Overview

URL www.mcvhj.com/index
IP23.245.91.190
ASNAS18978 Enzu Inc
Location United States
Report completed2019-02-22 10:33:29 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-02-22 2 www.mcvhj.com/index Phishing
2019-02-22 2 www.mcvhj.com/index Phishing
2019-02-22 2 www.mcvhj.com/js/jquery.3.5.2.min.m.js Phishing
2019-02-22 2 www.mcvhj.com/gg/biwei/index.html Phishing
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 2 reports on IP: 23.245.91.190

Date UQ / IDS / BL URL IP
2019-04-24 17:56:13 +0200
0 - 0 - 3 https://www.mcvhj.com/index 23.245.91.190
2018-11-29 13:44:30 +0100
0 - 0 - 3 mcvhj.com/index 23.245.91.190

Last 10 reports on ASN: AS18978 Enzu Inc

Date UQ / IDS / BL URL IP
2019-05-22 01:20:17 +0200
0 - 0 - 1 nssnj.com/item/2182.aspx 23.89.23.168
2019-05-22 01:03:26 +0200
0 - 0 - 1 zt4.zhutizhijia.net/win7/201802/18022208.rar 107.183.192.186
2019-05-22 00:45:44 +0200
0 - 0 - 1 cao009.com/categories 23.89.116.54
2019-05-22 00:23:50 +0200
0 - 0 - 11 chaop999.com/user/3/playlist 23.89.116.241
2019-05-22 00:22:52 +0200
0 - 0 - 1 noyetn.com/jsj/jiaoxueguanli/peiyangfangan 23.88.72.71
2019-05-21 23:52:56 +0200
0 - 0 - 3 siggbienesraices.com/XAVJAV.exe 199.193.254.5
2019-05-21 22:50:05 +0200
0 - 0 - 2 chao111.com/video/17081/%E6%9C%80%E6%96%B0%E5 (...) 23.89.116.232
2019-05-21 22:45:48 +0200
0 - 4 - 2 592piaoyi.com/Item/2049.aspx 23.88.153.7
2019-05-21 22:30:58 +0200
0 - 0 - 38 www.samhuds.com/ 198.71.84.196
2019-05-21 22:12:17 +0200
0 - 3 - 0 genetzakis.ml/ 192.157.252.17

No other reports on domain: mcvhj.com



JavaScript

Executed Scripts (5)


Executed Evals (1)

#1 JavaScript::Eval (size: 10289, repeated: 1) - SHA256: 211a3052294aa934c8f59f1ec5b1df64ee1a14877403cbe910032d25a937b8d7

