Overview

URL loganweaver.com/
IP172.107.157.167
ASN
Location United States
Report completed2018-07-13 00:49:31 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-07-13 2 loganweaver.com/ Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 1 reports on IP: 172.107.157.167

Date UQ / IDS / BL URL IP
2017-08-01 02:56:36 +0200
0 - 0 - 7 hfjdpgj.com/ 172.107.157.167

Last 10 reports on ASN:

Date UQ / IDS / BL URL IP
2018-07-23 11:57:59 +0200
0 - 0 - 1 fcsmu.cc/555 172.106.135.102
2018-07-23 11:57:36 +0200
0 - 0 - 1 www.fcsmu.cc/k8.php 172.106.135.102
2018-07-23 11:55:08 +0200
0 - 0 - 0 sendy.ant-tna.com/l/9qApGvtuYnRpZ5Zwwfo763qA/ (...) 34.219.16.57
2018-07-23 11:50:42 +0200
0 - 0 - 0 s.ss2.us 13.32.16.243
2018-07-23 11:45:13 +0200
0 - 1 - 0 theothers.org.uk/ 196.196.6.87
2018-07-23 11:45:00 +0200
0 - 1 - 0 sports.hr-communication.com/flexprogram/e-mai (...) 34.234.104.233
2018-07-23 11:43:39 +0200
0 - 0 - 0 d19v95boryqmjs.cloudfront.net/104886.7z 13.32.16.108
2018-07-23 11:38:39 +0200
0 - 0 - 0 hankesa.com/colier/dropbox/dlx/asset/jquery.js 198.54.114.136
2018-07-23 11:36:37 +0200
0 - 1 - 0 luckysfloorrefinishing.com/ 198.54.117.200
2018-07-23 11:36:20 +0200
0 - 0 - 1 dlsft.com/an/robux.php 35.190.60.70

No other reports on domain: loganweaver.com



JavaScript

Executed Scripts (6)


Executed Evals (0)


Executed Writes (2)

#1 JavaScript::Write (size: 156, repeated: 1) - SHA256: bf9e35f1e2bf1541f31239d301c4ca429985cfe0c2ec9d797caeac0a354c7ebf

                                        < a href = 'http://www.cnzz.com/stat/website.php?web_id=1273613745'
target = _blank title = '&#31449;&#38271;&#32479;&#35745;' > & #31449;&# 38271; & #32479;&# 35745; < /a>
                                    

#2 JavaScript::Write (size: 112, repeated: 1) - SHA256: 1ca9a841a5c5bd42b2a97565813520eb41c3d04527379558df3f08c1b8eb7d54

                                        < script src = 'https://c.cnzz.com/core.php?web_id=1273613745&t=z'
charset = 'utf-8'
type = 'text/javascript' > < /script>
                                    


HTTP Transactions (13)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: loganweaver.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         172.107.157.167
HTTP/1.1 200 OK
Content-Type: text/html; charset=gb2312
                                        
Server: nginx
Date: Thu, 12 Jul 2018 22:46:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.0.25
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1117
Md5:    7b585b76d07ac9e434ae20e729452d2a
Sha1:   4ecbdcceb4a731fe3024cbe596e941dbd7446f77
Sha256: df56a734dee786b6cb04eb74f3e174cee643446822bd96dd69ab85bfca7041ff

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /002.js HTTP/1.1 
Host: 118.31.37.90
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://loganweaver.com/

                                         
                                         118.31.37.90
HTTP/1.1 200 OK
Content-Type: text/html; charset=gb2312
                                        
Date: Thu, 12 Jul 2018 22:48:59 GMT
Server: Apache
X-Powered-By: PHP/7.0.19
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 343


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   343
Md5:    91d24d45d8026d76a6614645323860b0
Sha1:   853ef5adfd2f20c3965b54094c79916096173bff
Sha256: 8b7d32b20b256c36e085bb8b03de48faa4f6f08abe2fc040fdf45a9f9bdb057a
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 12 Jul 2018 22:48:59 GMT
Content-Length: 1570
Connection: keep-alive
Set-Cookie: __cfduid=df5fb3591376513ce522f4e1ee4ad3a011531435739; expires=Fri, 12-Jul-19 22:48:59 GMT; path=/; domain=.globalsign.com; HttpOnly
Last-Modified: Thu, 12 Jul 2018 20:01:37 GMT
Expires: Mon, 16 Jul 2018 20:01:37 GMT
Etag: "bad2b3e5df72e0dea44c9ad771dbbfcfdbb386a6"
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 43970f7a96bd428b-OSL


