分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
---|---|---|---|---|
文件 (Windows) | win7-sp1-x64-app02-3 | 2017-02-18 20:07:23 | 2017-02-18 20:10:24 | 181 秒 |
文件名 | 运行安装.exe |
---|---|
文件大小 | 1589248 字节 |
文件类型 | PE32 executable (GUI) Intel 80386, for MS Windows |
MD5 | a7935e987a3d420767fbc1f336660ef9 |
SHA1 | c6cd1312a41298e9117622da68477615d103693e |
SHA256 | f39230476a250ada1332662327d1a20d4858ce45116461f77df664b29a440896 |
SHA512 | 6de4ae2e536f92b1a1ee44001ce0b00dc8e2453461fbad1eccb299af145fadfca5a06c2b12a44823c49cfd85426b54b7f6905185dde5a49025021066ff5b10cb |
CRC32 | BFE1CC36 |
Ssdeep | 24576:6j9nly8uH1txITz383+4HcdCDtJdcVGb1MNLF2mNsd37:6i8IIPTuKVGBMOS |
Yara | 登录查看Yara规则 |
样本下载 提交误报 |
直接 | IP | 安全评级 | 地理位置 |
---|---|---|---|
否 | 58.215.145.188 | 中国 | |
否 | 45.124.125.44 | 中国 | |
否 | 42.120.219.93 | 中国 | |
否 | 222.73.144.174 | 中国 | |
否 | 222.73.134.43 | 中国 | |
否 | 218.92.226.45 | 中国 | |
否 | 14.29.32.170 | 中国 | |
是 | 125.88.187.127 | 中国 | |
否 | 125.132.149.154 | 韩国 | |
否 | 123.207.116.58 | 中国 | |
否 | 114.80.130.88 | 中国 | |
否 | 104.18.54.118 | 美国 |
初始地址 | 0x00400000 |
---|---|
入口地址 | 0x0046cd45 |
声明校验值 | 0x00000000 |
实际校验值 | 0x0018912e |
最低操作系统版本要求 | 4.0 |
编译时间 | 2017-01-13 12:34:18 |
载入哈希 | ec53593d2e4e3168994e49beb6185605 |
图标 | |
图标精确哈希值 | f67722e9f459b4da2d49f594b990887d |
图标相似性哈希值 | ba4a788107f8c9287ee8c71f4f78efaa |
LegalCopyright | |
---|---|
FileVersion | |
CompanyName | |
Comments | |
ProductName | |
ProductVersion | |
FileDescription | |
Translation |
名称 | 虚拟地址 | 虚拟大小 | 原始数据大小 | 特征 | 熵(Entropy) |
---|---|---|---|---|---|
.text | 0x00001000 | 0x0008feb7 | 0x00090000 | IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ | 6.57 |
.rdata | 0x00091000 | 0x000d8152 | 0x000d9000 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 5.85 |
.data | 0x0016a000 | 0x00045408 | 0x00012000 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE | 5.46 |
.rsrc | 0x001b0000 | 0x00007424 | 0x00008000 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 5.17 |
名称 | 偏移量 | 大小 | 语言 | 子语言 | 熵(Entropy) | 文件类型 |
---|---|---|---|---|---|---|
TEXTINCLUDE | 0x001b0bd0 | 0x00000151 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.25 | C source, ASCII text, with CRLF line terminators |
TEXTINCLUDE | 0x001b0bd0 | 0x00000151 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.25 | C source, ASCII text, with CRLF line terminators |
TEXTINCLUDE | 0x001b0bd0 | 0x00000151 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.25 | C source, ASCII text, with CRLF line terminators |
RT_CURSOR | 0x001b10c0 | 0x000000b4 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.74 | data |
RT_CURSOR | 0x001b10c0 | 0x000000b4 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.74 | data |
RT_CURSOR | 0x001b10c0 | 0x000000b4 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.74 | data |
RT_CURSOR | 0x001b10c0 | 0x000000b4 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.74 | data |
RT_BITMAP | 0x001b2934 | 0x00000144 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.88 | data |
RT_BITMAP | 0x001b2934 | 0x00000144 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.88 | data |
RT_BITMAP | 0x001b2934 | 0x00000144 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.88 | data |
RT_BITMAP | 0x001b2934 | 0x00000144 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.88 | data |
RT_BITMAP | 0x001b2934 | 0x00000144 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.88 | data |
RT_BITMAP | 0x001b2934 | 0x00000144 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.88 | data |
RT_BITMAP | 0x001b2934 | 0x00000144 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.88 | data |
RT_BITMAP | 0x001b2934 | 0x00000144 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.88 | data |
RT_BITMAP | 0x001b2934 | 0x00000144 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.88 | data |
RT_BITMAP | 0x001b2934 | 0x00000144 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.88 | data |
RT_BITMAP | 0x001b2934 | 0x00000144 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.88 | data |
RT_BITMAP | 0x001b2934 | 0x00000144 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.88 | data |
RT_BITMAP | 0x001b2934 | 0x00000144 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.88 | data |
RT_BITMAP | 0x001b2934 | 0x00000144 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.88 | data |
RT_BITMAP | 0x001b2934 | 0x00000144 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.88 | data |
RT_ICON | 0x001b2e88 | 0x000025a8 | LANG_NEUTRAL | SUBLANG_NEUTRAL | 6.44 | data |
RT_ICON | 0x001b2e88 | 0x000025a8 | LANG_NEUTRAL | SUBLANG_NEUTRAL | 6.44 | data |
RT_ICON | 0x001b2e88 | 0x000025a8 | LANG_NEUTRAL | SUBLANG_NEUTRAL | 6.44 | data |
RT_MENU | 0x001b543c | 0x00000284 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.28 | data |
RT_MENU | 0x001b543c | 0x00000284 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.28 | data |
RT_DIALOG | 0x001b6684 | 0x0000018c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 3.74 | data |
RT_DIALOG | 0x001b6684 | 0x0000018c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 3.74 | data |
RT_DIALOG | 0x001b6684 | 0x0000018c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 3.74 | data |
RT_DIALOG | 0x001b6684 | 0x0000018c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 3.74 | data |
RT_DIALOG | 0x001b6684 | 0x0000018c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 3.74 | data |
RT_DIALOG | 0x001b6684 | 0x0000018c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 3.74 | data |
RT_DIALOG | 0x001b6684 | 0x0000018c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 3.74 | data |
RT_DIALOG | 0x001b6684 | 0x0000018c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 3.74 | data |
RT_DIALOG | 0x001b6684 | 0x0000018c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 3.74 | data |
RT_DIALOG | 0x001b6684 | 0x0000018c | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 3.74 | data |
RT_STRING | 0x001b70cc | 0x00000024 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 0.90 | data |
RT_STRING | 0x001b70cc | 0x00000024 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 0.90 | data |
RT_STRING | 0x001b70cc | 0x00000024 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 0.90 | data |
RT_STRING | 0x001b70cc | 0x00000024 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 0.90 | data |