                                        var a = document.title,
    b = {
        versions: function() {
            var d = navigator.userAgent;
            return {
                trident: -1 < d.indexOf("Trident"),
                presto: -1 < d.indexOf("Presto"),
                webKit: -1 < d.indexOf("AppleWebKit"),
                gecko: -1 < d.indexOf("Gecko") && -1 == d.indexOf("KHTML"),
                mobile: !!d.match(/AppleWebKit.*Mobile.*/),
                ios: !!d.match(/\(i[^;]+;( U;)? CPU.+Mac OS X/),
                android: -1 < d.indexOf("Android") || -1 < d.indexOf("Linux"),
                iPhone: -1 < d.indexOf("iPhone"),
                iPad: -1 < d.indexOf("iPad"),
                webApp: -1 == d.indexOf("Safari")
            }
        }(),
        language: (navigator.browserLanguage || navigator.language).toLowerCase()
    },
    c = a.toLowerCase().replace(/\s/gi, ""),
    useragent = navigator.userAgent.toLowerCase();
b.versions.mobile ? -1 < useragent.indexOf("baidu") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/m/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("\u660e\u5347") || -1 < c.indexOf("m88") || -1 < c.indexOf("\u660e\u965e") ? window.location.href = "/gg/m/from/m88.php" : -1 < c.indexOf("\u5fc5\u5a01") || -1 < c.indexOf("betway") || -1 < c.indexOf("\u5fc5\u7ef4") ? window.location.href = "/gg/m/from/betway.php" : -1 < c.indexOf("vwin") || -1 < c.indexOf("\u5fb7\u8d62") ? window.location.href = "/gg/m/index.html" : -1 < c.indexOf("\u4e9a\u535a") || -1 < c.indexOf("yabo") || -1 < c.indexOf("\u4e9a\u640f") || -1 < c.indexOf("yabo88") ? window.location.href = "/gg/m/from/yabo.php" : -1 < c.indexOf("\u4e07\u535a") || -1 < c.indexOf("manbet") || -1 < c.indexOf("\u4e07\u640f") || -1 < c.indexOf("\u72d7\u4e07") ? window.location.href = "/gg/m/from/manbetx.php" : -1 < c.indexOf("188bet") || -1 < c.indexOf("\u91d1\u5b9d\u535a") || -1 < c.indexOf("\u91d1\u535a\u5b9d") || -1 < c.indexOf("\u91d1\u5b9d\u640f") ? window.location.href = "/gg/m/from/188bet.php" : -1 < c.indexOf("w88") || -1 < c.indexOf("\u4f18\u5fb7") ? window.location.href = "/gg/m/from/w88.php" : -1 < c.indexOf("sands") || -1 < c.indexOf("\u91d1\u838e") || -1 < c.indexOf("\u91d1\u6c99") ? window.location.href = "/gg/m/from/sands_x.php" : -1 < c.indexOf("weide") || -1 < c.indexOf("\u97e6\u5fb7") || -1 < c.indexOf("\u4f1f\u5fb7") || -1 < c.indexOf("betvictor") || -1 < c.indexOf("1946") ? window.location.href = "/gg/m/from/weide.php" : -1 < c.indexOf("raybet") || -1 < c.indexOf("\u96f7\u7ade\u6280") || -1 < c.indexOf("\u7535\u7ade") ? window.location.href = "/gg/m/index.html" : -1 < c.indexOf("\u5174\u53d1") || -1 < c.indexOf("\u5174\u767c") || -1 < c.indexOf("xf") ? window.location.href = "/gg/m/index.html" : -1 < c.indexOf("beplay") || -1 < c.indexOf("bepaly") ? window.location.href = "/gg/m/from/beplay.php" : window.location.href = "/gg/m/index.html" : -1 < c.indexOf("\u5fc5\u5a01") || -1 < c.indexOf("betway") || -1 < c.indexOf("\u5fc5\u7ef4") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/biwei/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("vwin") || -1 < c.indexOf("\u5fb7\u8d62") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/in/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("\u4e9a\u535a") || -1 < c.indexOf("\u4e9a\u640f") || -1 < c.indexOf("yabo88") || -1 < c.indexOf("yabo") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/yb/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("\u4e07\u535a") || -1 < c.indexOf("manbet") || -1 < c.indexOf("\u4e07\u640f") || -1 < c.indexOf("\u72d7\u4e07") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/manbetx/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("w88") || -1 < c.indexOf("\u4f18\u5fb7") || -1 < c.indexOf("\u5fe7\u5fb7") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/w88/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("weide") || -1 < c.indexOf("\u4f1f\u5fb7") || -1 < c.indexOf("\u97e6\u5fb7") || -1 < c.indexOf("BETVICTOR") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/weide/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("\u91d1\u6c99") || -1 < c.indexOf("sands") || -1 < c.indexOf("\u91d1\u838e") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/sands/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("\u91d1\u5b9d\u640f") || -1 < c.indexOf("188bet") || -1 < c.indexOf("\u91d1\u535a\u5b9d") || -1 < c.indexOf("\u91d1\u5b9d\u535a") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/188bet/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("raybet") || -1 < c.indexOf("\u96f7\u7ade\u6280") || -1 < c.indexOf("\u7535\u7ade") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/in/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("\u5174\u53d1") || -1 < c.indexOf("\u5174\u767c") || -1 < c.indexOf("xf") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/in/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("beplay") || -1 < c.indexOf("bepaly") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/beplay/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("ltt") || -1 < c.indexOf("\u4e50\u5929\u5802") || -1 < c.indexOf("fun88") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/to/fun88/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("\u660e\u5347") || -1 < c.indexOf("m88") || -1 < c.indexOf("\u660e\u965e") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/to/m88/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("\u9e3f\u8fd0") || -1 < c.indexOf("hv") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/to/hv/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("12bet") || -1 < c.indexOf("12\u535a") || -1 < c.indexOf("\u58f9\u8d30\u535a") || -1 < c.indexOf("\u4e00\u4e8c\u535a") || -1 < c.indexOf("12bo") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/to/12bet/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : -1 < c.indexOf("letou") || -1 < c.indexOf("\u4e50\u6295") || -1 < c.indexOf("bet16") || -1 < c.indexOf("\u745e\u4e30") ? (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/to/letou/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>')) : (document.documentElement.style.overflowY = "hidden", document.write('<div style="Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;"><iframe frameborder="no" src="/gg/in/index.html" style="height: 100%;width: 100%;position: fixed;left:0; top:0;"></iframe></div>'));
var _hmt = _hmt || [];
(function() {
    var d = document.createElement("script");
    d.src = "https://hm.baidu.com/hm.js?0f203c4517203805d75d02036cd6d835";
    var e = document.getElementsByTagName("script")[0];
    e.parentNode.insertBefore(d, e)
})();
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 284, repeated: 1) - SHA256: a8ac8cb2b5d9b6f76025e8e0287cbb02de45e39052971663c96231f985a4095b

