分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
URL win7-sp1-x64-hpdapp01-3 2017-12-14 09:12:09 2017-12-14 09:14:58 169 秒

魔盾分数

0.85

正常的

URL详细信息


登录查看威胁特征

运行截图


访问主机纪录 (可点击查询WPING实时安全评级)

直接 IP 安全评级 地理位置
104.17.178.200 美国
115.239.211.92 中国
117.18.237.29 亚洲太平洋地区
180.149.132.165 中国
180.97.66.48 中国
183.136.212.50 中国
61.132.13.15 中国
65.55.186.113 美国
96.17.182.33 美国

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
swxdf.com A 61.132.13.15
www.swxdf.com
bdimg.share.baidu.com CNAME share.jomodns.com
A 180.97.66.48
nsclick.baidu.com CNAME static.n.shifen.com
A 115.239.211.92
api.share.baidu.com CNAME api.share.n.shifen.com
A 180.149.132.165
www.microsoft.com CNAME e1863.ca2.s.tl88.net
CNAME www.microsoft.com-c-2.edgekey.net.globalredir.akadns.net
CNAME www.microsoft.com-c-2.edgekey.net
A 183.136.212.50
data.tvdownload.microsoft.com A 65.55.186.113
CNAME data.tvdownload.windowsmedia.com.akadns.net
ocsp.msocsp.com CNAME hostedocsp.globalsign.com
CNAME ocsp.globalsign.cloud
A 104.17.178.200
A 104.17.177.200
A 104.17.179.200
A 104.17.175.200
A 104.17.176.200
cdn.epg.tvdownload.microsoft.com CNAME cdn.epg.tvdownload.windowsmedia.com.akadns.net
A 96.17.182.33
CNAME a1683.d.akamai.net
CNAME cdn.epg.tvdownload.microsoft.com.edgesuite.net
A 96.17.182.26
ocsp.digicert.com CNAME cs9.wac.phicdn.net
A 117.18.237.29

摘要

登录查看详细行为信息

WHOIS 信息

Name: chen yan
Country: CN
State: jiangsu
City: yanchengshi
ZIP Code: 224000
Address: juchanglu 53 hao

Orginization: yancheng tinghu xingdongfang jiaoyu peixun zhongxi
Domain Name(s):
    SWXDF.COM
    swxdf.com
Creation Date:
    2005-10-22 09:28:26
Updated Date:
    2017-09-07 03:06:59
    2017-06-17 22:37:44
Expiration Date:
    2018-10-22 09:28:26
    2018-10-23 01:28:26
Email(s):
    tld@cndns.com
    domain@cndns.com
    2001xmf@163.com

Registrar(s):
    SHANGHAI MEICHENG TECHNOLOGY INFORMATION DEVELOPMENT CO., LTD.
Name Server(s):
    NS1.EZDNSCENTER.COM
    NS2.EZDNSCENTER.COM
    NS6.EZDNSCENTER.COM
    ns1.ezdnscenter.com
    ns2.ezdnscenter.com
    ns6.ezdnscenter.com
Referral URL(s):
    None
防病毒引擎/厂商 网站安全分析
CLEAN MX Clean Site
DNS8 Clean Site
MalwarePatrol Clean Site
ZDB Zeus Clean Site
SCUMWARE_org Clean Site
ZCloudsec Clean Site
desenmascara_me Clean Site
CyRadar Clean Site
PhishLabs Unrated Site
Zerofox Clean Site
K7AntiVirus Clean Site
Virusdie External Site Scan Clean Site
Spamhaus Clean Site
Quttera Clean Site
AegisLab WebGuard Clean Site
MalwareDomainList Clean Site
ZeusTracker Clean Site
zvelo Clean Site
Google Safebrowsing Clean Site
Kaspersky Unrated Site
BitDefender Clean Site
Certly Clean Site
G-Data Clean Site
OpenPhish Clean Site
Malware Domain Blocklist Clean Site
VX Vault Clean Site
Webutation Clean Site
Trustwave Clean Site
Web Security Guard Clean Site
Dr_Web Clean Site
ADMINUSLabs Clean Site
Malwarebytes hpHosts Clean Site
Opera Clean Site
AlienVault Clean Site
Emsisoft Clean Site
Rising Clean Site
Malc0de Database Clean Site
Phishtank Clean Site
Malwared Clean Site
Avira Clean Site
Baidu-International Clean Site
CyberCrime Clean Site
Antiy-AVL Clean Site
Forcepoint ThreatSeeker Clean Site
FraudSense Clean Site
malwares_com URL checker Clean Site
Comodo Site Inspector Clean Site
Malekal Clean Site
ESET Clean Site
Sophos Unrated Site
Yandex Safebrowsing Clean Site
SecureBrain Clean Site
Nucleon Clean Site
Sucuri SiteCheck Clean Site
Blueliv Clean Site
Netcraft Unrated Site
AutoShun Unrated Site
ThreatHive Clean Site
FraudScore Clean Site
Tencent Clean Site
URLQuery Clean Site
StopBadware Unrated Site
Fortinet Clean Site
ZeroCERT Clean Site
Spam404 Clean Site
securolytics Clean Site