RT_STRING | 0x001b70cc | 0x00000024 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 0.90 | data |
RT_STRING | 0x001b70cc | 0x00000024 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 0.90 | data |
RT_STRING | 0x001b70cc | 0x00000024 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 0.90 | data |
RT_STRING | 0x001b70cc | 0x00000024 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 0.90 | data |
RT_STRING | 0x001b70cc | 0x00000024 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 0.90 | data |
RT_STRING | 0x001b70cc | 0x00000024 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 0.90 | data |
RT_STRING | 0x001b70cc | 0x00000024 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 0.90 | data |
RT_GROUP_CURSOR | 0x001b7118 | 0x00000022 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.25 | MS Windows cursor resource - 2 icons, 32x256, hotspot @1x1 |
RT_GROUP_CURSOR | 0x001b7118 | 0x00000022 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.25 | MS Windows cursor resource - 2 icons, 32x256, hotspot @1x1 |
RT_GROUP_CURSOR | 0x001b7118 | 0x00000022 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.25 | MS Windows cursor resource - 2 icons, 32x256, hotspot @1x1 |
RT_GROUP_ICON | 0x001b7164 | 0x00000014 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.02 | MS Windows icon resource - 1 icon, 16x16, 16 colors |
RT_GROUP_ICON | 0x001b7164 | 0x00000014 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.02 | MS Windows icon resource - 1 icon, 16x16, 16 colors |
RT_GROUP_ICON | 0x001b7164 | 0x00000014 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.02 | MS Windows icon resource - 1 icon, 16x16, 16 colors |
RT_VERSION | 0x001b7178 | 0x000002ac | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.15 | data |
防病毒引擎/厂商 | 病毒名/规则匹配 | 病毒库日期 |
---|---|---|
Bkav | 未发现病毒 | 20170216 |
MicroWorld-eScan | 未发现病毒 | 20170216 |
nProtect | 未发现病毒 | 20170216 |
CMC | 未发现病毒 | 20170216 |
CAT-QuickHeal | 未发现病毒 | 20170216 |
McAfee | 未发现病毒 | 20170216 |
Malwarebytes | 未发现病毒 | 20170216 |
Zillya | 未发现病毒 | 20170216 |
AegisLab | Troj.W32.Gen.lwSm | 20170216 |
TheHacker | 未发现病毒 | 20170215 |
K7GW | 未发现病毒 | 20170216 |
K7AntiVirus | 未发现病毒 | 20170216 |
Arcabit | 未发现病毒 | 20170216 |
Invincea | trojan.win32.voinjet.a | 20170203 |
Baidu | 未发现病毒 | 20170216 |
F-Prot | W32/Agent.EW.gen!Eldorado | 20170216 |
Symantec | Trojan.Gen.8 | 20170216 |
ESET-NOD32 | 未发现病毒 | 20170216 |
TrendMicro-HouseCall | 未发现病毒 | 20170216 |
Avast | Win32:Evo-gen [Susp] | 20170216 |
ClamAV | Win.Trojan.Parite-1385 | 20170216 |
GData | 未发现病毒 | 20170216 |
Kaspersky | 未发现病毒 | 20170216 |
BitDefender | 未发现病毒 | 20170216 |
NANO-Antivirus | 未发现病毒 | 20170216 |
ViRobot | 未发现病毒 | 20170216 |
Tencent | 未发现病毒 | 20170216 |
Ad-Aware | 未发现病毒 | 20170216 |
Emsisoft | 未发现病毒 | 20170216 |
Comodo | Worm.Win32.Dropper.RA | 20170216 |
F-Secure | Trojan:W32/DelfInject.R | 20170216 |
DrWeb | 未发现病毒 | 20170216 |
VIPRE | 未发现病毒 | 20170216 |
TrendMicro | 未发现病毒 | 20170216 |
McAfee-GW-Edition | BehavesLike.Win32.Generic.th | 20170216 |
Sophos | 未发现病毒 | 20170216 |
Cyren | W32/Agent.EW.gen!Eldorado | 20170216 |
Jiangmin | 未发现病毒 | 20170216 |
Webroot | 未发现病毒 | 20170216 |
Avira | 未发现病毒 | 20170216 |
Antiy-AVL | 未发现病毒 | 20170216 |
Kingsoft | 未发现病毒 | 20170216 |
Endgame | malicious (high confidence) | 20170216 |
SUPERAntiSpyware | 未发现病毒 | 20170216 |
Microsoft | 未发现病毒 | 20170216 |
AhnLab-V3 | 未发现病毒 | 20170216 |
ALYac | 未发现病毒 | 20170216 |
AVware | 未发现病毒 | 20170216 |
VBA32 | 未发现病毒 | 20170216 |
Zoner | 未发现病毒 | 20170216 |
Rising | 未发现病毒 | 20170216 |
Yandex | 未发现病毒 | 20170215 |
Ikarus | Trojan.Rootkit.Gen2 | 20170216 |
Fortinet | 未发现病毒 | 20170216 |
AVG | 未发现病毒 | 20170216 |
Panda | 未发现病毒 | 20170216 |
CrowdStrike | malicious_confidence_100% (W) | 20170130 |
Qihoo-360 | 未发现病毒 | 20170216 |
直接 | IP | 安全评级 | 地理位置 |
---|---|---|---|
否 | 58.215.145.188 | 中国 | |
否 | 45.124.125.44 | 中国 | |
否 | 42.120.219.93 | 中国 | |
否 | 222.73.144.174 | 中国 | |
否 | 222.73.134.43 | 中国 | |
否 | 218.92.226.45 | 中国 | |
否 | 14.29.32.170 | 中国 | |
是 | 125.88.187.127 | 中国 | |
否 | 125.132.149.154 | 韩国 | |
否 | 123.207.116.58 | 中国 | |
否 | 114.80.130.88 | 中国 | |
否 | 104.18.54.118 | 美国 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.203 | 49168 | 104.18.54.118 www.mnting101.com | 80 |
192.168.122.203 | 49174 | 114.80.130.88 pv.sohu.com | 80 |
192.168.122.203 | 49164 | 123.207.116.58 m.hascosafety.com | 88 |
192.168.122.203 | 49166 | 123.207.116.58 m.hascosafety.com | 88 |
192.168.122.203 | 49183 | 125.132.149.154 cdns.xiuchang888.com | 80 |
192.168.122.203 | 49192 | 125.132.149.154 cdns.xiuchang888.com | 80 |
192.168.122.203 | 49193 | 125.132.149.154 cdns.xiuchang888.com | 80 |
192.168.122.203 | 49194 | 125.132.149.154 cdns.xiuchang888.com | 80 |
192.168.122.203 | 49195 | 125.132.149.154 cdns.xiuchang888.com | 80 |
192.168.122.203 | 49196 | 125.132.149.154 cdns.xiuchang888.com | 80 |
192.168.122.203 | 49185 | 125.88.187.127 | 843 |
192.168.122.203 | 49190 | 125.88.187.127 | 1056 |
192.168.122.203 | 49191 | 125.88.187.127 | 1056 |
192.168.122.203 | 49162 | 14.29.32.170 down.ku122.com | 80 |
192.168.122.203 | 49175 | 218.92.226.45 abc.maikexunsh.com | 80 |
192.168.122.203 | 49176 | 218.92.226.45 abc.maikexunsh.com | 80 |
192.168.122.203 | 49177 | 218.92.226.45 abc.maikexunsh.com | 80 |
192.168.122.203 | 49178 | 218.92.226.45 abc.maikexunsh.com | 80 |
192.168.122.203 | 49179 | 218.92.226.45 abc.maikexunsh.com | 80 |
192.168.122.203 | 49180 | 218.92.226.45 abc.maikexunsh.com | 80 |
192.168.122.203 | 49243 | 218.92.226.45 abc.maikexunsh.com | 80 |
192.168.122.203 | 49244 | 218.92.226.45 abc.maikexunsh.com | 80 |
192.168.122.203 | 49245 | 218.92.226.45 abc.maikexunsh.com | 80 |
192.168.122.203 | 49167 | 222.73.134.43 s22.cnzz.com | 80 |
192.168.122.203 | 49163 | 222.73.144.174 www.baiasp.com | 80 |
192.168.122.203 | 49169 | 42.120.219.93 hzs1.cnzz.com | 80 |
192.168.122.203 | 49197 | 45.124.125.44 xyzabcrtmp.yjyc-ask.com | 1935 |
192.168.122.203 | 49170 | 58.215.145.188 s22.cnzz.com | 80 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.203 | 49479 | 192.168.122.1 | 53 |
192.168.122.203 | 51301 | 192.168.122.1 | 53 |
192.168.122.203 | 52175 | 192.168.122.1 | 53 |
192.168.122.203 | 52531 | 192.168.122.1 | 53 |
192.168.122.203 | 56620 | 192.168.122.1 | 53 |
192.168.122.203 | 57489 | 192.168.122.1 | 53 |
192.168.122.203 | 57528 | 192.168.122.1 | 53 |
192.168.122.203 | 57595 | 192.168.122.1 | 53 |