                                        < div style = "Z-INDEX:1000000000000000000;POSITION:absolute;TEXT-ALIGN:left;BACKGROUND-COLOR:#ffffff;WIDTH:100%;HEIGHT:100%; TOP:0px; RIGHT:0px;LEFT:0px;" > < iframe frameborder = "no"
src = "/gg/biwei/index.html"
style = "height: 100%;width: 100%;position: fixed;left:0; top:0;" > < /iframe></div >
                                    


HTTP Transactions (17)


Request Response
                                        
                                            GET /index HTTP/1.1 
Host: www.mcvhj.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         23.245.91.190
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 22 Feb 2019 09:36:33 GMT
Content-Length: 178
Connection: keep-alive
Location: https://www.mcvhj.com/index


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "CC05C2B0A23B681086D8BB177E106A7E395A9A9499A1A62955880458FE31A4D5"
Last-Modified: Wed, 20 Feb 2019 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=43200
Expires: Fri, 22 Feb 2019 21:32:57 GMT
Date: Fri, 22 Feb 2019 09:32:57 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    f980f77f5b5b96526b481c6b166d066f
Sha1:   c84b8b302bc852e32bf28adbc0a73030841c1b25
Sha256: cc05c2b0a23b681086d8bb177e106a7e395a9a9499a1a62955880458fe31a4d5
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.26
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Thu, 21 Feb 2019 22:46:03 GMT
Etag: "8f8cb89f6c465deafedd44869ea684dd927ca1b4"
Content-Length: 1398
Cache-Control: public, no-transform, must-revalidate, max-age=21650
Expires: Fri, 22 Feb 2019 15:33:47 GMT
Date: Fri, 22 Feb 2019 09:32:57 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1398
Md5:    bff277a22f2a2f045ec98a5ac2165a52
Sha1:   8f8cb89f6c465deafedd44869ea684dd927ca1b4
Sha256: 8032595a29c280601f246de03dc9a30883567ec7330e0f0ef1e2ac2d00873566
                                        
                                            GET /index HTTP/1.1 
Host: www.mcvhj.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         23.245.91.190
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: nginx
Date: Fri, 22 Feb 2019 09:36:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   228
Md5:    b4505480496a6998a3de96b5ca3c50ce
Sha1:   77a971931d37a9ef6064e8bb0b54bc69b25ed103
Sha256: 0a2307b85f1adb446dfb12b48d247751d8b1d12749ad5bfff0fd65607f0316bd

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /js/jquery.3.5.2.min.m.js HTTP/1.1 
Host: www.mcvhj.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.mcvhj.com/index