进程树


iexplore.exe, PID: 2164, 上一级进程 PID: 244
iexplore.exe, PID: 2272, 上一级进程 PID: 2164
iexplore.exe, PID: 2248, 上一级进程 PID: 2164

访问主机纪录 (可点击查询WPING实时安全评级)

直接 IP 安全评级 地理位置
104.17.178.200 美国
115.239.211.92 中国
117.18.237.29 亚洲太平洋地区
180.149.132.165 中国
180.97.66.48 中国
183.136.212.50 中国
61.132.13.15 中国
65.55.186.113 美国
96.17.182.33 美国

TCP

源地址 源端口 目标地址 目标端口
192.168.122.203 49249 104.17.178.200 ocsp.msocsp.com 80
192.168.122.203 49218 115.239.211.92 nsclick.baidu.com 80
192.168.122.203 49231 115.239.211.92 nsclick.baidu.com 80
192.168.122.203 49274 117.18.237.29 ocsp.digicert.com 80
192.168.122.203 49220 180.149.132.165 api.share.baidu.com 80
192.168.122.203 49232 180.149.132.165 api.share.baidu.com 80
192.168.122.203 49208 180.97.66.48 bdimg.share.baidu.com 80
192.168.122.203 49209 180.97.66.48 bdimg.share.baidu.com 80
192.168.122.203 49210 180.97.66.48 bdimg.share.baidu.com 80
192.168.122.203 49215 180.97.66.48 bdimg.share.baidu.com 80
192.168.122.203 49216 180.97.66.48 bdimg.share.baidu.com 80
192.168.122.203 49226 180.97.66.48 bdimg.share.baidu.com 80
192.168.122.203 49244 183.136.212.50 www.microsoft.com 80
192.168.122.203 49254 183.136.212.50 www.microsoft.com 80
192.168.122.203 49163 61.132.13.15 swxdf.com 80
192.168.122.203 49166 61.132.13.15 swxdf.com 80
192.168.122.203 49167 61.132.13.15 swxdf.com 80
192.168.122.203 49168 61.132.13.15 swxdf.com 80
192.168.122.203 49170 61.132.13.15 swxdf.com 80
192.168.122.203 49171 61.132.13.15 swxdf.com 80
192.168.122.203 49172 61.132.13.15 swxdf.com 80
192.168.122.203 49173 61.132.13.15 swxdf.com 80
192.168.122.203 49174 61.132.13.15 swxdf.com 80
192.168.122.203 49175 61.132.13.15 swxdf.com 80
192.168.122.203 49176 61.132.13.15 swxdf.com 80
192.168.122.203 49177 61.132.13.15 swxdf.com 80
192.168.122.203 49178 61.132.13.15 swxdf.com 80
192.168.122.203 49179 61.132.13.15 swxdf.com 80
192.168.122.203 49180 61.132.13.15 swxdf.com 80
192.168.122.203 49181 61.132.13.15 swxdf.com 80
192.168.122.203 49183 61.132.13.15 swxdf.com 80
192.168.122.203 49185 61.132.13.15 swxdf.com 80
192.168.122.203 49186 61.132.13.15 swxdf.com 80
192.168.122.203 49187 61.132.13.15 swxdf.com 80
192.168.122.203 49188 61.132.13.15 swxdf.com 80
192.168.122.203 49189 61.132.13.15 swxdf.com 80
192.168.122.203 49190 61.132.13.15 swxdf.com 80
192.168.122.203 49191 61.132.13.15 swxdf.com 80
192.168.122.203 49192 61.132.13.15 swxdf.com 80
192.168.122.203 49193 61.132.13.15 swxdf.com 80
192.168.122.203 49194 61.132.13.15 swxdf.com 80
192.168.122.203 49195 61.132.13.15 swxdf.com 80
192.168.122.203 49196 61.132.13.15 swxdf.com 80
192.168.122.203 49211 61.132.13.15 swxdf.com 80
192.168.122.203 49214 61.132.13.15 swxdf.com 80
192.168.122.203 49217 61.132.13.15 swxdf.com 80
192.168.122.203 49221 61.132.13.15 swxdf.com 80
192.168.122.203 49222 61.132.13.15 swxdf.com 80
192.168.122.203 49223 61.132.13.15 swxdf.com 80
192.168.122.203 49224 61.132.13.15 swxdf.com 80
192.168.122.203 49225 61.132.13.15 swxdf.com 80
192.168.122.203 49246 65.55.186.113 data.tvdownload.microsoft.com 443
192.168.122.203 49251 65.55.186.113 data.tvdownload.microsoft.com 443
192.168.122.203 49256 65.55.186.113 data.tvdownload.microsoft.com 443
192.168.122.203 49258 65.55.186.113 data.tvdownload.microsoft.com 443
192.168.122.203 49260 65.55.186.113 data.tvdownload.microsoft.com 443
192.168.122.203 49263 65.55.186.113 data.tvdownload.microsoft.com 443
192.168.122.203 49265 65.55.186.113 data.tvdownload.microsoft.com 443
192.168.122.203 49269 96.17.182.33 cdn.epg.tvdownload.microsoft.com 80