--- Additional Info ---
Magic:  data
Size:   1570
Md5:    4d7f30afa62169570d3d9892e19a3d0d
Sha1:   bad2b3e5df72e0dea44c9ad771dbbfcfdbb386a6
Sha256: 17b9e847a58f70237c57682ccc315aff6db0b5c67a3a94351773eca07060f4e3
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request
Cookie: __cfduid=df5fb3591376513ce522f4e1ee4ad3a011531435739

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 12 Jul 2018 22:48:59 GMT
Content-Length: 1570
Connection: keep-alive
Last-Modified: Thu, 12 Jul 2018 19:30:16 GMT
Expires: Mon, 16 Jul 2018 19:30:16 GMT
Etag: "96ffc313faa9ff0f24abc06f9067dcf8f6f1347a"
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 43970f7b76eb428b-OSL


--- Additional Info ---
Magic:  data
Size:   1570
Md5:    b97d2bc1654267215d686519b03332b0
Sha1:   96ffc313faa9ff0f24abc06f9067dcf8f6f1347a
Sha256: dfd7d1fc4db9288a1da359796454ed21d8b97c3d39afcb959d12c7a54d6513cf
                                        
                                            GET /push.js HTTP/1.1 
Host: push.zhanzhang.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://loganweaver.com/

                                         
                                         111.206.37.189
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Date: Thu, 12 Jul 2018 22:48:59 GMT
Etag: "4078521116"
Expires: Fri, 12 Jul 2019 22:48:59 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=3937591882A2762F7AE9FD6687276190:FG=1; max-age=31536000; expires=Fri, 12-Jul-19 22:48:59 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   227
Md5:    e548b6ce15bb616c2bfba36e9cfbf307
Sha1:   a348285d9928a6548a57569f1fb9d62bdd747f33
Sha256: 7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
                                        
                                            GET /z_stat.php?id=1273613745&web_id=1273613745 HTTP/1.1 
Host: s22.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://loganweaver.com/

                                         
                                         211.138.122.200
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 11265
Connection: keep-alive
Date: Thu, 12 Jul 2018 21:21:21 GMT
Last-Modified: Thu, 12 Jul 2018 21:21:20 GMT
Cache-Control: max-age=5400,s-maxage=5400
Via: cache5.l2cn690[0,200-0,H], cache37.l2cn690[0,0], kunlun10.cn3[0,200-0,H], kunlun4.cn3[0,0]
Age: 5258
X-Cache: HIT TCP_MEM_HIT dirn:9:924501860 mlen:-1
X-Swift-SaveTime: Thu, 12 Jul 2018 21:34:50 GMT
X-Swift-CacheTime: 4591
Timing-Allow-Origin: *
EagleId: d38a7a8415314357399614791e


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   11265
Md5:    c502ecb0eb4c45cfdce9877778cc24ef
Sha1:   8f7b4c33c31392a0c6953340a608743820feccc3
Sha256: aa6e5c8f8f8821fbb44ef922231c0ccb3723caa4e9035143b0d15b20b5064eb9
                                        
                                            GET /hm.js?1376713bd25d4be26b6a550c09e62dbe HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://loganweaver.com/

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 9142
Date: Thu, 12 Jul 2018 22:48:59 GMT
Etag: 9bb40f0704cec410c2aa00234d0356ac
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=176E12012569211E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   9142
Md5:    88b7ecee62d3674761d8e5a899e3d3fb
Sha1:   762fbe94e1426d82c02ead757337a7cf543a80c8
Sha256: e5abf3703e0be3c10131e45c3933b4d6f4f966edfaad419812cc63e3440445c0
                                        
                                            GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1176x885&vl=775&et=0&fl=10.0&ja=1&ln=en-us&lo=0&rnd=445028673&si=1376713bd25d4be26b6a550c09e62dbe&v=1.2.33&lv=1&ct=!!&tt=404%20Not%20Found&sn=13861 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://loganweaver.com/
Cookie: BAIDUID=3937591882A2762F7AE9FD6687276190:FG=1; HMACCOUNT=176E12012569211E