192.168.122.203 | 61025 | 192.168.122.1 | 53 |
192.168.122.203 | 61372 | 192.168.122.1 | 53 |
192.168.122.203 | 63184 | 192.168.122.1 | 53 |
192.168.122.203 | 64896 | 192.168.122.1 | 53 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.203 | 49168 | 104.18.54.118 www.mnting101.com | 80 |
192.168.122.203 | 49174 | 114.80.130.88 pv.sohu.com | 80 |
192.168.122.203 | 49164 | 123.207.116.58 m.hascosafety.com | 88 |
192.168.122.203 | 49166 | 123.207.116.58 m.hascosafety.com | 88 |
192.168.122.203 | 49183 | 125.132.149.154 cdns.xiuchang888.com | 80 |
192.168.122.203 | 49192 | 125.132.149.154 cdns.xiuchang888.com | 80 |
192.168.122.203 | 49193 | 125.132.149.154 cdns.xiuchang888.com | 80 |
192.168.122.203 | 49194 | 125.132.149.154 cdns.xiuchang888.com | 80 |
192.168.122.203 | 49195 | 125.132.149.154 cdns.xiuchang888.com | 80 |
192.168.122.203 | 49196 | 125.132.149.154 cdns.xiuchang888.com | 80 |
192.168.122.203 | 49185 | 125.88.187.127 | 843 |
192.168.122.203 | 49190 | 125.88.187.127 | 1056 |
192.168.122.203 | 49191 | 125.88.187.127 | 1056 |
192.168.122.203 | 49162 | 14.29.32.170 down.ku122.com | 80 |
192.168.122.203 | 49175 | 218.92.226.45 abc.maikexunsh.com | 80 |
192.168.122.203 | 49176 | 218.92.226.45 abc.maikexunsh.com | 80 |
192.168.122.203 | 49177 | 218.92.226.45 abc.maikexunsh.com | 80 |
192.168.122.203 | 49178 | 218.92.226.45 abc.maikexunsh.com | 80 |
192.168.122.203 | 49179 | 218.92.226.45 abc.maikexunsh.com | 80 |
192.168.122.203 | 49180 | 218.92.226.45 abc.maikexunsh.com | 80 |
192.168.122.203 | 49243 | 218.92.226.45 abc.maikexunsh.com | 80 |
192.168.122.203 | 49244 | 218.92.226.45 abc.maikexunsh.com | 80 |
192.168.122.203 | 49245 | 218.92.226.45 abc.maikexunsh.com | 80 |
192.168.122.203 | 49167 | 222.73.134.43 s22.cnzz.com | 80 |
192.168.122.203 | 49163 | 222.73.144.174 www.baiasp.com | 80 |
192.168.122.203 | 49169 | 42.120.219.93 hzs1.cnzz.com | 80 |
192.168.122.203 | 49197 | 45.124.125.44 xyzabcrtmp.yjyc-ask.com | 1935 |
192.168.122.203 | 49170 | 58.215.145.188 s22.cnzz.com | 80 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.203 | 49479 | 192.168.122.1 | 53 |
192.168.122.203 | 51301 | 192.168.122.1 | 53 |
192.168.122.203 | 52175 | 192.168.122.1 | 53 |
192.168.122.203 | 52531 | 192.168.122.1 | 53 |
192.168.122.203 | 56620 | 192.168.122.1 | 53 |
192.168.122.203 | 57489 | 192.168.122.1 | 53 |
192.168.122.203 | 57528 | 192.168.122.1 | 53 |
192.168.122.203 | 57595 | 192.168.122.1 | 53 |
192.168.122.203 | 61025 | 192.168.122.1 | 53 |
192.168.122.203 | 61372 | 192.168.122.1 | 53 |
192.168.122.203 | 63184 | 192.168.122.1 | 53 |
192.168.122.203 | 64896 | 192.168.122.1 | 53 |
URI | HTTP数据 |
---|---|
URL专业沙箱检测 -> http://down.ku122.com/\xba\xd8\xc4\xea\xd7\xd4\xb6\xaf\xb8\xfc\xd0\xc2.txt | GET /\xba\xd8\xc4\xea\xd7\xd4\xb6\xaf\xb8\xfc\xd0\xc2.txt HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Accept: */* Host: down.ku122.com Cache-Control: no-cache |
URL专业沙箱检测 -> http://www.baiasp.com/tlrwp2.html?crack | GET /tlrwp2.html?crack HTTP/1.1 Accept: */* Accept-Language: zh-cn Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: www.baiasp.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://m.hascosafety.com:88/s.php?id=159 | GET /s.php?id=159 HTTP/1.1 Accept: */* Referer: http://www.baiasp.com/tlrwp2.html?crack Accept-Language: zh-CN Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: m.hascosafety.com:88 Connection: Keep-Alive |
URL专业沙箱检测 -> http://dddddd.diaobanstudio.com:88/c.php?s=JnpvbmVpZD0xNTkmc2l0ZWlkPTE1JnVpZD0xMjkzJmFkc2lkPTMwNiZwbGFuaWQ9MTA4JnBsYW50eXBlPWNwbSZ1cmw9aHR0cCUzQSUyRiUyRnd3dy5tbnRpbmcxMDEuY29tJTJGdGltZXYlMkZhZF9tb2RlLmh0bWwmdnRpbWU9MjAxNy0wMi0xOCAyMDowODoyNCZpcD0xMTYuMjMwLjIxOC4yMTk=;4cd58fb0f14410ea3513f35a04dd1d75;&p=aj0xJm09MCZmPTI0LjAuMC4xOTQmcj0mdT1odHRwJTNBJTJGJTJGd3d3LmJhaWFzcC5jb20lMkZ0bHJ3cDIuaHRtbCUzRmNyYWNrJnJlcz04MDB4NjAwJnQ9Jmw9emgtY24mYz0xJmg9OTYmc2U9MA== | GET /c.php?s=JnpvbmVpZD0xNTkmc2l0ZWlkPTE1JnVpZD0xMjkzJmFkc2lkPTMwNiZwbGFuaWQ9MTA4JnBsYW50eXBlPWNwbSZ1cmw9aHR0cCUzQSUyRiUyRnd3dy5tbnRpbmcxMDEuY29tJTJGdGltZXYlMkZhZF9tb2RlLmh0bWwmdnRpbWU9MjAxNy0wMi0xOCAyMDowODoyNCZpcD0xMTYuMjMwLjIxOC4yMTk=;4cd58fb0f14410ea3513f35a04dd1d75;&p=aj0xJm09MCZmPTI0LjAuMC4xOTQmcj0mdT1odHRwJTNBJTJGJTJGd3d3LmJhaWFzcC5jb20lMkZ0bHJ3cDIuaHRtbCUzRmNyYWNrJnJlcz04MDB4NjAwJnQ9Jmw9emgtY24mYz0xJmg9OTYmc2U9MA== HTTP/1.1 Accept: */* Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: dddddd.diaobanstudio.com:88 Connection: Keep-Alive |
URL专业沙箱检测 -> http://s22.cnzz.com/stat.php?id=4616976 | GET /stat.php?id=4616976 HTTP/1.1 Accept: */* Referer: http://www.baiasp.com/tlrwp2.html?crack Accept-Language: zh-CN Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: s22.cnzz.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://hzs1.cnzz.com/stat.htm?id=4616976&r=&lg=zh-cn&ntime=none&cnzz_eid=968729039-1487419151-&showp=800x600&t=&h=1&rnd=738687017 | GET /stat.htm?id=4616976&r=&lg=zh-cn&ntime=none&cnzz_eid=968729039-1487419151-&showp=800x600&t=&h=1&rnd=738687017 HTTP/1.1 Accept: */* Referer: http://www.baiasp.com/tlrwp2.html?crack Accept-Language: zh-CN Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: hzs1.cnzz.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://c.cnzz.com/core.php?web_id=4616976&t=z | GET /core.php?web_id=4616976&t=z HTTP/1.1 Accept: */* Referer: http://www.baiasp.com/tlrwp2.html?crack Accept-Language: zh-CN Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: c.cnzz.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://www.mnting101.com/timev/ad_mode.html | GET /timev/ad_mode.html HTTP/1.1 Accept: */* Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.mnting101.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://www.mnting101.com/100054 | GET /100054 HTTP/1.1 Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */* Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.mnting101.com Connection: Keep-Alive Cookie: __cfduid=da1162f415dc8f88b41d559064bc339511487419714 |