UDP

源地址 源端口 目标地址 目标端口
192.168.122.203 50721 192.168.122.1 53
192.168.122.203 52963 192.168.122.1 53
192.168.122.203 56629 192.168.122.1 53
192.168.122.203 57923 192.168.122.1 53
192.168.122.203 58350 192.168.122.1 53
192.168.122.203 58694 192.168.122.1 53
192.168.122.203 59311 192.168.122.1 53
192.168.122.203 60690 192.168.122.1 53
192.168.122.203 61528 192.168.122.1 53
192.168.122.203 62769 192.168.122.1 53
192.168.122.203 63762 192.168.122.1 53

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
swxdf.com A 61.132.13.15
www.swxdf.com
bdimg.share.baidu.com CNAME share.jomodns.com
A 180.97.66.48
nsclick.baidu.com CNAME static.n.shifen.com
A 115.239.211.92
api.share.baidu.com CNAME api.share.n.shifen.com
A 180.149.132.165
www.microsoft.com CNAME e1863.ca2.s.tl88.net
CNAME www.microsoft.com-c-2.edgekey.net.globalredir.akadns.net
CNAME www.microsoft.com-c-2.edgekey.net
A 183.136.212.50
data.tvdownload.microsoft.com A 65.55.186.113
CNAME data.tvdownload.windowsmedia.com.akadns.net
ocsp.msocsp.com CNAME hostedocsp.globalsign.com
CNAME ocsp.globalsign.cloud
A 104.17.178.200
A 104.17.177.200
A 104.17.179.200
A 104.17.175.200
A 104.17.176.200
cdn.epg.tvdownload.microsoft.com CNAME cdn.epg.tvdownload.windowsmedia.com.akadns.net
A 96.17.182.33
CNAME a1683.d.akamai.net
CNAME cdn.epg.tvdownload.microsoft.com.edgesuite.net
A 96.17.182.26
ocsp.digicert.com CNAME cs9.wac.phicdn.net
A 117.18.237.29

TCP

源地址 源端口 目标地址 目标端口
192.168.122.203 49249 104.17.178.200 ocsp.msocsp.com 80
192.168.122.203 49218 115.239.211.92 nsclick.baidu.com 80
192.168.122.203 49231 115.239.211.92 nsclick.baidu.com 80
192.168.122.203 49274 117.18.237.29 ocsp.digicert.com 80
192.168.122.203 49220 180.149.132.165 api.share.baidu.com 80
192.168.122.203 49232 180.149.132.165 api.share.baidu.com 80
192.168.122.203 49208 180.97.66.48 bdimg.share.baidu.com 80
192.168.122.203 49209 180.97.66.48 bdimg.share.baidu.com 80
192.168.122.203 49210 180.97.66.48 bdimg.share.baidu.com 80
192.168.122.203 49215 180.97.66.48 bdimg.share.baidu.com 80
192.168.122.203 49216 180.97.66.48 bdimg.share.baidu.com 80
192.168.122.203 49226 180.97.66.48 bdimg.share.baidu.com 80
192.168.122.203 49244 183.136.212.50 www.microsoft.com 80
192.168.122.203 49254 183.136.212.50 www.microsoft.com 80
192.168.122.203 49163 61.132.13.15 swxdf.com 80
192.168.122.203 49166 61.132.13.15 swxdf.com 80
192.168.122.203 49167 61.132.13.15 swxdf.com 80
192.168.122.203 49168 61.132.13.15 swxdf.com 80
192.168.122.203 49170 61.132.13.15 swxdf.com 80
192.168.122.203 49171 61.132.13.15 swxdf.com 80
192.168.122.203 49172 61.132.13.15 swxdf.com 80
192.168.122.203 49173 61.132.13.15 swxdf.com 80
192.168.122.203 49174 61.132.13.15 swxdf.com 80
192.168.122.203 49175 61.132.13.15 swxdf.com 80
192.168.122.203 49176 61.132.13.15 swxdf.com 80
192.168.122.203 49177 61.132.13.15 swxdf.com 80
192.168.122.203 49178 61.132.13.15 swxdf.com 80
192.168.122.203 49179 61.132.13.15 swxdf.com 80
192.168.122.203 49180 61.132.13.15 swxdf.com 80
192.168.122.203 49181 61.132.13.15 swxdf.com 80
192.168.122.203 49183 61.132.13.15 swxdf.com 80
192.168.122.203 49185 61.132.13.15 swxdf.com 80
192.168.122.203 49186 61.132.13.15 swxdf.com 80
192.168.122.203 49187 61.132.13.15 swxdf.com 80
192.168.122.203 49188 61.132.13.15 swxdf.com 80
192.168.122.203 49189 61.132.13.15 swxdf.com 80
192.168.122.203 49190 61.132.13.15 swxdf.com 80
192.168.122.203 49191 61.132.13.15 swxdf.com 80
192.168.122.203 49192 61.132.13.15 swxdf.com 80
192.168.122.203 49193 61.132.13.15 swxdf.com 80
192.168.122.203 49194 61.132.13.15 swxdf.com 80
192.168.122.203 49195 61.132.13.15 swxdf.com 80
192.168.122.203 49196 61.132.13.15 swxdf.com 80
192.168.122.203 49211 61.132.13.15 swxdf.com 80
192.168.122.203 49214 61.132.13.15 swxdf.com 80
192.168.122.203 49217 61.132.13.15 swxdf.com 80
192.168.122.203 49221 61.132.13.15 swxdf.com 80
192.168.122.203 49222 61.132.13.15 swxdf.com 80
192.168.122.203 49223 61.132.13.15 swxdf.com 80
192.168.122.203 49224 61.132.13.15 swxdf.com 80
192.168.122.203 49225 61.132.13.15 swxdf.com 80
192.168.122.203 49246 65.55.186.113 data.tvdownload.microsoft.com 443
192.168.122.203 49251 65.55.186.113 data.tvdownload.microsoft.com 443
192.168.122.203 49256 65.55.186.113 data.tvdownload.microsoft.com 443
192.168.122.203 49258 65.55.186.113 data.tvdownload.microsoft.com 443
192.168.122.203 49260 65.55.186.113 data.tvdownload.microsoft.com 443
192.168.122.203 49263 65.55.186.113 data.tvdownload.microsoft.com 443
192.168.122.203 49265 65.55.186.113 data.tvdownload.microsoft.com 443
192.168.122.203 49269 96.17.182.33 cdn.epg.tvdownload.microsoft.com 80