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Thu, 12 Jul 2018 22:49:01 GMT
Pragma: no-cache
Server: apache
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /s.gif?l=http://loganweaver.com/ HTTP/1.1 
Host: api.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://loganweaver.com/
Cookie: BAIDUID=3937591882A2762F7AE9FD6687276190:FG=1

                                         
                                         111.206.37.189
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Thu, 12 Jul 2018 22:49:01 GMT
Expires: 0
Pragma: no-cache
Server: apache
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /stat.htm?id=1273613745&r=&lg=en-us&ntime=none&cnzz_eid=1567847594-1531430480-&showp=1176x885&t=404%20Not%20Found&umuuid=16490aeeded9-0581459ba7ed66-6c242d76-fe178-16490aeedee76&h=1&rnd=259723516 HTTP/1.1 
Host: z1.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://loganweaver.com/

                                         
                                         140.205.60.79
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Tengine
Date: Thu, 12 Jul 2018 22:49:02 GMT
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   22
Md5:    8bd3e739a9ba80a435f0214811da0c2a
Sha1:   bfc17d1e04e56542eb8037f08ed142efd252ea82
Sha256: a2dd5774b01bbfc29140279e02fea087df42a4c257dce8858226737a2e521986
                                        
                                            GET /core.php?web_id=1273613745&t=z HTTP/1.1 
Host: c.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://loganweaver.com/

                                         
                                         211.138.122.126
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 994
Connection: keep-alive
Date: Thu, 12 Jul 2018 22:35:02 GMT
Last-Modified: Thu, 12 Jul 2018 22:35:02 GMT
Expires: Thu, 12 Jul 2018 22:50:02 GMT
Via: cache29.l2cn104[175,200-0,M], cache14.l2cn104[175,0], kunlun2.cn3[0,200-0,H], kunlun5.cn3[0,0]
Age: 840
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2 mlen:-1
X-Swift-SaveTime: Thu, 12 Jul 2018 22:35:02 GMT
X-Swift-CacheTime: 900
Timing-Allow-Origin: *
EagleId: d38a7a8515314357422183062e


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   994
Md5:    4d7139a7d2e91d90789c2afed1b3e036
Sha1:   2254cc61dc37bfc9cce787c563d935a87d120264
Sha256: c08c00a44af47095d8dd3ed47c37d5b0b77fa1fdad66adc71739a5402d40138c
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: loganweaver.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: Hm_lvt_1376713bd25d4be26b6a550c09e62dbe=1531435741; Hm_lpvt_1376713bd25d4be26b6a550c09e62dbe=1531435741; UM_distinctid=16490aeeded9-0581459ba7ed66-6c242d76-fe178-16490aeedee76; CNZZDATA1273613745=1567847594-1531430480-%7C1531430480

                                         
                                         172.107.157.167
HTTP/1.1 200 OK
Content-Type: text/html; charset=gb2312
                                        
Server: nginx
Date: Thu, 12 Jul 2018 22:46:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.0.25
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1117
Md5:    7b585b76d07ac9e434ae20e729452d2a
Sha1:   4ecbdcceb4a731fe3024cbe596e941dbd7446f77
Sha256: df56a734dee786b6cb04eb74f3e174cee643446822bd96dd69ab85bfca7041ff
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: loganweaver.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: Hm_lvt_1376713bd25d4be26b6a550c09e62dbe=1531435741; Hm_lpvt_1376713bd25d4be26b6a550c09e62dbe=1531435741; UM_distinctid=16490aeeded9-0581459ba7ed66-6c242d76-fe178-16490aeedee76; CNZZDATA1273613745=1567847594-1531430480-%7C1531430480

                                         
                                         172.107.157.167
HTTP/1.1 200 OK
Content-Type: text/html; charset=gb2312
                                        
Server: nginx
Date: Thu, 12 Jul 2018 22:46:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.0.25
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1117
Md5:    7b585b76d07ac9e434ae20e729452d2a
Sha1:   4ecbdcceb4a731fe3024cbe596e941dbd7446f77
Sha256: df56a734dee786b6cb04eb74f3e174cee643446822bd96dd69ab85bfca7041ff