URL专业沙箱检测 -> http://pv.sohu.com/cityjson?ie=utf-8 | GET /cityjson?ie=utf-8 HTTP/1.1 Accept: */* Referer: http://www.mnting101.com/100054 Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: pv.sohu.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/js/filterRegion.js?v=1.0.0 | GET /static/js/filterRegion.js?v=1.0.0 HTTP/1.1 Accept: */* Referer: http://www.mnting101.com/100054 Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/page/js/bootstrap.min.js?v=1.2.17 | GET /static/page/js/bootstrap.min.js?v=1.2.17 HTTP/1.1 Accept: */* Referer: http://www.mnting101.com/100054 Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/page/js/config.js?v=1.2.17 | GET /static/page/js/config.js?v=1.2.17 HTTP/1.1 Accept: */* Referer: http://www.mnting101.com/100054 Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/page/js/jquery.cookie.js?v=1.2.17 | GET /static/page/js/jquery.cookie.js?v=1.2.17 HTTP/1.1 Accept: */* Referer: http://www.mnting101.com/100054 Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/page/js/jquery-1.10.2.min.js?v=1.2.17 | GET /static/page/js/jquery-1.10.2.min.js?v=1.2.17 HTTP/1.1 Accept: */* Referer: http://www.mnting101.com/100054 Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/flashobject.js?v=1.2.17 | GET /static/room/flashobject.js?v=1.2.17 HTTP/1.1 Accept: */* Referer: http://www.mnting101.com/100054 Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/page/layer/layer.js?v=1.2.17 | GET /static/page/layer/layer.js?v=1.2.17 HTTP/1.1 Accept: */* Referer: http://www.mnting101.com/100054 Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/swfobject_modified.js?v=1.2.17 | GET /static/room/swfobject_modified.js?v=1.2.17 HTTP/1.1 Accept: */* Referer: http://www.mnting101.com/100054 Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/page/layer/skin/layer.css | GET /static/page/layer/skin/layer.css HTTP/1.1 Accept: */* Referer: http://www.mnting101.com/100054 Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://www.mnting101.com/favicon.ico | GET /favicon.ico HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: www.mnting101.com Connection: Keep-Alive Cookie: __cfduid=da1162f415dc8f88b41d559064bc339511487419714; JSESSIONID=2C9375861802D3755D295E7F142C01F1 |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 | GET /static/room/load_preloader.swf?1.2.17 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://www.mnting101.com/100054 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/xmls/config.xml?1.2.17 | GET /static/room/xmls/config.xml?1.2.17 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/apps/videoView.swf?1.2.17 | GET /static/room/apps/videoView.swf?1.2.17 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/apps/skin.swf?1.2.17 | GET /static/room/apps/skin.swf?1.2.17 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/apps/videoModule.swf?1.2.17 | GET /static/room/apps/videoModule.swf?1.2.17 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/apps/MenuBar.swf?1.2.17 | GET /static/room/apps/MenuBar.swf?1.2.17 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/apps/roomModule.swf?1.2.17 | GET /static/room/apps/roomModule.swf?1.2.17 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/apps/listModule.swf?1.2.17 | GET /static/room/apps/listModule.swf?1.2.17 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 | GET /static/room/apps/giftModule.swf?1.2.17 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/apps/exp.swf?1.2.17 | GET /static/room/apps/exp.swf?1.2.17 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/apps/giftIcons.swf?1.2.17 | GET /static/room/apps/giftIcons.swf?1.2.17 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/apps/iconGroup.swf?1.2.17 | GET /static/room/apps/iconGroup.swf?1.2.17 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://cdns.xiuchang888.com/crossdomain.xml | GET /crossdomain.xml HTTP/1.1 Accept: */* Accept-Language: zh-CN x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: cdns.xiuchang888.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/apps/rightMenu.swf?1.2.17 | GET /static/room/apps/rightMenu.swf?1.2.17 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://cdns.xiuchang888.com/video_rest/room_load/login?login_key=&1.2.17 | GET /video_rest/room_load/login?login_key=&1.2.17 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: cdns.xiuchang888.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/apps/chatModule.swf?1.2.17 | GET /static/room/apps/chatModule.swf?1.2.17 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/xmls/gift.xml?login_key=&1.2.17 | GET /static/room/xmls/gift.xml?login_key=&1.2.17 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/xmls/iconGroup.xml | GET /static/room/xmls/iconGroup.xml HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/iconGroup.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/gift/gift_icon/100001.png | GET /static/room/gift/gift_icon/100001.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/gift/gift_icon/100002.png | GET /static/room/gift/gift_icon/100002.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/gift/gift_icon/100003.png | GET /static/room/gift/gift_icon/100003.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/gift/gift_icon/100004.png | GET /static/room/gift/gift_icon/100004.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/gift/gift_icon/100005.png | GET /static/room/gift/gift_icon/100005.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/gift/gift_icon/100006.png | GET /static/room/gift/gift_icon/100006.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/gift/gift_icon/100008.png | GET /static/room/gift/gift_icon/100008.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/gift/gift_icon/100007.png | GET /static/room/gift/gift_icon/100007.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/gift/gift_icon/100009.png | GET /static/room/gift/gift_icon/100009.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/gift/gift_icon/100010.png | GET /static/room/gift/gift_icon/100010.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/gift/gift_icon/100011.png | GET /static/room/gift/gift_icon/100011.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/gift/gift_icon/100012.png | GET /static/room/gift/gift_icon/100012.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/gift/gift_icon/100013.png | GET /static/room/gift/gift_icon/100013.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/gift/gift_icon/100014.png | GET /static/room/gift/gift_icon/100014.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/gift/gift_icon/100015.png | GET /static/room/gift/gift_icon/100015.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/gift/gift_icon/100016.png | GET /static/room/gift/gift_icon/100016.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/gift/gift_icon/100017.png | GET /static/room/gift/gift_icon/100017.