UDP

源地址 源端口 目标地址 目标端口
192.168.122.203 50721 192.168.122.1 53
192.168.122.203 52963 192.168.122.1 53
192.168.122.203 56629 192.168.122.1 53
192.168.122.203 57923 192.168.122.1 53
192.168.122.203 58350 192.168.122.1 53
192.168.122.203 58694 192.168.122.1 53
192.168.122.203 59311 192.168.122.1 53
192.168.122.203 60690 192.168.122.1 53
192.168.122.203 61528 192.168.122.1 53
192.168.122.203 62769 192.168.122.1 53
192.168.122.203 63762 192.168.122.1 53

HTTP 请求

URI HTTP数据
URL专业沙箱检测 -> http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
GET /??user=Wq8Djep95?oevri/7fo?woxa9 HTTP/1.1
Accept: */*
Referer: http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=3&ved=0CCEQfjTXhWZllZbFpCZHpsQkJicnhU&url=http%3A%2F%2Fswxdf.com%2F%3F%3Fuser%3DWq8Djep95%3Foevri%2F7fo%3Fwoxa9&ei=RVdIRFJNdlRQcEtN&usg=AFQjelhLWlV1d3ZSbURr
Accept-Language: zh-cn
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive

URL专业沙箱检测 -> http://swxdf.com/scripts/jquery1.3.2.js
GET /scripts/jquery1.3.2.js HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://swxdf.com/styles/Site.css
GET /styles/Site.css HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://swxdf.com/scripts/jquery.SuperSlide.js
GET /scripts/jquery.SuperSlide.js HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://swxdf.com/styles/control.css
GET /styles/control.css HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://swxdf.com/scripts/jcarousellite.js
GET /scripts/jcarousellite.js HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://swxdf.com/ajaxpro/prototype.ashx
GET /ajaxpro/prototype.ashx HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://swxdf.com/ajaxpro/core.ashx
GET /ajaxpro/core.ashx HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://swxdf.com/ajaxpro/converter.ashx
GET /ajaxpro/converter.ashx HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://swxdf.com/ajaxpro/index,App_Web_mbg3fqbn.ashx
GET /ajaxpro/index,App_Web_mbg3fqbn.ashx HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://swxdf.com/images/xdfcode.jpg
GET /images/xdfcode.jpg HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://swxdf.com/images/more2.gif
GET /images/more2.gif HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://swxdf.com/images/topbg.jpg
GET /images/topbg.jpg HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://swxdf.com/images/new.gif
GET /images/new.gif HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://swxdf.com/images/topsplit.jpg
GET /images/topsplit.jpg HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://swxdf.com/images/banner.png
GET /images/banner.png HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://www.swxdf.com/ueditor/net/upload1/2017-05-29/6761d680-cfa7-4d5d-96b2-89acc25fef95.jpg
GET /ueditor/net/upload1/2017-05-29/6761d680-cfa7-4d5d-96b2-89acc25fef95.jpg HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: www.swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://www.swxdf.com/ueditor/net/upload1/2017-05-02/0bbf8412-461c-4b33-94df-74e070c5289e.jpg
GET /ueditor/net/upload1/2017-05-02/0bbf8412-461c-4b33-94df-74e070c5289e.jpg HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: www.swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://swxdf.com/images/newtrain.png
GET /images/newtrain.png HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://www.swxdf.com/ueditor/net/upload1/2014-03-19/6b122413-0e1e-4852-bdc0-79a05d40ee79.png
GET /ueditor/net/upload1/2014-03-19/6b122413-0e1e-4852-bdc0-79a05d40ee79.png HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: www.swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://swxdf.com/images/xdf_1.jpg
GET /images/xdf_1.jpg HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://www.swxdf.com/ueditor/net/upload1/2014-03-19/f196fab9-c324-421a-b6f1-8118f90b98ea.png
GET /ueditor/net/upload1/2014-03-19/f196fab9-c324-421a-b6f1-8118f90b98ea.png HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: www.swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://swxdf.com/images/paperimg.png
GET /images/paperimg.png HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://swxdf.com/vod/flvplayer.swf
GET /vod/flvplayer.swf HTTP/1.1
Accept: */*
Accept-Language: zh-CN
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
x-flash-version: 24,0,0,194
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://swxdf.com/uploads/1201.jpg
GET /uploads/1201.jpg HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://www.swxdf.com/ueditor/net/upload1/2017-05-29/722100fb-6943-4bab-a6a6-cd7baf3e792b.jpg
GET /ueditor/net/upload1/2017-05-29/722100fb-6943-4bab-a6a6-cd7baf3e792b.jpg HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: www.swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://www.swxdf.com/ueditor/net/upload1/2016-04-02/abe48391-80db-42d8-9d3b-3f30aaaf949a.jpg
GET /ueditor/net/upload1/2016-04-02/abe48391-80db-42d8-9d3b-3f30aaaf949a.jpg HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: www.swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://www.swxdf.com/ueditor/net/upload1/2014-08-13/e79c2398-7c90-4cb7-8c10-02c1fb0572a7.jpg
GET /ueditor/net/upload1/2014-08-13/e79c2398-7c90-4cb7-8c10-02c1fb0572a7.jpg HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: www.swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://www.swxdf.com/ueditor/net/upload1/2014-03-18/4af82847-3875-47e5-93ce-1b965adf3537.png
GET /ueditor/net/upload1/2014-03-18/4af82847-3875-47e5-93ce-1b965adf3537.png HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: www.swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://swxdf.com/images/xdf_2.jpg
GET /images/xdf_2.jpg HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://swxdf.com/images/qq_link.gif
GET /images/qq_link.gif HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion=420351
GET /static/api/js/share.js?v=89860593.js?cdnversion=420351 HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: bdimg.share.baidu.com
Connection: Keep-Alive

