IOC Report
http://fswanjia.com/

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 100
gzip compressed data, from Unix, original size modulo 2^32 1468
dropped
Chrome Cache Entry: 101
gzip compressed data, from Unix, original size modulo 2^32 1866
downloaded
Chrome Cache Entry: 102
GIF image data, version 89a, 20 x 20
downloaded
Chrome Cache Entry: 64
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 65
gzip compressed data, from Unix, original size modulo 2^32 1616
downloaded
Chrome Cache Entry: 66
gzip compressed data, from Unix, original size modulo 2^32 1410
dropped
Chrome Cache Entry: 67
ASCII text, with very long lines (651)
downloaded
Chrome Cache Entry: 68
gzip compressed data, from Unix, original size modulo 2^32 4169
downloaded
Chrome Cache Entry: 69
gzip compressed data, from Unix, original size modulo 2^32 1616
dropped
Chrome Cache Entry: 70
gzip compressed data, from Unix, original size modulo 2^32 109287
dropped
Chrome Cache Entry: 71
gzip compressed data, original size modulo 2^32 281
dropped
Chrome Cache Entry: 72
gzip compressed data, from Unix, original size modulo 2^32 1244
dropped
Chrome Cache Entry: 73
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 74
HTML document, ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 75
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 25x25, components 3
dropped
Chrome Cache Entry: 76
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 25x25, components 3
downloaded
Chrome Cache Entry: 77
gzip compressed data, from Unix, original size modulo 2^32 636
downloaded
Chrome Cache Entry: 78
gzip compressed data, from Unix, original size modulo 2^32 1551
downloaded
Chrome Cache Entry: 79
gzip compressed data, from Unix, original size modulo 2^32 2159
dropped
Chrome Cache Entry: 80
gzip compressed data, from Unix, original size modulo 2^32 1410
downloaded
Chrome Cache Entry: 81
HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
dropped
Chrome Cache Entry: 82
gzip compressed data, from Unix, original size modulo 2^32 1468
downloaded
Chrome Cache Entry: 83
gzip compressed data, from Unix, original size modulo 2^32 1551
dropped
Chrome Cache Entry: 84
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
dropped
Chrome Cache Entry: 85
gzip compressed data, from Unix, original size modulo 2^32 2159
downloaded
Chrome Cache Entry: 86
gzip compressed data, from Unix, original size modulo 2^32 17305
downloaded
Chrome Cache Entry: 87
gzip compressed data, from Unix, original size modulo 2^32 17305
dropped
Chrome Cache Entry: 88
gzip compressed data, truncated
dropped
Chrome Cache Entry: 89
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 90
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 91
gzip compressed data, from Unix, original size modulo 2^32 1866
dropped
Chrome Cache Entry: 92
gzip compressed data, original size modulo 2^32 281
downloaded
Chrome Cache Entry: 93
gzip compressed data, truncated
downloaded
Chrome Cache Entry: 94
GIF image data, version 89a, 20 x 20
dropped
Chrome Cache Entry: 95
ASCII text, with very long lines (615)
downloaded
Chrome Cache Entry: 96
gzip compressed data, from Unix, original size modulo 2^32 1244
downloaded
Chrome Cache Entry: 97
gzip compressed data, from Unix, original size modulo 2^32 109287
downloaded
Chrome Cache Entry: 98
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
downloaded
Chrome Cache Entry: 99
gzip compressed data, from Unix, original size modulo 2^32 636
