Overview

URL jxtex888.cn/html/qmgc..tztg99287.html
IP107.179.69.192
ASNAS46573 Global Frag Networks
Location United States
Report completed2018-05-17 02:57:49 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2018-05-17 02:57:07 CEST 1  107.179.69.192 Client IP ET CURRENT_EVENTS DRIVEBY EXE Embeded in Page Likely Evil M1
2018-05-17 02:57:07 CEST 1  107.179.69.192 Client IP ET TROJAN PE EXE or DLL Windows file download Text
2018-05-17 02:57:07 CEST 1  107.179.69.192 Client IP ET TROJAN RAMNIT.A M2
2018-05-17 02:57:07 CEST 1  107.179.69.192 Client IP ET TROJAN RAMNIT.A M1


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-05-17 2 jxtex888.cn/images/jsmain.js Malware
2018-05-17 2 jxtex888.cn/images/jspic_move.js Malware
2018-05-17 2 jxtex888.cn/yesads.js Malware
2018-05-17 2 jxtex888.cn/html/qmgc..tztg99287.html Malware
2018-05-17 2 jxtex888.cn/tongji.js Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 107.179.69.192

Date UQ / IDS / BL URL IP
2018-10-10 23:36:36 +0200
0 - 0 - 1 jxtex888.cn/html/txzz..tztg98378.html 107.179.69.192
2018-10-10 23:31:46 +0200
0 - 0 - 1 jxtex888.cn/html/xxgj19225.html 107.179.69.192
2018-10-10 23:30:36 +0200
0 - 0 - 1 jxtex888.cn/html/txfw..tztg100163.html 107.179.69.192
2018-10-10 23:23:36 +0200
0 - 0 - 1 jxtex888.cn/html/txfwxqz....paperindex.html 107.179.69.192
2018-10-10 18:29:20 +0200
0 - 0 - 1 jxtex888.cn/html/cyjy..tztg99327.html 107.179.69.192
2018-10-10 16:56:42 +0200
0 - 0 - 1 jxtex888.cn/html/xxgj75630.html 107.179.69.192
2018-10-10 01:40:53 +0200
0 - 0 - 1 jxtex888.cn/ 107.179.69.192
2018-10-09 22:24:21 +0200
0 - 0 - 1 jxtex888.cn/html/whyz..xhyfindex.html 107.179.69.192
2018-10-02 09:30:43 +0200
0 - 0 - 2 jxtex888.cn/html/xhyf..xzzz23380.html 107.179.69.192
2018-10-01 04:03:40 +0200
0 - 0 - 2 jxtex888.cn/html/txxw103382.html 107.179.69.192

Last 10 reports on ASN: AS46573 Global Frag Networks

Date UQ / IDS / BL URL IP
2018-10-16 01:07:39 +0200
0 - 3 - 0 zbcaijing.com/html/3591.html 104.223.149.181
2018-10-16 00:38:34 +0200
0 - 0 - 0 track.ecampaign-stats.com/eP4Z7JsG2NpFvu9D?_xEM 209.148.95.13
2018-10-15 19:55:57 +0200
0 - 4 - 0 ahnjjx.com/html/jyys178326.html 104.223.149.208
2018-10-15 16:23:02 +0200
0 - 0 - 0 mk1.fjlnh.com/oem/u.php?p=vx/rs/zaa/w1/vy/rs 104.223.230.211
2018-10-15 10:23:11 +0200
0 - 4 - 0 shyuxinedu.com/html/yiwenjiedameirong343.html 104.223.149.201
2018-10-14 12:16:54 +0200
0 - 4 - 2 xhuayi.com/html/col13121871456712012053113384 (...) 104.223.149.107
2018-10-14 11:56:41 +0200
0 - 4 - 1 huiyi1917.com/html/courseeducation1113.html 104.223.149.11
2018-10-14 11:41:42 +0200
0 - 0 - 2 sichangsm.com/html/shiliang92091.html 104.223.149.172
2018-10-14 11:41:26 +0200
0 - 4 - 2 xarsb.com/html/.zqnj201112t20111206_30140.html 104.223.149.102
2018-10-14 11:21:32 +0200
0 - 4 - 0 www.astkq.com/html/info1044....index.html 104.223.149.10