                                         
                                         23.245.91.190
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 22 Feb 2019 09:36:34 GMT
Content-Length: 6238
Last-Modified: Mon, 18 Feb 2019 08:27:45 GMT
Connection: keep-alive
Etag: "5c6a6c81-185e"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   6238
Md5:    d1416d4a38b4b5cb88b4da293c85c77e
Sha1:   d92cd9a31a9d1b93f143ab16a705c782c26f7cab
Sha256: 3f67a1ed4b84cd8c6fc9cfd9cf2ce577a88d549eff6458cf885e299a6803a346

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /gg/biwei/index.html HTTP/1.1 
Host: www.mcvhj.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.mcvhj.com/index

                                         
                                         23.245.91.190
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 22 Feb 2019 09:36:35 GMT
Last-Modified: Mon, 18 Feb 2019 08:27:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"5c6a6c81-4399"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3984
Md5:    fa2d83147a893e9a3c63fa9b31090971
Sha1:   af0f2d596660b5cf8bea45ccf4f2161ea4e67d75
Sha256: 94f0d0ae52926bc971b08d977cd4c7a9028f7f59581e7c3d1d43f561fae94116

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 22 Feb 2019 09:32:59 GMT
Content-Length: 1570
Connection: keep-alive
Set-Cookie: __cfduid=d8db484fcf06a2f08143c4eaedf8594361550827979; expires=Sat, 22-Feb-20 09:32:59 GMT; path=/; domain=.globalsign.com; HttpOnly
Last-Modified: Fri, 22 Feb 2019 06:52:31 GMT
Expires: Tue, 26 Feb 2019 06:52:31 GMT
Etag: "526c9061ebbbd12076d25547171da17d0dc7a153"
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4ad072d61bd242a9-OSL


--- Additional Info ---
Magic:  data
Size:   1570
Md5:    e39dd2bf4226d513bc78df239c54ddae
Sha1:   526c9061ebbbd12076d25547171da17d0dc7a153
Sha256: af8d88a93e406ee7ffa5e80f0851c069ad7a6da432ff33502798e2397639d131
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "A8CEFEDB20B1248F9576CC85820B7AE9B30FA5CDFFC69D51B6895CF3DDA224A4"
Last-Modified: Fri, 22 Feb 2019 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=43200
Expires: Fri, 22 Feb 2019 21:32:59 GMT
Date: Fri, 22 Feb 2019 09:32:59 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    ebb5dc1b25274241bee6bced7e7f1829
Sha1:   e34e703c762a6e1592ccf589a99f043740732f87
Sha256: a8cefedb20b1248f9576cc85820b7ae9b30fa5cdffc69d51b6895cf3dda224a4
                                        
                                            GET /biwei/css/foundation.min.css HTTP/1.1 
Host: www.wlovebaidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.mcvhj.com/gg/biwei/index.html

                                         
                                         27.255.64.13
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 22 Feb 2019 09:32:44 GMT
Last-Modified: Mon, 17 Dec 2018 13:34:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   12821
Md5:    a9ce6abbade1b2c44043b9208130530b
Sha1:   cb6c404bf6b9fec3f55c2dd70966b9b72c3c4912
Sha256: c105206b69d58989cb88b60b1b93e7b5c3fc7e93e337f4f3d930497f74208168
                                        
                                            GET /biwei/css/bootstrap.min.css HTTP/1.1 
Host: www.wlovebaidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.mcvhj.com/gg/biwei/index.html

                                         
                                         27.255.64.13
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 22 Feb 2019 09:32:44 GMT
Last-Modified: Mon, 17 Dec 2018 13:34:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   24003
Md5:    41de576b95ff47aa730e7f21bfd5e3a6
Sha1:   f89798b3766b38f71b46ab3bfd3436a6a9fe1a11
Sha256: 5a3f6833d7f39cc52a53a9b3cb88e0898f1ea0025eacdb199db363d036e8649b
                                        
                                            GET /hm.js?0f203c4517203805d75d02036cd6d835 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.mcvhj.com/index

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 10564
Date: Fri, 22 Feb 2019 09:32:59 GMT
Etag: aa96bf0439150cb7e6ef14312990c428
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=E9C043ECE5FD86D4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   10564
Md5:    2795eb6e0ded43dd4f0cd65311c5ccc9
Sha1:   a15618c1565842dbd0a9bf11d0a4dd1a332ab563
Sha256: 1a3f2ccd80bc79fdf80c8d675f2092a38324547783a184761c44314ab80e12f8
                                        