URL专业沙箱检测 -> http://swxdf.com/vod/xuanchuan.flv
GET /vod/xuanchuan.flv HTTP/1.1
Accept: */*
Accept-Language: zh-CN
Referer: http://swxdf.com/vod/flvplayer.swf
x-flash-version: 24,0,0,194
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Host: swxdf.com
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://bdimg.share.baidu.com/static/api/js/share/slide_api.js?v=ec14f516.js
GET /static/api/js/share/slide_api.js?v=ec14f516.js HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: bdimg.share.baidu.com
Connection: Keep-Alive

URL专业沙箱检测 -> http://swxdf.com/favicon.ico
GET /favicon.ico HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://bdimg.share.baidu.com/static/api/js/view/slide_view.js?v=08373964.js
GET /static/api/js/view/slide_view.js?v=08373964.js HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: bdimg.share.baidu.com
Connection: Keep-Alive

URL专业沙箱检测 -> http://bdimg.share.baidu.com/static/api/js/base/tangram.js?v=37768233.js
GET /static/api/js/base/tangram.js?v=37768233.js HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: bdimg.share.baidu.com
Connection: Keep-Alive

URL专业沙箱检测 -> http://bdimg.share.baidu.com/static/api/js/share/api_base.js
GET /static/api/js/share/api_base.js HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: bdimg.share.baidu.com
Connection: Keep-Alive

URL专业沙箱检测 -> http://bdimg.share.baidu.com/static/api/js/view/view_base.js
GET /static/api/js/view/view_base.js HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: bdimg.share.baidu.com
Connection: Keep-Alive

URL专业沙箱检测 -> http://bdimg.share.baidu.com/static/api/css/slide_share.css?v=9c50d088.css
GET /static/api/css/slide_share.css?v=9c50d088.css HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: bdimg.share.baidu.com
Connection: Keep-Alive

URL专业沙箱检测 -> http://swxdf.com/showartical.aspx?aid=3C894ACFBB1D844B
GET /showartical.aspx?aid=3C894ACFBB1D844B HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://bdimg.share.baidu.com/static/api/img/share/l0.gif?v=4e666e56.gif
GET /static/api/img/share/l0.gif?v=4e666e56.gif HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: bdimg.share.baidu.com
Connection: Keep-Alive

URL专业沙箱检测 -> http://bdimg.share.baidu.com/static/api/img/share/icons_0_16.png?v=91362611.png
GET /static/api/img/share/icons_0_16.png?v=91362611.png HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: bdimg.share.baidu.com
Connection: Keep-Alive

URL专业沙箱检测 -> http://bdimg.share.baidu.com/static/api/js/trans/logger.js?v=d16ec0e3.js
GET /static/api/js/trans/logger.js?v=d16ec0e3.js HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: bdimg.share.baidu.com
Connection: Keep-Alive

URL专业沙箱检测 -> http://www.swxdf.com/ueditor/net/upload/2017-05-29/bf14f296-1b48-402a-9328-85cb0096aa6e.jpg
GET /ueditor/net/upload/2017-05-29/bf14f296-1b48-402a-9328-85cb0096aa6e.jpg HTTP/1.1
Accept: */*
Referer: http://swxdf.com/showartical.aspx?aid=3C894ACFBB1D844B
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: www.swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://nsclick.baidu.com/v.gif?pid=307&type=3071&sign=&desturl=&linkid=jb76wrq5ba3&apitype=1
GET /v.gif?pid=307&type=3071&sign=&desturl=&linkid=jb76wrq5ba3&apitype=1 HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: nsclick.baidu.com
Connection: Keep-Alive