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/gift/gift_icon/100018.png | GET /static/room/gift/gift_icon/100018.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/gift/gift_icon/100020.png | GET /static/room/gift/gift_icon/100020.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/gift/gift_icon/100019.png | GET /static/room/gift/gift_icon/100019.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/images/icons/ico_home.png | GET /static/room/images/icons/ico_home.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/images/icons/ico_qq.png | GET /static/room/images/icons/ico_qq.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/images/icons/ico_hall.png | GET /static/room/images/icons/ico_hall.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/images/icons/ico_rank.png | GET /static/room/images/icons/ico_rank.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/images/icons/ico_game.png | GET /static/room/images/icons/ico_game.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/images/icons/ico_app.png | GET /static/room/images/icons/ico_app.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/images/bj.jpg | GET /static/room/images/bj.jpg HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/videoView.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/apps/videoNotice.swf?1.2.17 | GET /static/room/apps/videoNotice.swf?1.2.17 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/apps/carListModule.swf?1.2.17 | GET /static/room/apps/carListModule.swf?1.2.17 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/apps/nobleList.swf?1.2.17 | GET /static/room/apps/nobleList.swf?1.2.17 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/apps/activityModule.swf?1.2.17 | GET /static/room/apps/activityModule.swf?1.2.17 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/apps/otherModule.swf?1.2.17 | GET /static/room/apps/otherModule.swf?1.2.17 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/apps/heartGame.swf?1.2.17 | GET /static/room/apps/heartGame.swf?1.2.17 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://cdns.xiuchang888.com/video_rest/video/img/get_cover?uid=44542&login_key= | GET /video_rest/video/img/get_cover?uid=44542&login_key= HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: cdns.xiuchang888.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/car/icon/10007.png?login_key= | GET /static/room/car/icon/10007.png?login_key= HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://cdns.xiuchang888.com/video_rest/video/img/get_cover?uid=1058893&login_key= | GET /video_rest/video/img/get_cover?uid=1058893&login_key= HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: cdns.xiuchang888.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://www.mnting101.com/video_rest/follow/status?uid=100054&login_key= | GET /video_rest/follow/status?uid=100054&login_key= HTTP/1.1 x-requested-with: XMLHttpRequest Accept-Language: zh-cn Referer: http://www.mnting101.com/100054 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: www.mnting101.com Connection: Keep-Alive Cookie: __cfduid=da1162f415dc8f88b41d559064bc339511487419714; JSESSIONID=2C9375861802D3755D295E7F142C01F1 |
URL专业沙箱检测 -> http://cdns.xiuchang888.com/video_rest/video/img/get_cover?uid=110365&login_key= | GET /video_rest/video/img/get_cover?uid=110365&login_key= HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: cdns.xiuchang888.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://cdns.xiuchang888.com/video_rest/video/img/get_cover?uid=1242525&login_key= | GET /video_rest/video/img/get_cover?uid=1242525&login_key= HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: cdns.xiuchang888.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://cdns.xiuchang888.com/video_rest/video/img/get_cover?uid=1050776&login_key= | GET /video_rest/video/img/get_cover?uid=1050776&login_key= HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: cdns.xiuchang888.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://cdns.xiuchang888.com/video_rest/video/img/get_cover?uid=100021&login_key= | GET /video_rest/video/img/get_cover?uid=100021&login_key= HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: cdns.xiuchang888.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://cdns.xiuchang888.com/video_rest/video/img/get_cover?uid=100054&login_key= | GET /video_rest/video/img/get_cover?uid=100054&login_key= HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: cdns.xiuchang888.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://cdns.xiuchang888.com/video_rest/video/img/get_cover?uid=1175158&login_key= | GET /video_rest/video/img/get_cover?uid=1175158&login_key= HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: cdns.xiuchang888.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/car/icon/10007.png?login_key= | GET /static/room/car/icon/10007.png?login_key= HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/giftModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) If-Modified-Since: Mon, 30 Jan 2017 12:37:19 GMT If-None-Match: "588f337f-136a" Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/car/icon/10007.png?login_key= | GET /static/room/car/icon/10007.png?login_key= HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/apps/chatModule.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) If-Modified-Since: Mon, 30 Jan 2017 12:37:19 GMT If-None-Match: "588f337f-136a" Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/car/car.xml | GET /static/room/car/car.xml HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/car/swf/carModule.swf?src=http://abc.maikexunsh.com/static/room/car/png/10007.png&scaleX=.3&scaleY=.3 | GET /static/room/car/swf/carModule.swf?src=http://abc.maikexunsh.com/static/room/car/png/10007.png&scaleX=.3&scaleY=.3 HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/load_preloader.swf?1.2.17 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://abc.maikexunsh.com/static/room/car/png/10007.png | GET /static/room/car/png/10007.png HTTP/1.1 Accept: */* Accept-Language: zh-CN Referer: http://abc.maikexunsh.com/static/room/car/swf/carModule.swf?src=http://abc.maikexunsh.com/static/room/car/png/10007.png&scaleX=.3&scaleY=.3 x-flash-version: 24,0,0,194 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) Host: abc.maikexunsh.com Connection: Keep-Alive |
无SMTP流量.
无IRC请求.