dropped
There are 30 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=2012,i,11379080918090260122,12268302966223940065,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://fswanjia.com/"

URLs

Name
IP
Malicious
http://fswanjia.com/
http://err.taobao.com/error2.html
163.181.92.213
https://market.m.taobao.com/app/dinamic/h5-tb-feedback/index.html
unknown
http://www.fswanjia.com/uploads/allimg/131026/1_10261JRTN0.jpg
160.121.245.251
http://bdimg.share.baidu.com/static/api/js/trans/logger.js?v=60603cb3.js
14.215.182.161
http://www.fswanjia.com/uploads/allimg/131022/1-131022193Z9427-lp.jpg
160.121.245.251
http://www.fswanjia.com/templets/hualian/_c_uUJdiWhAftjn196lSnCJ3_XT-xCUyrUl7t2CU-Yh37vS0ruhGrnW6w.jpg
160.121.245.251
http://www.fswanjia.com/uploads/140825/1-140R515014H09.jpg
160.121.245.251
https://error.taobao.com/app/tbhome/common/error.html
163.181.92.213
http://www.fswanjia.com/uploads/140706/1-140F616143E59.jpg
160.121.245.251
http://www.fswanjia.com/templets/hualian/_c_JR4ams0KvTFuoO841DNOtQTUzZIi3fRLiyicuWXQBj-BGuem8dzE5w.jpg
160.121.245.251
https://hm.baidu.com/hm.gif?hca=D55AEDD3746006CC&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=907&et=0&ja=0&ln=en-us&lo=0&rnd=1850992190&si=1d5c1e9893b45f312b46c92a6627a72f&v=1.3.2&lv=1&sn=57731&r=0&ww=1280&u=http%3A%2F%2Fwww.fswanjia.com%2F&tt=CQ9%E7%94%B5%E5%AD%90(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99
14.215.183.79
http://wpa.qq.com/pa?p=2:123456789:52
43.159.234.172
http://www.fswanjia.com/uploads/allimg/131026/1_10261K30K1V.jpg
160.121.245.251
http://www.fswanjia.com/jquery-1.3.2.min.js
160.121.245.251
http://www.fswanjia.com/uploads/allimg/140801/1-140P1104530V1-lp.jpg
160.121.245.251
http://www.fswanjia.com/templets/img/eshop.gif
160.121.245.251
http://www.fswanjia.com/templets/img/on.gif
160.121.245.251
http://www.fswanjia.com/
http://bdimg.share.baidu.com/static/api/js/base/tangram.js?v=37768233.js
14.215.182.161
http://www.fswanjia.com/uploads/allimg/131121/1-13112116422W59-lp.jpg
160.121.245.251
http://www.fswanjia.com/favicon.ico
160.121.245.251
http://www.fswanjia.com/uploads/allimg/160128/1-16012Q2260J18.jpg
160.121.245.251
http://www.fswanjia.com/templets/img/System.js
160.121.245.251
http://www.fswanjia.com/uploads/140706/1-140F6163409511.jpg
160.121.245.251
https://o.alicdn.com/tbhome/tbnav/index.js
unknown
https://gw.alicdn.com/imgextra/i2/O1CN01k48Vsu1rjzf2WBpCS_
unknown
http://www.fswanjia.com/templets/img/bg2.gif
160.121.245.251
https://hm.baidu.com/h.js?1d5c1e9893b45f312b46c92a6627a72f
14.215.183.79
http://www.fswanjia.com/templets/hualian/_c_wz-lTa-WbaSaI93BxLH95xih2I5oOU00-pVEQtLE7-aPamWuaZiTjA.jpg
160.121.245.251
http://www.fswanjia.com/404.html
160.121.245.251
http://www.fswanjia.com/templets/img/bullet.gif
160.121.245.251
http://www.fswanjia.com/templets/hualian/_c_CHPX623NG_K1kIklXeHi75dPAeGxQ_6hzVjl7ZzESgPyPwYAlOhjzg.jpg
160.121.245.251
http://www.fswanjia.com/templets/hualian/xyqrcode.png
160.121.245.251
http://api.share.baidu.com/s.gif?l=http://www.fswanjia.com/
182.61.244.229
http://www.fswanjia.com/uploads/allimg/131121/1-1311211A035334.jpg
160.121.245.251
http://www.fswanjia.com/templets/img/Switching.js
160.121.245.251
http://www.fswanjia.com/uploads/allimg/131121/1-13112116215H54-lp.jpg
160.121.245.251
https://main.m.taobao.com/cart/index.html?hasback=true&spm=a21t4m.27981689.0.0
unknown
http://www.fswanjia.com/uploads/allimg/131022/1-131022194I55D-lp.jpg
160.121.245.251