URL专业沙箱检测 -> http://www.swxdf.com/ueditor/net/upload/2017-05-29/bbd131ab-09f1-412e-885e-55a73b312ca5.jpg
GET /ueditor/net/upload/2017-05-29/bbd131ab-09f1-412e-885e-55a73b312ca5.jpg HTTP/1.1
Accept: */*
Referer: http://swxdf.com/showartical.aspx?aid=3C894ACFBB1D844B
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: www.swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://www.swxdf.com/ueditor/net/upload/2017-05-29/597767b9-c25d-4b71-b123-e6c587cec219.jpg
GET /ueditor/net/upload/2017-05-29/597767b9-c25d-4b71-b123-e6c587cec219.jpg HTTP/1.1
Accept: */*
Referer: http://swxdf.com/showartical.aspx?aid=3C894ACFBB1D844B
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: www.swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://api.share.baidu.com/v.gif?l=http%3A%2F%2Fswxdf.com%2F%3F%3Fuser%3DWq8Djep95%3Foevri%2F7fo%3Fwoxa9
GET /v.gif?l=http%3A%2F%2Fswxdf.com%2F%3F%3Fuser%3DWq8Djep95%3Foevri%2F7fo%3Fwoxa9 HTTP/1.1
Accept: */*
Referer: http://swxdf.com/??user=Wq8Djep95?oevri/7fo?woxa9
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: api.share.baidu.com
Connection: Keep-Alive

URL专业沙箱检测 -> http://www.swxdf.com/ueditor/net/upload/2017-05-29/b5d7c8d9-f188-4ce5-bf8b-f46cb33aacb3.jpg
GET /ueditor/net/upload/2017-05-29/b5d7c8d9-f188-4ce5-bf8b-f46cb33aacb3.jpg HTTP/1.1
Accept: */*
Referer: http://swxdf.com/showartical.aspx?aid=3C894ACFBB1D844B
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: www.swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://www.swxdf.com/ueditor/net/upload/2017-05-29/4a1a1c26-f711-4c39-8fa7-7bc573a71374.jpg
GET /ueditor/net/upload/2017-05-29/4a1a1c26-f711-4c39-8fa7-7bc573a71374.jpg HTTP/1.1
Accept: */*
Referer: http://swxdf.com/showartical.aspx?aid=3C894ACFBB1D844B
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: www.swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://swxdf.com/images/footer.png
GET /images/footer.png HTTP/1.1
Accept: */*
Referer: http://swxdf.com/showartical.aspx?aid=3C894ACFBB1D844B
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: swxdf.com
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=nivlhqmetrgk4is0x4v2t5yp

URL专业沙箱检测 -> http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion=420340
GET /static/api/js/share.js?v=89860593.js?cdnversion=420340 HTTP/1.1
Accept: */*
Referer: http://swxdf.com/showartical.aspx?aid=3C894ACFBB1D844B
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: bdimg.share.baidu.com
Connection: Keep-Alive

URL专业沙箱检测 -> http://nsclick.baidu.com/v.gif?pid=307&type=3071&sign=&desturl=http%253A%252F%252Fswxdf.com%252F%253F%253Fuser%253DWq8Djep95%253Foevri%252F7fo%253Fwoxa9&linkid=jb6b69yi035&apitype=1
GET /v.gif?pid=307&type=3071&sign=&desturl=http%253A%252F%252Fswxdf.com%252F%253F%253Fuser%253DWq8Djep95%253Foevri%252F7fo%253Fwoxa9&linkid=jb6b69yi035&apitype=1 HTTP/1.1
Accept: */*
Referer: http://swxdf.com/showartical.aspx?aid=3C894ACFBB1D844B
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: nsclick.baidu.com
Connection: Keep-Alive
Cookie: BAIDUID=0CD644D3BD343554B30644A58E61CBE8:FG=1

URL专业沙箱检测 -> http://api.share.baidu.com/v.gif?l=http%3A%2F%2Fswxdf.com%2Fshowartical.aspx%3Faid%3D3C894ACFBB1D844B
GET /v.gif?l=http%3A%2F%2Fswxdf.com%2Fshowartical.aspx%3Faid%3D3C894ACFBB1D844B HTTP/1.1
Accept: */*
Referer: http://swxdf.com/showartical.aspx?aid=3C894ACFBB1D844B
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: api.share.baidu.com
Connection: Keep-Alive
Cookie: BAIDUID=0CD644D3BD343554B30644A58E61CBE8:FG=1

URL专业沙箱检测 -> http://www.microsoft.com/
GET / HTTP/1.1
Host: www.microsoft.com
Connection: Close