Last 10 reports on domain: jxtex888.cn

Date UQ / IDS / BL URL IP
2018-10-13 08:21:18 +0200
0 - 0 - 1 jxtex888.cn/html/cxzy..txfwindex.html 209.99.40.223
2018-10-13 07:25:31 +0200
0 - 0 - 1 jxtex888.cn/html/txxw..whyzindex.html 209.99.40.223
2018-10-13 03:09:28 +0200
0 - 0 - 1 jxtex888.cn/html/tztg..sksjindex.html 209.99.40.222
2018-10-13 01:28:59 +0200
0 - 0 - 1 jxtex888.cn/html/lltd..paperindex.html 209.99.40.223
2018-10-12 23:05:09 +0200
0 - 0 - 1 jxtex888.cn/html/cxzy11150.html 209.99.40.223
2018-10-12 21:54:53 +0200
0 - 0 - 1 jxtex888.cn/html/zyfw..jgszindex.html 209.99.40.223
2018-10-12 21:09:50 +0200
0 - 0 - 1 jxtex888.cn/html/zyfw..xzzz65101.html 209.99.40.223
2018-10-12 14:37:05 +0200
0 - 0 - 1 jxtex888.cn/html/xxgj..tztg99215.html 209.99.40.223
2018-10-12 05:53:49 +0200
0 - 0 - 1 jxtex888.cn/html/xxgj..tztg99215.html 209.99.40.222
2018-10-10 23:36:36 +0200
0 - 0 - 1 jxtex888.cn/html/txzz..tztg98378.html 107.179.69.192


JavaScript

Executed Scripts (7)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 88, repeated: 1) - SHA256: f37e595fa25e7d939293b9fdae5fd21b4bcbd3f58631a4d4134bedc27554b990

                                        < script src = 'https://s95.b9823852351323h.com/cp/002.js'
type = 'text/javascript' > < /script>
                                    


HTTP Transactions (27)


Request Response
                                        
                                            GET /images/jsmain.js HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxtex888.cn/html/qmgc..tztg99287.html

                                         
                                         107.179.69.192
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 1066
Last-Modified: Sun, 30 Oct 2016 02:07:12 GMT
Accept-Ranges: bytes
Etag: "facfd9535232d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:03 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode C++ program text, with CRLF line terminators
Size:   1066
Md5:    f59f3711f69d203d4f541487f1ff1418
Sha1:   911ad322a8e6cbea0621f5d2aab74ddfce408ba8
Sha256: 2ed7cf140e59c77ff108a58aafe1189021bcf97b6f24d8aabd9b800c0171f2df

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/jspic_move.js HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxtex888.cn/html/qmgc..tztg99287.html

                                         
                                         107.179.69.192
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 2142
Last-Modified: Sun, 30 Oct 2016 02:07:12 GMT
Accept-Ranges: bytes
Etag: "b643e545232d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:03 GMT


--- Additional Info ---
Magic:  ASCII C++ program text, with CRLF line terminators
Size:   2142
Md5:    c87e08b1c91e35896eeeedb2bf2f91ca
Sha1:   1b9c8b725b8cb4ddb66bd4744d38dd3c197a6d17
Sha256: 4cdc44c41d65f44a172c36a46954f903e6e315b86eeb0c929ee7da66a3c6005a

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /yesads.js HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxtex888.cn/html/qmgc..tztg99287.html

                                         
                                         107.179.69.192
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 107
Last-Modified: Sun, 16 Apr 2017 16:26:26 GMT
Accept-Ranges: bytes
Etag: "9a12fa31ceb6d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:03 GMT


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   107
Md5:    0f29f40bb734fb936ee1d5073755377b
Sha1:   6aedfb1e71e1b5bf8ae35a1402a42aae3d8f25ec
Sha256: 09c0e538f739853e7e8a604fc0d49732fef675043e1452d9b35d5c4acadf7fd7

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/qmgctztgcssmaincss.css HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxtex888.cn/html/qmgc..tztg99287.html

                                         
                                         107.179.69.192
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 5498
Last-Modified: Sun, 20 Nov 2016 01:48:17 GMT
Accept-Ranges: bytes
Etag: "8eede129d042d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:03 GMT