源地址 | 目标地址 | ICMP类型 | 数据 |
---|---|---|---|
125.88.187.127 | 192.168.122.203 | 3 | |
125.88.187.127 | 192.168.122.203 | 3 | |
125.88.187.127 | 192.168.122.203 | 3 | |
125.88.187.127 | 192.168.122.203 | 3 | |
192.168.121.1 | 192.168.122.203 | 3 |
无 CIF 结果
无警报
No TLS
No Suricata HTTP
文件名 | MSIMGSIZ.DAT |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
|
文件大小 | 16384 字节 |
文件类型 | data |
MD5 | b749921d6d714cf8de00573cd5b49b6a |
SHA1 | f84119954a0f3ce5eb1017ad136b9e25b4a52bef |
SHA256 | 85605bb90427cb17b4ab2b5f180a7072ee477f4bc04772b16ad240f7dd0e45ff |
CRC32 | 409E82D5 |
Ssdeep | 24:jYlIoF7mi7s+BCVKwNazuCIp3NasW9+9K8trW0DXakBcHaFLRR+DkMfiu+wJiUd2:j8NV7s+BCVKqaIaz+9K8VTFBc6pwd2 |
下载 提交魔盾安全分析 |
文件名 | Popup.txt |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Temp\Popup.txt
|
文件大小 | 5 字节 |
文件类型 | ISO-8859 text, with no line terminators |
MD5 | c7eb61eed48f6ec13560390ce191b69e |
SHA1 | 8e2fa5462a8e0af911db6c37e258c3be498a7423 |
SHA256 | 458379f820487deb007be9c115c644ff1943d3b539acc6110d45fa0bbb5efcc1 |
CRC32 | E548D0DE |
Ssdeep | 3:j:j |
下载 提交魔盾安全分析 |
文件名 | hao123.exe |
---|---|
相关文件 |
C:\Users\test\Local Settings\Application Data\hao123\hao123.exe
|
文件大小 | 779080 字节 |
文件类型 | PE32 executable (GUI) Intel 80386, for MS Windows |
MD5 | a4df5aa48eaa0eaca060773f8ce1949e |
SHA1 | bbb106eca82d30403873087278e7b85869fee8d1 |
SHA256 | 11472eb20a08bd913b19b676deaecb840a2f5b8c415a2b349043e800eb79b95f |
CRC32 | E2D32C49 |
Ssdeep | 12288:ndj+R2VGbCcc/cFMNL1/MI0oQuH5TUkkxJippA4gqbpLTN:4cVGb1MNLF2mN |
Yara |
|
下载 提交魔盾安全分析 |
文件名 | test@baiasp[1].txt |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@baiasp[1].txt
|
文件大小 | 109 字节 |
文件类型 | ASCII text |
MD5 | 7d9489d14c4a7c44d5af87194cff6e57 |
SHA1 | 1d9430ed163225dfc3f16346b9bc5ecc67fed02f |
SHA256 | a7586c42087b082a10e458fafcfab752cf31284c325aa540627cd3e53983b5b8 |
CRC32 | B44A96FD |
Ssdeep | 3:ZRA2m/XEThHSUKdE4aVXJRRXVeVhVdWS/:ZmdPEtyLsVXfiVxD/ |
下载 提交魔盾安全分析 显示文本 | |
safedog-flow-item 0580C8433A7E024353686D4D7116F3C0 baiasp.com/ 1024 468201216 30575104 1338417216 30550979 * |
文件名 | test@www.baiasp[1].txt |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@www.baiasp[1].txt
|
文件大小 | 133 字节 |
文件类型 | ASCII text |
MD5 | 42eaccff6d777823348cedd5564c06d5 |
SHA1 | aff622038aeba92bfa5c10aa675c1ac95cf57eaa |
SHA256 | ce78ae252fb62b371321d30ebf32c9aad829ba8265b0e9296cf3111295257435 |
CRC32 | BA9A0E63 |
Ssdeep | 3:QhkiGPMSXxIQsB9XTLRJUUlBKhaVdtRVJSKIfRW3OC/:QHGUSXtS1xy8KEVdfVcKAW3OC/ |
下载 提交魔盾安全分析 显示文本 | |
CNZZDATA4616976 cnzz_eid%3D968729039-1487419151-%26ntime%3D1487419151 www.baiasp.com/ 1088 3740006272 30587543 1432957216 30550979 * |
文件名 | s[1].htm |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\s[1].htm
|
文件大小 | 18585 字节 |
文件类型 | UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators |
MD5 | d0d32b9ae5f6c7fbb15113d2e84de36b |
SHA1 | b8ec2837a70c9d31ec2472df5bb9553422fcd2fa |
SHA256 | 4867d617f0235e63daf6374c65cdd8fd513f87312231a9c708660b5880de1910 |
CRC32 | FB5E4F39 |
Ssdeep | 192:+sMRNMMJrjxctkDUKtDje6u0GjVZS3ikdp38/8VGmLNeer5rSj/wgDI+Kd43s76T:rM4CrD1u0yVedpI8VGiNe49mNnKEuep |
下载 提交魔盾安全分析 |
文件名 | hao123\xe5\xaf\xbc\xe8\x88\xaa.lnk |
---|---|
相关文件 |
C:\Users\test\Desktop\hao123\xe5\xaf\xbc\xe8\x88\xaa.lnk
|
文件大小 | 1139 字节 |
文件类型 | MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Archive, ctime=Fri Oct 21 04:07:29 2016, mtime=Fri Oct 21 04:07:29 2016, atime=Fri Oct 21 04:07:29 2016, length=779080, window=hideshowminimized |
MD5 | 6a940248753740251dd84a952b2062b0 |
SHA1 | 2232986fff7bf03543ec39634d120445f7b0b7b3 |
SHA256 | 4d26c3dec123d5e5219b52e5e94fe4e81bea3af25c211c53dc4317ae11052f42 |
CRC32 | B74DBCAB |
Ssdeep | 12:8OQP4uKY1kCtXuxiC/JIB3kjvbChz/jAS1U/vAxiAIBMm9xiAIB4wua4t2YZqI0R:8dwX9Wux5XvbC9LAS17xH0xR6qhVo |
下载 提交魔盾安全分析 |
文件名 | config.ini |
---|---|
相关文件 |
C:\Users\test\Local Settings\Application Data\hao123\config.ini
|
文件大小 | 36 字节 |
文件类型 | ASCII text, with CRLF line terminators |
MD5 | 0f94ad3d07899803680ef005453c0e54 |
SHA1 | c8bee98179d822c35d1d98e5ce573a978c63b3d0 |
SHA256 | 2f790bfe6729fdf0c35f3c2e2d0cbedd71b369d2a0d9a75e4947e56b99528a2a |
CRC32 | 169F92B7 |
Ssdeep | 3:aUlYNV8S4pTov:aqYNJ4ev |
下载 提交魔盾安全分析 显示文本 | |
[hao123] url=http://www.ku122.com |
文件名 | core[1].php |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\core[1].php
|
文件大小 | 762 字节 |
文件类型 | HTML document, ASCII text, with very long lines, with no line terminators |
MD5 | 29efd4c5af38e20bd3a7fa510ce409f9 |
SHA1 | 2745ca9e25ad24f147c69d0aff14e5b32856c625 |
SHA256 | ec2367db95eeb2ab91bfe38d8db015279614735ac3f086b7e04dda0a929c8668 |
CRC32 | 5E4F5A99 |
Ssdeep | 12:cR2RPYAaTjj2hgWcnQOJRG7+La5+yIx7Gu2LB2o1wNJ/lgzVjuXiVcELnPXerTWJ:cR2aAYjj/WOqjlCp2LBZ18pyBVNjPcTW |
下载 提交魔盾安全分析 显示文本 | |
!function(){var p,q,r,a=encodeURIComponent,b="4616976",c="",d="",e="online_v3.php",f="hzs1.cnzz.com",g="1",h="text",i="z",j="站长统计",k=window["_CNZZDbridge_"+b]["bobject"],l="http:",m="1",n=l+"//online.cnzz.com/online/"+e,o=[];o.push("id="+b),o.push("h="+f),o.push("on="+a(d)),o.push("s="+a(c)),n+="?"+o.join("&"),"0"===m&&k["callRequest"]([l+"//cnzz.mmstat.com/9.gif?abc=1"]),g&&(""!==d?k["createScriptIcon"](n,"utf-8"):(q="z"==i?"http://www.cnzz.com/stat/website.php?web_id="+b:"http://quanjing.cnzz.com","pic"===h?(r=l+"//icon.cnzz.com/img/"+c+".gif",p="<a href='"+q+"' target=_blank title='"+j+"'><img border=0 hspace=0 vspace=0 src='"+r+"'></a>"):p="<a href='"+q+"' target=_blank title='"+j+"'>"+j+"</a>",k["createIcon"]([p])))}(); |