URL专业沙箱检测 -> http://ocsp.msocsp.com/MFQwUjBQME4wTDAJBgUrDgMCGgUABBQphfxhPb4vsBIPXkIOTJ7D1Z79fAQUCP4ln3TqhwTCvLuOqDhfM8bRbGUCEy0AAO%2FxE5PyQlBerOAAAAAA7%2FE%3D
GET /MFQwUjBQME4wTDAJBgUrDgMCGgUABBQphfxhPb4vsBIPXkIOTJ7D1Z79fAQUCP4ln3TqhwTCvLuOqDhfM8bRbGUCEy0AAO%2FxE5PyQlBerOAAAAAA7%2FE%3D HTTP/1.1
Cache-Control: max-age = 10800
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Wed, 06 Dec 2017 07:11:24 GMT
If-None-Match: "a602f001a25d1ece86269d16668acccb0791bbc6"
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.msocsp.com

URL专业沙箱检测 -> http://cdn.epg.tvdownload.microsoft.com/broadbanddata/Prod/1/805332787786/cn/ALL/131/null-cn_null_131_BBPkg.enc
HEAD /broadbanddata/Prod/1/805332787786/cn/ALL/131/null-cn_null_131_BBPkg.enc HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.5
Host: cdn.epg.tvdownload.microsoft.com

URL专业沙箱检测 -> http://cdn.epg.tvdownload.microsoft.com/broadbanddata/Prod/1/805332787786/cn/ALL/131/null-cn_null_131_BBPkg.enc
GET /broadbanddata/Prod/1/805332787786/cn/ALL/131/null-cn_null_131_BBPkg.enc HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Thu, 09 Jul 2015 23:37:37 GMT
User-Agent: Microsoft BITS/7.5
Host: cdn.epg.tvdownload.microsoft.com

URL专业沙箱检测 -> http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAiIzVJfGSRETRSlgpHeuVI%3D
GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAiIzVJfGSRETRSlgpHeuVI%3D HTTP/1.1
Cache-Control: max-age = 172800
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Wed, 06 Dec 2017 00:22:31 GMT
If-None-Match: "5a273847-1d7"
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.digicert.com

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

Timestamp Source IP Source Port Destination IP Destination Port Protocol SID Signature Category
2017-12-14 09:13:10.423270+0800 192.168.122.203 49185 61.132.13.15 80 TCP 2014726 ET POLICY Outdated Flash Version M1 Potential Corporate Privacy Violation
2017-12-14 09:13:38.043108+0800 183.136.212.50 80 192.168.122.203 49244 TCP 2012692 ET POLICY Microsoft user-agent automated process response to automated request A Network Trojan was detected
2017-12-14 09:13:52.460674+0800 183.136.212.50 80 192.168.122.203 49254 TCP 2012692 ET POLICY Microsoft user-agent automated process response to automated request A Network Trojan was detected

TLS

Timestamp Source IP Source Port Destination IP Destination Port Version Issuer Subject Fingerprint
2017-12-14 09:13:43.663034+0800 192.168.122.203 49246 65.55.186.113 443 TLSv1 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 5 C=US, ST=WA, L=Redmond, O=Microsoft Corporation, OU=Microsoft Corporation, CN=data.tvdownload.microsoft.com a1:ca:16:54:fb:ba:28:d9:f4:a0:c3:b7:5b:b4:f5:2b:63:27:87:e5
2017-12-14 09:13:49.570027+0800 192.168.122.203 49251 65.55.186.113 443 TLSv1 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 5 C=US, ST=WA, L=Redmond, O=Microsoft Corporation, OU=Microsoft Corporation, CN=data.tvdownload.microsoft.com a1:ca:16:54:fb:ba:28:d9:f4:a0:c3:b7:5b:b4:f5:2b:63:27:87:e5
2017-12-14 09:13:54.680923+0800 192.168.122.203 49258 65.55.186.113 443 TLSv1 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 5 C=US, ST=WA, L=Redmond, O=Microsoft Corporation, OU=Microsoft Corporation, CN=data.tvdownload.microsoft.com a1:ca:16:54:fb:ba:28:d9:f4:a0:c3:b7:5b:b4:f5:2b:63:27:87:e5
2017-12-14 09:13:58.775753+0800 192.168.122.203 49263 65.55.186.113 443 TLSv1 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 5 C=US, ST=WA, L=Redmond, O=Microsoft Corporation, OU=Microsoft Corporation, CN=data.tvdownload.microsoft.com a1:ca:16:54:fb:ba:28:d9:f4:a0:c3:b7:5b:b4:f5:2b:63:27:87:e5
2017-12-14 09:14:00.710938+0800 192.168.122.203 49265 65.55.186.113 443 TLSv1 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 5 C=US, ST=WA, L=Redmond, O=Microsoft Corporation, OU=Microsoft Corporation, CN=data.tvdownload.microsoft.com a1:ca:16:54:fb:ba:28:d9:f4:a0:c3:b7:5b:b4:f5:2b:63:27:87:e5