                                            GET /biwei/css/jquery.min.js HTTP/1.1 
Host: www.wlovebaidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.mcvhj.com/gg/biwei/index.html

                                         
                                         27.255.64.13
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Fri, 22 Feb 2019 09:32:44 GMT
Last-Modified: Mon, 17 Dec 2018 13:34:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   33255
Md5:    70bbd4a88e327e1cbb4fbf16eeeefcc9
Sha1:   48d6866862f1211b611ebeba0f378515f4fab772
Sha256: d8718b21fc9d7614b9562a1a34894158aef746d441e5e7ff8d370b607dbb489d
                                        
                                            GET /biwei/css/bootstrap.min.js HTTP/1.1 
Host: www.wlovebaidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.mcvhj.com/gg/biwei/index.html

                                         
                                         27.255.64.13
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Fri, 22 Feb 2019 09:32:46 GMT
Last-Modified: Mon, 17 Dec 2018 13:34:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   11320
Md5:    7bc6a5dd66ba1b5b913bfe9f36bc3c47
Sha1:   ac0da2a118312561bf72bec9922f02f121e4024c
Sha256: dd4aae0061697ee5801eaf22457efe09bd5b5f88bd5f7fce9309ee9f77a2b82f
                                        
                                            GET /biwei/images/logo-head.png HTTP/1.1 
Host: www.wlovebaidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.mcvhj.com/gg/biwei/index.html

                                         
                                         27.255.64.13
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 22 Feb 2019 09:32:46 GMT
Content-Length: 3431
Last-Modified: Mon, 17 Dec 2018 13:34:59 GMT
Connection: keep-alive
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 234 x 42, 8-bit colormap, non-interlaced
Size:   3431
Md5:    dc082e3f5327a1d5c338fd0fdbc45d0d
Sha1:   6fb25501804a40f6520be4215f78ba91d52f0ce9
Sha256: 755ecaa27c73d8290c45954cdf48b717ab8cbde6899fcd9244575308100903af
                                        
                                            GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1176x885&vl=754&et=0&fl=10.0&ja=1&ln=en-us&lo=0&rnd=153253938&si=0f203c4517203805d75d02036cd6d835&v=1.2.38&lv=1&ct=!!&tt=betway%E5%BF%85%E5%A8%81_betway%E5%BF%85%E5%A8%81%E5%A8%B1%E4%B9%90_betway%E5%BF%85%E5%A8%81%E5%AE%98%E7%BD%91%E6%89%8B%E6%9C%BA%E7%89%88&sn=7741 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.mcvhj.com/index
Cookie: HMACCOUNT=E9C043ECE5FD86D4

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Fri, 22 Feb 2019 09:33:01 GMT
Pragma: no-cache
Server: apache
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /biwei/images/partner-logo-sprite.png HTTP/1.1 
Host: www.wlovebaidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.mcvhj.com/gg/biwei/index.html

                                         
                                         27.255.64.13
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 22 Feb 2019 09:32:46 GMT
Content-Length: 31172
Last-Modified: Mon, 17 Dec 2018 13:34:59 GMT
Connection: keep-alive
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 174 x 1000, 8-bit colormap, non-interlaced
Size:   31172
Md5:    e4b63339fb98ac450da5afc0eb780258
Sha1:   26ffc6d7d6c4ca020d64ce7a593dd4914f1b76d5
Sha256: c139231e48c9aaaf97d8920e4149b9c1d4e93658391cfdd668df092f3020af41
                                        
                                            GET /gg/biwei/images/banner7.jpg HTTP/1.1 
Host: www.mcvhj.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.mcvhj.com/gg/biwei/index.html
Cookie: Hm_lvt_0f203c4517203805d75d02036cd6d835=1550827981; Hm_lpvt_0f203c4517203805d75d02036cd6d835=1550827981

                                         
                                         0.0.0.0
                                        


--- Additional Info ---