Etag: "9ff55f93dd21:6cd3"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 13 Nov 2017 22:53:16 GMT


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   252
Md5:    f2cbc78c122a007044395cc3b115e715
Sha1:   e7742d7b2cff39e54f4782eb6873d1c348b3a32d
Sha256: 5b36f027eb8dac81629cc591a5a4bcd44b5ca300717033c34a5b8a7f28d02f4b

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 13 Nov 2017 06:55:49 GMT
Server: Apache
Last-Modified: Fri, 10 Nov 2017 02:50:09 GMT
Expires: Fri, 17 Nov 2017 02:50:09 GMT
Etag: FA1B0E26484A1433E322CDD262635DD5A195B31E
Cache-Control: max-age=330259,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp22
Content-Length: 472
Connection: close


--- Additional Info ---
Magic:  data
Size:   472
Md5:    6b31d894ae32ab263046cc06d0e0d9df
Sha1:   fa1b0e26484a1433e322cdd262635dd5a195b31e
Sha256: 98d0303f7482db550ef9bf4dd32e92d8426f85545c1ba6f9a3fca235f3d3e8d9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 13 Nov 2017 06:55:49 GMT
Server: Apache
Last-Modified: Thu, 09 Nov 2017 23:43:12 GMT
Expires: Thu, 16 Nov 2017 23:43:12 GMT
Etag: 5EDA96BC38215DAA085B8DF93974F85EA3A3A176
Cache-Control: max-age=319042,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp22
Content-Length: 727
Connection: close


--- Additional Info ---
Magic:  data
Size:   727
Md5:    957e70ae8eafad41a8f023f365b098f5
Sha1:   5eda96bc38215daa085b8df93974f85ea3a3a176
Sha256: dbf5350b16bf8a8047d7cc1417f55188323cc3302bf51802bc398df0ef8afbae
                                        
                                            GET /images/_dwrengine.js HTTP/1.1 
Host: www.lx2003.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.lx2003.cn/html/info10111023.html

                                         
                                         107.179.64.239
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 47424
Last-Modified: Mon, 31 Oct 2016 04:16:54 GMT
Accept-Ranges: bytes
Etag: "ccd01d9d2d33d21:6cd3"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 13 Nov 2017 22:53:16 GMT


--- Additional Info ---
Magic:  ASCII C program text
Size:   47424
Md5:    97bb046a05bf80c7f5e349933f321ba9
Sha1:   70c7e44cf26657a2c9b4cb6afee22f624830db8d
Sha256: 1976c098aafe8834f8b77aa7eec89d52da25bd7b92583e489aa0d4abfaf976fb

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 13 Nov 2017 06:55:49 GMT
Server: Apache
Last-Modified: Thu, 09 Nov 2017 23:43:12 GMT
Expires: Thu, 16 Nov 2017 23:43:12 GMT
Etag: 6885266066D53690577ED6AE29E4C0A499E93B69
Cache-Control: max-age=319042,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp17
Content-Length: 471
Connection: close


--- Additional Info ---
Magic:  data
Size:   471
Md5:    d39e2a9401661ee1786fdb11a4a9832d
Sha1:   6885266066d53690577ed6ae29e4c0a499e93b69
Sha256: 4a9f254184a7c139ef8d8d468b5194c8ef50a0822fcf3961eb0defcf3e882bf7
                                        
                                            GET /images/systemresourcejsjqueryjquery-latest.min.js HTTP/1.1 
Host: www.lx2003.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.lx2003.cn/html/info10111023.html

                                         
                                         107.179.64.239
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 95790
Last-Modified: Mon, 31 Oct 2016 04:16:56 GMT
Accept-Ranges: bytes
Etag: "623ded9d2d33d21:6cd3"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 13 Nov 2017 22:53:16 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines, with CRLF line terminators
Size:   95790
Md5:    4dc834d16a0d219d5c2b8a5b814569e4
Sha1:   4fbe0563917d6f6289e4e1b4a0a8758e4e43bda9
Sha256: 91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /cp/002.js HTTP/1.1 
Host: s95.b9823852351323h.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.lx2003.cn/html/info10111023.html