https://hmcdn.baidu.com/static/tongji/plugins/
unknown
http://www.fswanjia.com/uploads/140825/1-140R5145602349.jpg
160.121.245.251
http://bdimg.share.baidu.com/static/api/js/share/share_api.js?v=226108fe.js
14.215.182.161
http://www.fswanjia.com/templets/hualian/_c_f-OJzB8PVI8Owb7pybEF_yd4wcBgu-47objRC9luUCRJehHmvwMhog.jpg
160.121.245.251
http://www.fswanjia.com/uploads/allimg/131016/1-131016095251149-lp.jpg
160.121.245.251
http://pub.idqqimg.com/qconn/wpa/button/button_121.gif
203.205.137.184
http://s95.cnzz.com/z_stat.php?id=1254779744&show=pic1
106.225.241.95
http://www.fswanjia.com/uploads/allimg/140801/1-140P11035063U-lp.jpg
160.121.245.251
http://www.fswanjia.com/uploads/131129/1-131129114120b7.png
160.121.245.251
http://amos.alicdn.com/online.aw?v=2&uid=syxxbz&site=cnalichn&s=10&charset=UTF-8
47.246.177.8
http://www.fswanjia.com/templets/img/icon3.gif
160.121.245.251
http://hm.baidu.com/h.js?1d5c1e9893b45f312b46c92a6627a72f
111.45.11.83
http://www.fswanjia.com/uploads/allimg/131119/1-131119163310419-lp.jpg
160.121.245.251
https://hmcdn.baidu.com/static/hmt/icon/21.gif
111.225.213.48
http://www.fswanjia.com/templets/hualian/_c_Kadcni1kmtAg-cJIRCUMvvLMR3cYtK2pgmLVLbxYU-Zmi_pP2IE8og.jpg
160.121.245.251
http://bdimg.share.baidu.com/static/api/js/view/share_view.js?v=3ae6026d.js
14.215.182.161
http://www.fswanjia.com/uploads/allimg/180902/1-1PZ22225325C-lp.jpg
160.121.245.251
http://www.fswanjia.com/templets/img/bodybg.jpg
160.121.245.251
http://bdimg.share.baidu.com/static/api/css/share_style0_16.css?v=8105b07e.css
14.215.182.161
http://www.fswanjia.com/templets/img/off.gif
160.121.245.251
https://wpa.qq.com/pa?p=2:123456789:52
43.159.234.172
http://www.fswanjia.com/templets/img/Global.css
160.121.245.251
http://www.fswanjia.com/uploads/140825/1-140R5150024P9.jpg
160.121.245.251
http://www.fswanjia.com/uploads/allimg/180902/1-1PZ22213303P-lp.jpg
160.121.245.251
http://www.fswanjia.com/uploads/allimg/131119/1-131119162131194-lp.jpg
160.121.245.251
http://www.fswanjia.com/uploads/allimg/160128/1-16012Q23Q6230-lp.jpg
160.121.245.251
http://www.fswanjia.com/uploads/allimg/131119/1-131119161031J6-lp.jpg
160.121.245.251
http://www.fswanjia.com/web-Query.js
160.121.245.251
http://bdimg.share.baidu.com/static/api/js/view/view_base.js
14.215.182.161
http://bdimg.share.baidu.com/static/api/js/component/partners.js?v=96dbe85a.js
14.215.182.161
http://www.fswanjia.com/uploads/allimg/131123/1-1311231530313N-lp.jpg
160.121.245.251
https://pub.idqqimg.com/qconn/wpa/button/button_121.gif
203.205.137.227
http://www.fswanjia.com/templets/img/icon1.gif
160.121.245.251
https://fclog.baidu.com/log/ocpcagl?type=behavior&emd=euc
unknown
http://www.fswanjia.com/uploads/allimg/131026/1_10261J3302014.jpg
160.121.245.251
http://www.fswanjia.com/uploads/140825/1-140R5145ARZ.jpg
160.121.245.251
http://push.zhanzhang.baidu.com/push.js
14.215.182.161
http://www.fswanjia.com/templets/hualian/_c_z4mAVRN0oPk40KnCPL9o0ldodZRFVmU2WMkVbKwL8h4TB3E1vOkqPQ.jpg
160.121.245.251
http://www.fswanjia.com/images/jquery-1.8.3.js
160.121.245.251
http://www.fswanjia.com/uploads/allimg/160128/1-16012Q2561c04-lp.jpg
160.121.245.251
http://www.fswanjia.com/uploads/140706/1-140F6163IG34.jpg
160.121.245.251
https://gw.alicdn.com/imgextra/i3/O1CN01AK0jb81mwIDnv3wyq_
unknown
https://hmcdn.baidu.com/static
unknown
https://img.alicdn.com/tfs/TB1eZPBmMoQMeJjy1XaXXcSsFXa-220-220.png_110x110.jpg
unknown
http://sdk.51.la/js-sdk-pro.min.js