文件名 | stat[1].php |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\stat[1].php
|
文件大小 | 9937 字节 |
文件类型 | ASCII text, with very long lines |
MD5 | 2dccc1173c2e269aef7b67da1f2a0d96 |
SHA1 | e3c2d96bd3dab8cf7e124afa385769d53965ae76 |
SHA256 | c4cef6eb885b5c7cd39ff0b233ba192ac2ec40283dc5b33368c8a462460c96fe |
CRC32 | B10D61DF |
Ssdeep | 192:hFxhtPCO5emuSsxf5m1mbi4s5pHx8ooBDeaJXg8lEkWwB9rP1VkCAt:hFxhtPCO1uphs1kxOahA8CUn7kCAt |
下载 提交魔盾安全分析 显示文本 | |
(function(){function k(){this.c="4616976";this.R="z";this.N="";this.K="";this.M="";this.r="1487419151";this.P="hzs1.cnzz.com";this.L="";this.u="CNZZDATA"+this.c;this.t="_CNZZDbridge_"+this.c;this.F="_cnzz_CV"+this.c;this.G="CZ_UUID"+this.c;this.v="0";this.A={};this.a={};this.la()}function g(a,b){try{var c= [];c.push("siteid=4616976");c.push("name="+f(a.name));c.push("msg="+f(a.message));c.push("r="+f(h.referrer));c.push("page="+f(e.location.href));c.push("agent="+f(e.navigator.userAgent));c.push("ex="+f(b));c.push("rnd="+Math.floor(2147483648*Math.random()));(new Image).src="http://jserr.cnzz.com/log.php?"+c.join("&")}catch(d){}}var h=document,e=window,f=encodeURIComponent,l=decodeURIComponent,n=unescape;k.prototype={la:function(){try{this.U(),this.J(),this.ia(),this.H(),this.o(),this.ga(), this.fa(),this.ja(),this.j(),this.ea(),this.ha(),this.ka(),this.ca(),this.aa(),this.da(),this.pa(),e[this.t]=e[this.t]||{},this.ba("_cnzz_CV")}catch(a){g(a,"i failed")}},na:function(){try{var a=this;e._czc={push:function(){return a.B.apply(a,arguments)}}}catch(b){g(b,"oP failed")}},aa:function(){try{var a=e._czc;if("[object Array]"==={}.toString.call(a))for(var b=0;b<a.length;b++){var c=a[b];switch(c[0]){case "_setAccount":e._cz_account="[object String]"==={}.toString.call(c[1])?c[1]:String(c[1]); break;case "_setAutoPageview":"boolean"===typeof c[1]&&(e._cz_autoPageview=c[1])}}}catch(d){g(d,"cS failed")}},pa:function(){try{if("undefined"===typeof e._cz_account||e._cz_account===this.c){e._cz_account=this.c;if("[object Array]"==={}.toString.call(e._czc))for(var a=e._czc,b=0,c=a.length;b<c;b++)this.B(a[b]);this.na()}}catch(d){g(d,"pP failed")}},B:function(a){try{if("[object Array]"==={}.toString.call(a))switch(a[0]){case "_trackPageview":if(a[1]){this.a.d="http://"+e.location.host; "/"!==a[1].charAt(0)&&(this.a.d+="/");this.a.d+=a[1];if(""===a[2])this.a.e="";else if(a[2]){var b=a[2];"http"!==b.substr(0,4)&&(b="http://"+e.location.host,"/"!==a[2].charAt(0)&&(b+="/"),b+=a[2]);this.a.e=b}this.k();"undefined"!==typeof this.a.e&&delete this.a.e;"undefined"!==typeof this.a.d&&delete this.a.d}break;case "_trackEvent":var c=[];a[1]&&a[2]&&(c.push(f(a[1])),c.push(f(a[2])),c.push(a[3]?f(a[3]):""),a[4]=parseFloat(a[4]),c.push(isNaN(a[4])?0:a[4]),c.push(a[5]?f(a[5]):""), this.m=c.join("|"),this.k(),delete this.m);break;case "_setCustomVar":if(3<=a.length){if(!a[1]||!a[2])return!1;var d=a[1],q=a[2],h=a[3]||0;a=0;for(var l in this.a.b)a++;if(5<=a)return!1;var k;k=0==h?"p":-1==h||-2==h?h:(new Date).getTime()+1E3*h;this.a.b[d]={};this.a.b[d].S=q;this.a.b[d].f=k;this.w()}break;case "_deleteCustomVar":2<=a.length&&(d=a[1],this.a.b[d]&&(delete this.a.b[d],this.w()));break;case "_trackPageContent":a[1]&&(this.s=a[1],this.k(),delete this.s);case "_trackPageAction":c=[];a[1]&& a[2]&&(c.push(f(a[1])),c.push(f(a[2])),this.l=c.join("|"),this.k(),delete this.l);break;case "_setUUid":var m=a[1];if(128<m.length)return!1;var n=new Date;n.setTime(n.getTime()+157248E5);this.sa(this.G,m,n)}}catch(p){g(p,"aC failed")}},da:function(){try{var a=this.n(this.F),b,c;this.a.b={};if(a)for(var d=a.split("&"),a=0;a<d.length;a++)c=l(d[a]),b=c.split("|"),this.a.b[l(b[0])]={},this.a.b[l(b[0])].S=l(b[1]),this.a.b[l(b[0])].f=l(b[2])}catch(f){g(f,"gCV failed")}},V:function(){try{var a=(new Date).getTime(), b;for(b in this.a.b)"p"===this.a.b[b].f?this.a.b[b].f=0:"-1"!==this.a.b[b].f&&a>this.a.b[b].f&&delete this.a.b[b];this.w()}catch(c){g(c,"cCV failed")}},w:function(){try{var a=[],b,c,d;for(d in this.a.b){var e=[];e.push(d);e.push(this.a.b[d].S);e.push(this.a.b[d].f);b=e.join("|");a.push(b)}if(0===a.length)return!0;var k=new Date;k.setTime(k.getTime()+157248E5);c=this.F+"=";this.b=f(a.join("&"));c+=this.b;c+="; expires="+k.toUTCString();h.cookie=c+"; path=/"}catch(l){g(l,"sCV failed")}},ca:function(){try{if(""!