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) C program text, with very long lines, with CRLF line terminators
Size:   5498
Md5:    f370cd0390c7b36280eb1be567b79a6b
Sha1:   fbf403e4c334497dcb577f0dca813c1b6f934613
Sha256: 928e6d4fa50ccc7ffd4547999d7a7b571e30b0ac03861b1121ba159829a14cf8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=165103
Date: Thu, 17 May 2018 00:57:07 GMT
Etag: "5afc9d0a-1d7"
Expires: Fri, 18 May 2018 22:48:50 GMT
Last-Modified: Wed, 16 May 2018 21:05:14 GMT
Server: ECS (arn/4692)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    8a6bd7279e8cd618a7f8e174ae775ca5
Sha1:   ebe6244d5e1f424e4af891c835ad2d6bb6af80e3
Sha256: 03892435d531bc4bfe0e40c4ad489c0c2abe4f0aa0c0239170cccb292016645a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=162047
Date: Thu, 17 May 2018 00:57:07 GMT
Etag: "5afc7b0b-1d7"
Expires: Fri, 18 May 2018 21:28:03 GMT
Last-Modified: Wed, 16 May 2018 18:40:11 GMT
Server: ECS (arn/469D)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    46250738b7a0df4551e10d895f490cf9
Sha1:   2327d3e91ec90e8db006e6ecbacc9ded9c0b651f
Sha256: 89db690d0e491e0f6e149b17507bbc8c81d54dfbce187eb30f22d4f53a6f535c
                                        
                                            GET /html/qmgc..tztg99287.html HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         107.179.69.192
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Length: 135846
Last-Modified: Fri, 28 Apr 2017 06:32:00 GMT
Accept-Ranges: bytes
Etag: "ca4a4424e9bfd21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:02 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   135846
Md5:    f8bb7f1e37d20cfc3d32ba5a163abb41
Sha1:   421cbde57d6c8e841c98daec35908a6bcbbbabda
Sha256: 8362b1869c0c33c8bee664decf05afb19def87dc8ca0b4a1f56c65b53382cd13

Alerts:
  Blacklists:
    - fortinet: Malware
  IDS:
    - ET CURRENT_EVENTS DRIVEBY EXE Embeded in Page Likely Evil M1
    - ET TROJAN PE EXE or DLL Windows file download Text
    - ET TROJAN RAMNIT.A M2
    - ET TROJAN RAMNIT.A M1
                                        
                                            GET /images/imagesindex_1_3.jpg HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxtex888.cn/html/qmgc..tztg99287.html

                                         
                                         107.179.69.192
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 75059
Last-Modified: Sun, 30 Oct 2016 02:08:00 GMT
Accept-Ranges: bytes
Etag: "ece06e705232d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:03 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   75059
Md5:    72a23cc21a6bea4c08e7460302783c5d
Sha1:   595586e2a5bce61a14e3a4f83d29323bb826345c
Sha256: 0cb86255cbb4fc42ca735366662daf4004ed45abcb8a2912cd3b4fd05ddd920b
                                        
                                            GET /html/images/imagesbg-1.gif HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxtex888.cn/html/qmgc..tztg99287.html

                                         
                                         107.179.69.192
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:04 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /cms/web/count.jsp?articleID=99287 HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxtex888.cn/html/qmgc..tztg99287.html

                                         
                                         107.179.69.192
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:04 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /images/imagesindex_1_2.jpg HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxtex888.cn/html/qmgc..tztg99287.html

                                         
                                         107.179.69.192
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 94270
Last-Modified: Sun, 30 Oct 2016 02:07:58 GMT
Accept-Ranges: bytes
Etag: "fc119d6f5232d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:03 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   94270
Md5:    300dbd59b2c98955e8ae2f82a4cba5b3
Sha1:   27f6bc37da0b26f316a80a00806440b6cd2dbaa8
Sha256: 191420c27d50b4192fe08dc1a427d31cf942b4eb7103c7a42d61788c7aada8b3
                                        
                                            GET /images/imagesFrame_2.jpg HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxtex888.cn/html/qmgc..tztg99287.html