148.153.240.76
http://tongji.baidu.com/hm-web/welcome/ico
unknown
https://ugcdn.taobao.com/app/starlink/core/index.js?id=4594
unknown
http://www.fswanjia.com/xyjqkefu.js
160.121.245.251
http://www.fswanjia.com/yyds.js
160.121.245.251
http://www.fswanjia.com/templets/img/WebResource1.js
160.121.245.251
http://www.fswanjia.com/templets/img/ic/templets/img/on2.gif
160.121.245.251
http://www.fswanjia.com/uploads/allimg/131122/1-131122164P55W-lp.jpg
160.121.245.251
http://api.share.baidu.com/v.gif
182.61.244.229
http://www.fswanjia.com/uploads/131019/1-13101912595B03.png
160.121.245.251
http://www.fswanjia.com/uploads/allimg/140801/1-140P110415D18-lp.jpg
160.121.245.251
http://www.fswanjia.com/templets/hualian/_c_IzLDxipn67jKuNhcwe2SUZpHrGIY0VBixQWHGW17TvY_WXt_PIzV3A.jpg
160.121.245.251
http://www.fswanjia.com/uploads/allimg/160128/1-16012R01Q2111-lp.jpg
160.121.245.251
http://www.fswanjia.com/uploads/140706/1-140F61611522X.jpg
160.121.245.251
http://fswanjia.com/
160.121.245.251
http://www.fswanjia.com/templets/img/panel_tm.jpg
160.121.245.251
http://www.fswanjia.com/templets/hualian/_c_Aob8UFb3H2WYlYc9XHp4X9JUK3TLsGcju29dJ1_BQrIBp5bVrbgsaQ.jpg
160.121.245.251
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
share.n.shifen.com
14.215.182.161
hcdnwsa120.v5.cdnhwczoy106.cn
148.153.240.76
api.share.n.shifen.com
182.61.244.229
www.fswanjia.com
160.121.245.251
ins-7syfzeku.ias.tencent-cloud.net
43.159.234.172
tao.tengine.ingress.alibabacorp.com.gds.alibabadns.com
47.246.177.8
s-part-0017.t-0009.t-msedge.net
13.107.246.45
hm.e.shifen.com
14.215.183.79
webb.jomodns.com
111.225.213.48
error.taobao.com.danuoyi.tbcache.com
163.181.92.213
fp2e7a.wpc.phicdn.net
192.229.221.95
all.cnzz.com.danuoyi.tbcache.com
106.225.241.95
www.google.com
142.250.185.196
pub.idqqimg.com.sched.legopic1.tdnsv6.com
203.205.137.184
fswanjia.com
160.121.245.251
static.n.shifen.com
182.61.200.83
push.zhanzhang.baidu.com
unknown
nsclick.baidu.com
unknown
s95.cnzz.com
unknown
amos.alicdn.com
unknown
collect-v6.51.la
unknown
err.taobao.com
unknown
api.share.baidu.com
unknown
bdimg.share.baidu.com
unknown
hm.baidu.com
unknown
error.taobao.com
unknown
sdk.51.la
unknown
pub.idqqimg.com
unknown
wpa.qq.com
unknown
hmcdn.baidu.com
unknown
There are 20 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
203.205.136.105
unknown
China
111.225.213.48
webb.jomodns.com
China
182.61.201.94
unknown
China
182.61.200.83
static.n.shifen.com
China
148.153.240.76
hcdnwsa120.v5.cdnhwczoy106.cn
United States
111.45.11.83
unknown
China
14.215.182.161
share.n.shifen.com
China
98.98.25.20
unknown
United States
112.34.113.148
unknown
China
192.168.2.4
unknown
unknown
192.168.2.5
unknown
unknown
203.205.137.227
unknown
China
47.246.177.8
tao.tengine.ingress.alibabacorp.com.gds.alibabadns.com
United States
43.159.234.172
ins-7syfzeku.ias.tencent-cloud.net
Japan
203.205.137.184
pub.idqqimg.com.sched.legopic1.tdnsv6.com
China
14.215.183.79
hm.e.shifen.com
China
125.74.110.48
unknown
China
106.225.241.95
all.cnzz.com.danuoyi.tbcache.com
China
34.92.182.184
unknown
United States
163.181.92.213
error.taobao.com.danuoyi.tbcache.com
United States
239.255.255.250
unknown
Reserved
160.121.245.251
www.fswanjia.com
South Africa
142.250.185.196
www.google.com
United States
182.61.244.229
api.share.n.shifen.com
China
There are 14 hidden IPs, click here to show them.

DOM / HTML

URL
Malicious
http://www.fswanjia.com/
http://www.fswanjia.com/
http://www.fswanjia.com/