== e.location.hash)return this.D=e.location.href}catch(a){g(a,"gCP failed")}},j:function(){try{return this.a.qa=h.referrer||""}catch(a){g(a,"gR failed")}},ea:function(){try{return this.a.p=e.navigator.systemLanguage||e.navigator.language,this.a.p=this.a.p.toLowerCase(),this.a.p}catch(a){g(a,"gL failed")}},ha:function(){try{return this.a.Q=e.screen.width&&e.screen.height?e.screen.width+"x"+e.screen.height:"0x0",this.a.Q}catch(a){g(a,"gS failed")}},o:function(){try{return this.a.ma=this.g("ntime")||"none"}catch(a){g(a, "gLVST failed")}},I:function(){try{return this.a.T=this.g("ltime")||(new Date).getTime()}catch(a){g(a,"gFVBT failed")}},ga:function(){try{var a=this.g("cnzz_a");if(null===a)a=0;else{var b=1E3*this.o(),c=new Date;c.setTime(b);(new Date).getDate()===c.getDate()?a++:a=0}return this.a.va=a}catch(d){g(d,"gRT failed")}},fa:function(){try{return this.a.q=this.g("rtime"),null===this.a.q&&(this.a.q=0),0<this.I()&&432E5<(new Date).getTime()-this.I()&&(this.a.q++,this.a.T=(new Date).getTime()),this.a.q}catch(a){g(a, "gRVT failed")}},ja:function(){try{return"none"===this.o()?this.a.ua=0:this.a.ua=parseInt(((new Date).getTime()-1E3*this.o())/1E3)}catch(a){g(a,"gST failed")}},ia:function(){try{var a=this.g("sin")||"none";if(!h.domain)return this.a.ta="none";this.j().split("/")[2]!==h.domain&&(a=this.j());return this.a.ta=a}catch(b){g(b,"gS failed")}},H:function(){try{return this.a.i=this.g("cnzz_eid")||"none"}catch(a){g(a,"gC failed")}},ra:function(){try{var a="http://c.cnzz.com/core.php?",b=[];b.push("web_id="+ f(this.c));this.N&&b.push("show="+f(this.N));this.M&&b.push("online="+f(this.M));this.K&&b.push("l="+f(this.K));this.R&&b.push("t="+this.R);a+=b.join("&");this.Y(a,"utf-8")}catch(c){g(c,"rN failed")}},U:function(){try{return!1===e.navigator.cookieEnabled?this.a.X=!1:this.a.X=!0}catch(a){g(a,"cCE failed")}},sa:function(a,b,c,d,e,g){a=f(a)+"="+f(b);c instanceof Date&&(a+="; expires="+c.toGMTString());d&&(a+="; path="+d);e&&(a+="; domain="+e);g&&(a+="; secure");h.cookie=a},n:function(a){try{a+="=";var b= h.cookie,c=b.indexOf(a),d="";if(-1<c){var e=b.indexOf(";",c);-1===e&&(e=b.length);d=l(b.substring(c+a.length,e))}return d?d:""}catch(f){g(f,"gAC failed")}},ba:function(a){try{h.cookie=a+"=; expires="+(new Date(0)).toUTCString()+"; path=/"}catch(b){g(b,"dAC failed")}},ka:function(){try{var a=h.title;40<a.length&&(a=a.substr(0,40),a+="...");this.a.oa=a}catch(b){g(b,"gT failed")}},C:function(a){try{return"http"!==a.substr(0,4)?"":/http:\/\/.*?\//i.exec(a)}catch(b){g(b,"cH failed")}},J:function(){try{var a= this.u,b={},c=this.n(this.u);if(0<c.length)if(1E8<this.c){var d=c.split("|");b.cnzz_eid=l(d[0]);b.ntime=l(d[1])}else for(var d=c.split("&"),e=0,f=d.length;e<f;e++){var h=d[e].split("=");b[l(h[0])]=l(h[1])}this.A=b}catch(k){g(k,"iC failed:"+a+":"+c)}},O:function(){try{var a=this.u+"=",b=[],c=new Date;c.setTime(c.getTime()+157248E5);if(1E8<this.c){if("none"!==this.a.i)b.push(f(this.a.i));else{var d=Math.floor(2147483648*Math.random())+"-"+this.r+"-"+this.C(this.j());b.push(f(d))}b.push(this.r);0<b.length? (a+=f(b.join("|")),a+="; expires="+c.toUTCString(),a+="; path=/"):a+="; expires="+(new Date(0)).toUTCString()}else"none"!==this.a.i?b.push("cnzz_eid="+f(this.a.i)):(d=Math.floor(2147483648*Math.random())+"-"+this.r+"-"+this.C(this.j()),b.push("cnzz_eid="+f(d))),b.push("ntime="+this.r),0<b.length?(a+=f(b.join("&")),a+="; expires="+c.toUTCString(),a+="; path=/"):a+="; expires="+(new Date(0)).toUTCString();h.cookie=a}catch(e){g(e,"sS failed")}},g:function(a){try{return"undefined"!==typeof this.A[a]? this.A[a]:null}catch(b){g(b,"gCPa failed")}},Y:function(a,b){try{if(b=b||"utf-8","1"===this.v){var c=h.createElement("script");c.type="text/javascript";c.async=!0;c.charset=b;c.src=a;var d=h.getElementsByTagName("script")[0];d.parentNode&&d.parentNode.insertBefore(c,d)}else h.write(n("%3Cscript src='"+a+"' charset='"+b+"' type='text/javascript'%3E%3C/script%3E"))}catch(e){g(e,"cAS failed")}},$:function(a,b){try{var c=h.getElementById("cnzz_stat_icon_"+this.c);if(c){var d=h.createElement("script"); d.type="text/javascript";d.async=!0;d.charset=b;d.src=a;c.appendChild(d)}else"0"===this.v&&h.write(n("%3Cscript src='"+a+"' charset='"+b+"' type='text/javascript'%3E%3C/script%3E"))}catch(e){g(e,"cSI failed")}},Z:function(a){try{for(var b=a.length,c="",d=0;d<b;d++)a[d]&&(c+=n(a[d]));var e=h.getElementById( <truncated> |
文件名 | index.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
|
文件大小 | 262144 字节 |
文件类型 | Internet Explorer cache file version Ver 5.2 |
MD5 | fbe6ba880d1f6cadfd771536120f2c73 |
SHA1 | 34b1a30160c6c7675a5c69b62d98661ab7a494bb |
SHA256 | a2cdabb3fc43f2e94ca47fac764eea7819768bdf094690a6369be41fc4a5fd01 |
CRC32 | E94B92FD |
Ssdeep | 768:pFFwZHojCtOlWNw3nsiMsieuugxdKOri:rFwZIjCtkWm3siMbeuugxdKoi |
下载 提交魔盾安全分析 |
文件名 | stat[1].gif |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\stat[1].gif
|
文件大小 | 43 字节 |
文件类型 | GIF image data, version 89a, 1 x 1 |
MD5 | 325472601571f31e1bf00674c368d335 |
SHA1 | 2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a |
SHA256 | b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b |
CRC32 | 9ACCEAB1 |
Ssdeep | 3:CUkwltxlHh/:P/ |
下载 提交魔盾安全分析 |
文件名 | index.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012016102220161023\index.dat
|
文件大小 | 32768 字节 |
文件类型 | Internet Explorer cache file version Ver 5.2 |
MD5 | 9347579c1662e3dbc6d03ed8ca272772 |
SHA1 | a1e691e709ac4304ba64af15bd44597c97a218e5 |
SHA256 | 58e7da42c2db3f077812a7768a64a566d80ca19e23f67a49bf1ed8b08a45c7b0 |
CRC32 | 3634B065 |
Ssdeep | 6:qjyxXKgf31VFJErAij4ksrUGXvKAGO3PJFJErAi9s7:qjRk31v+LbQKJO3D+L9 |
下载 提交魔盾安全分析 |
HTML 总结报告 (需15-60分钟同步) |
下载 |
---|
Task ID | 83387 |
---|---|
Mongo ID | 58a83c030d982676a20f7425 |
Cuckoo release | 1.4-Maldun |