                                         
                                         107.179.69.192
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 8267
Last-Modified: Sun, 30 Oct 2016 02:08:14 GMT
Accept-Ranges: bytes
Etag: "be6532795232d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:04 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   8267
Md5:    e43bcace271dec115a10e26deef4e2bf
Sha1:   3da0483d96d41f17d544126a0fdf6f307907d658
Sha256: e1c6a907cfab5bc5d9a33efec29ceaf6aab374502ae5c0ec757512b7ad8505de
                                        
                                            GET /images/imagesFrame_1.jpg HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxtex888.cn/html/qmgc..tztg99287.html

                                         
                                         107.179.69.192
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 8281
Last-Modified: Sun, 30 Oct 2016 02:10:43 GMT
Accept-Ranges: bytes
Etag: "a450b3d15232d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:04 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   8281
Md5:    9075a2965cf543558ebca85ab6845d33
Sha1:   3e273ff699827af5ea27f16bcdbe6dfe4f17b1b2
Sha256: 551b849ca2ccb69e61b4dea908911af0d5f0780cfb4f0775338f5068a85ebba2
                                        
                                            GET /images/imagesFrame_4.jpg HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxtex888.cn/html/qmgc..tztg99287.html

                                         
                                         107.179.69.192
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 8260
Last-Modified: Sun, 30 Oct 2016 02:10:44 GMT
Accept-Ranges: bytes
Etag: "72599fd25232d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:04 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   8260
Md5:    469a60e267fbd08729e29e12bd029362
Sha1:   0c770e538eb2e9b5a2549a440f1b4bb2fefaee45
Sha256: 0f62a6a6d8f334b9b85b0c9960e9cbd58b1420397841021d07f6f8762cabc004
                                        
                                            GET /images/imagesFrame_3.jpg HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxtex888.cn/html/qmgc..tztg99287.html

                                         
                                         107.179.69.192
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 8294
Last-Modified: Sun, 30 Oct 2016 02:08:15 GMT
Accept-Ranges: bytes
Etag: "c61462795232d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:04 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   8294
Md5:    dd42cc1947ea312ff18f438fc544b97b
Sha1:   145e026458fc99142345af3bd74a90c6679d36d9
Sha256: 92e4e9454bbd6054a0bc25416a6ab47c45dd52bb690b4f3d3ad37f702a5542b8
                                        
                                            GET /images/imagesxls.gif HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxtex888.cn/html/qmgc..tztg99287.html

                                         
                                         107.179.69.192
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 912
Last-Modified: Tue, 01 Nov 2016 14:28:15 GMT
Accept-Ranges: bytes
Etag: "4cfb1b2f4c34d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:04 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 16
Size:   912
Md5:    d624170abeb4ba53a2a68d622a94257e
Sha1:   91a9278919fdd9a1ab63ade7a7869c7fe1b8f562
Sha256: c5a5cfebe4ad63306d5ef308e72dd0590147249ab028c1e051b69f8def266732
                                        
                                            GET /images/imagesFrame_5.jpg HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxtex888.cn/html/qmgc..tztg99287.html

                                         
                                         107.179.69.192
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 8262
Last-Modified: Sun, 30 Oct 2016 02:10:35 GMT
Accept-Ranges: bytes
Etag: "44c214cd5232d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:04 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   8262
Md5:    6427faaedf2efea84800b5d9b189f2b5
Sha1:   741b7bbf4a32a967646fbcdae957e4dc5662f876
Sha256: 2859f29ff43caf06270f00aea60544d96f9b05c815b50456a3b71ed7607bdef3
                                        
                                            GET /images/imagesFrame_6.jpg HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxtex888.cn/html/qmgc..tztg99287.html

                                         
                                         107.179.69.192
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 8262
Last-Modified: Sun, 30 Oct 2016 02:10:37 GMT
Accept-Ranges: bytes
Etag: "c5329ce5232d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:04 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   8262
Md5:    8b17dec939255eabc6b4aed7cbc3f22e
Sha1:   b44da1ad154031f3448ba1396911cabf477d1e68
Sha256: a5aff96bff3478bc46364a3d2874c9e1225ef46d51ef9b1225aaf7827a91b4a4
                                        