                                         
                                         42.56.76.104
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: NWSs
Date: Mon, 13 Nov 2017 06:55:50 GMT
Content-Length: 1470
Connection: keep-alive
Cache-Control: max-age=600
Expires: Mon, 13 Nov 2017 07:05:49 GMT
Last-Modified: Wed, 11 Oct 2017 07:07:56 GMT
Content-Encoding: gzip
X-NWS-LOG-UUID: 5b90c1d0-1079-44fb-b12f-7601299d4a89
X-Cache-Lookup: Hit From MemCache Gz


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1470
Md5:    940ce6115378589156fd3f43dc57c58f
Sha1:   e431565fd334a7008b461778d582df421f43fb98
Sha256: 63a6db1d9381f67a6429c4ec609fc3f3a2440ea8585867d2fa162224d5e59000
                                        
                                            POST /system/dwr/call/plaincall/NewsvoteDWR.getNewsLinkUrl.dwr HTTP/1.1 
Host: www.lx2003.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Referer: http://www.lx2003.cn/html/info10111023.html
Content-Length: 252
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         107.179.64.239
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 13 Nov 2017 22:53:18 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /system/resource/code/news/click/dynclicks.jsp?clickid=1023&owner=1223788235&clicktype=wbnews HTTP/1.1 
Host: www.lx2003.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.lx2003.cn/html/info10111023.html

                                         
                                         107.179.64.239
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 13 Nov 2017 22:53:18 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /images/info1011dfiles14416csscsscss.css HTTP/1.1 
Host: www.lx2003.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.lx2003.cn/html/info10111023.html

                                         
                                         107.179.64.239
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 7933
Last-Modified: Mon, 31 Oct 2016 04:17:05 GMT
Accept-Ranges: bytes
Etag: "c0c164a32d33d21:6cd3"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 13 Nov 2017 22:53:18 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) C program text, with CRLF line terminators
Size:   7933
Md5:    a57f640234e6a6ab0decf6aabcd90602
Sha1:   d89ba46ccb01e9008eb68f52869bec225b4a80bb
Sha256: 148cf44e17e70fcc745592a6f798f163ffa61df89da2009a831fe12e0efd64dc
                                        
                                            GET /hm.js?4db8f5e2528727a83a3fb7e2ce6017e9 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.lx2003.cn/html/info10111023.html

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 9034
Date: Mon, 13 Nov 2017 06:55:51 GMT
Etag: 253bdf932e555acd34c055409d997df7
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=CAFFAFAFE24CA7A4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   9034
Md5:    31ec7e38c413b40b904171a9d14b8823
Sha1:   d3b588b927991bca76de93af3ed4308fae33f4f2
Sha256: 6c323eb86dd65488c0f38a55e6b8b3c611ce11c9e9d57616123153fbd90f4b41
                                        
                                            GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1176x885&vl=754&et=0&fl=10.0&ja=1&ln=en-us&lo=0&rnd=1986480986&si=4db8f5e2528727a83a3fb7e2ce6017e9&v=1.2.27&lv=1&ct=!!&tt=%E4%B8%AD%E5%9B%BD%E5%85%B1%E4%BA%A7%E5%85%9A%E7%AC%AC%E5%8D%81%E5%85%AB%E5%B1%8A%E4%B8%AD%E5%A4%AE%E5%A7%94%E5%91%98%E4%BC%9A%E7%AC%AC%E5%9B%9B%E6%AC%A1%E5%85%A8%E4%BD%93%E4%BC%9A%E8%AE%AE%E5%85%AC%E6%8A%A5-%E7%BB%84%E7%BB%87%E9%83%A8%EF%BC%88%E7%BB%9F%E6%88%98%E9%83%A8%EF%BC%89&sn=39938 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.lx2003.cn/html/info10111023.html
Cookie: HMACCOUNT=CAFFAFAFE24CA7A4

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Mon, 13 Nov 2017 06:55:52 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.lx2003.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: Hm_lvt_4db8f5e2528727a83a3fb7e2ce6017e9=1510556153; Hm_lpvt_4db8f5e2528727a83a3fb7e2ce6017e9=1510556153

                                         
                                         107.179.64.239
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 13 Nov 2017 22:53:19 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.lx2003.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: Hm_lvt_4db8f5e2528727a83a3fb7e2ce6017e9=1510556153; Hm_lpvt_4db8f5e2528727a83a3fb7e2ce6017e9=1510556153

                                         
                                         107.179.64.239
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 13 Nov 2017 22:53:22 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075