                                            GET /cms/web/writeLog.jsp?articleID=99287 HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxtex888.cn/html/qmgc..tztg99287.html

                                         
                                         107.179.69.192
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:04 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /tongji.js HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxtex888.cn/html/qmgc..tztg99287.html

                                         
                                         107.179.69.192
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 252
Last-Modified: Sat, 12 Nov 2016 17:13:16 GMT
Accept-Ranges: bytes
Etag: "63723f83dd21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:04 GMT


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   252
Md5:    dc440c2025e870f1e78bd0cfc53500ae
Sha1:   d958c753602b336fc14c4a0b0570b4ea93a2d4c2
Sha256: 36e307ce12bf62576468e6f0a0d4b341769054c726ab19aca7404379f6bcce02

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/imagesFrame_7.jpg HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxtex888.cn/html/qmgc..tztg99287.html

                                         
                                         107.179.69.192
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 8262
Last-Modified: Sun, 30 Oct 2016 02:10:41 GMT
Accept-Ranges: bytes
Etag: "802644d05232d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:04 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   8262
Md5:    6a430391bf81a1737fe9c0f5faed80b8
Sha1:   d679e9764d15cbb3d16b875de52eb8e52cbdc2d7
Sha256: 00fc21d463bf76210d4edf25067d119ec26de6e32514c793cd3f04ad2bc85628
                                        
                                            GET /images/imagesFrame_8.jpg HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxtex888.cn/html/qmgc..tztg99287.html

                                         
                                         107.179.69.192
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 8301
Last-Modified: Sun, 30 Oct 2016 02:10:42 GMT
Accept-Ranges: bytes
Etag: "101b3cd15232d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:04 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   8301
Md5:    26657bdb4147d02ac864a549d53407c5
Sha1:   0bb539f08b57d67b24d86054478d22926c8bd725
Sha256: 6d8bc173100d73220a298c5fea641e31ea3ba60df99f252b1da85268c327779a
                                        
                                            GET /hm.js?f53da8843726457e9c5c6862188915be HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxtex888.cn/html/qmgc..tztg99287.html

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 9033
Date: Thu, 17 May 2018 00:57:08 GMT
Etag: 216482caec616426624417e6117a665f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=3CD35592D9F063F4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   9033
Md5:    8537071bac5633eb3075017b9406035a
Sha1:   d633f579dd1952c42fd526c9f5fcba2af495074d
Sha256: 1ad67a83e08d6678f4d92e3b8a9507defb765cca6b1b1eeb525217a155b08450
                                        
                                            GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1176x885&vl=754&et=0&fl=10.0&ja=1&ln=en-us&lo=0&rnd=1670266276&si=f53da8843726457e9c5c6862188915be&v=1.2.30&lv=1&ct=!!&tt=%E5%AE%89%E5%86%9C%E9%9D%92%E5%B9%B4%E7%BD%91%E7%AB%99&sn=11875 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxtex888.cn/html/qmgc..tztg99287.html
Cookie: HMACCOUNT=3CD35592D9F063F4

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Thu, 17 May 2018 00:57:09 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /images/anqn.ahau.edu.cndocs2013-0120130124123411037942.gif HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jxtex888.cn/html/qmgc..tztg99287.html

                                         
                                         107.179.69.192
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 4548705
Last-Modified: Sun, 30 Oct 2016 02:07:48 GMT
Accept-Ranges: bytes
Etag: "f48177695232d21:8082"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:03 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 173
Size:   4548705
Md5:    51c9cab1435853584ac15b020dad0502
Sha1:   53aa6bb6037546296ac72643fa3114799cab0f23
Sha256: e3d05cef956eaa997ab3c0dba5e4c18a81413714984093f0da075c1a6ce16609
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: Hm_lvt_f53da8843726457e9c5c6862188915be=1526518630; Hm_lpvt_f53da8843726457e9c5c6862188915be=1526518630

                                         
                                         107.179.69.192
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:27 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: jxtex888.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: Hm_lvt_f53da8843726457e9c5c6862188915be=1526518630; Hm_lpvt_f53da8843726457e9c5c6862188915be=1526518630

                                         
                                         107.179.69.192
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 17 May 2018 08:45:30 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075