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
文件名 {F4216041-E06B-11E7-BBD3-525400DC3206}.dat
相关文件
C:\Users\test\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F4216041-E06B-11E7-BBD3-525400DC3206}.dat
文件大小 6144 字节
文件类型 Composite Document File V2 Document, Cannot read section info
MD5 82a986b3938499b038778bcd5e5e3df3
SHA1 cc37affd0c063aa90e23af902b7c4e4635d6abf6
SHA256 9ab5df0124bc3bf18bb43d158e98daf74420f8ce7f7aa35a017117c2382e4dce
CRC32 96BA1983
Ssdeep 24:rKb4xPGKONlZoKzZw8clmY6OxWO/cVLgn/cVLi1sb20y3M9zy6OpS6/cVLKNlZoW:rjxPGK4oIin6ETXX0y3M5OdNoIXUi5/
下载提交魔盾安全分析
文件名 footer[1].png
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\footer[1].png
文件大小 24807 字节
文件类型 PNG image data, 1002 x 70, 8-bit/color RGBA, non-interlaced
MD5 ca6ddbce26f89e52de0deeaf7924ed6a
SHA1 5984f407305321c98e721f8d958289abe3a7bb0b
SHA256 214f86345993ab31bea2d0ffa23a26271487e8f10050c570c2e4568aae96c75a
CRC32 F9106C2D
Ssdeep 384:K50wSMCCNPowsyea1FevugDxY1L6b+rAXTcHC5Mv7fUnkTp:A9CG2KrrwxA8AHSE7snkTp
下载提交魔盾安全分析
文件名 more2[1].gif
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\more2[1].gif
文件大小 146 字节
文件类型 GIF image data, version 89a, 38 x 13
MD5 266a504bbac0b7d796627e3befc867db
SHA1 c5029853e6bccc1fd4db2493c62619aa51118ee0
SHA256 4cbeabca12ce85bd6722c6c08da1020a47e3a8599a1ed70ce19b520963324141
CRC32 C0059703
Ssdeep 3:C3lH/SS1dgaDlaRaaoEGJGllmixZxppmyUj8GQYoLkUeQJLZSDREmzl4Tle:ky3RaaoEGJGlVxZRyjpQxmhNEmzl4Tle
下载提交魔盾安全分析
文件名 slide_view[1].js
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\slide_view[1].js
文件大小 2556 字节
文件类型 HTML document, ASCII text, with very long lines, with no line terminators
MD5 962eae6aabf14115f23e57b6bd55e23d
SHA1 973ded5cd15eb119e79ffd9326af3a44167b26bd
SHA256 c2f51091d48432d311dc6482f3ed9c8a193c353541c3aadd38bb5352e19d4588
CRC32 CF11AA31
Ssdeep 48:nFKJOvFuntWQhMIXcGOsiqH+H7XC5afaOHmlERHbnG72nepLS+B1UTldMP+BN:nFKJmutmoPH+u2Q6XrN
Yara
  • Rule to detect the no presence of any attachment
  • Rule to detect the no presence of any image
  • Rule to detect the no presence of any url
下载提交魔盾安全分析显示文本
window._bd_share_main.F.module("view/slide_view",function(e,t,n){var r=e("base/tangram").T,i=e("base/class").Class,s=e("conf/const"),o=e("view/view_base"),u={box:"bdshare-slide-button-box",btn:"bdshare-slide-button"};t.View=i.create(function(e){function p(){window._bd_share_main.F.use("slide_share.css",function(){var t=i.width()||24;i.css(e.bdPos=="right"?"left":"right",-t),n&&n.css({top:e.bdTop|0,width:0,"z-index":99999}).css(e.bdPos,0).show(),o.width(0).hide(),a.width(h),f.width(h)})}function d(){if(l)return;a.html()||window._bd_share_main.F.use("component/partners",function(e){partnerSort=e.partnerSort,partners=e.partners,m(partnerSort,partners)});var e={};window._bd_share_main.F.use("component/animate",function(e){o.show(),e.animate(n[0],{width:h},300,function(){l=!0},function(e){o.width(e*h)})})}function v(){if(!l)return;var e={};window._bd_share_main.F.use("component/animate",function(e){e.animate(n[0],{width:0},300,function(){l=!1,o.hide()},function(e){o.width((1-e)*h)})})}function m(t,n){var i=e.bdMiniList||t.slice(0,8*c),s=[];r.each(i,function(e,t){if(!/(iPhone | iPad | Android)/i.test(navigator.userAgent)||t!=="weixin")s[e]='<li><a href="#" onclick="return false;" class="slide-'+t+'" data-cmd="'+t+'">'+n[t].name+"</a></li>"}),a.html(s.join(""))}var t=this,n,i,s,o,a,f,l=!1;t._buttonType=1;var c=e.bdMini||2,h=c*110+6,e=r.extend({},e);t.render=function(){var l=u.btn,c=u.box+" bdshare-slide-style-"+(e.bdPos=="right"?"r":"l")+e.bdImg,h=['<div class="'+c+'" style="display:none;">','<a href="#" onclick="return false;" class="'+l+'"></a>','<div class="bdshare-slide-list-box">','<div class="bdshare-slide-top">\u5206\u4eab\u5230</div>','<div class="bdshare-slide-list">','<ul class="bdshare-slide-list-ul"></ul>',"</div>",'<div class="bdshare-slide-bottom">','<a href="#" onclick="return false;" class="slide-more"  data-cmd="more">\u66f4\u591a...</a>',"</div>","</div>","</div>"].join("");n=r(h).appendTo("body"),i=n.find("."+u.btn),o=n.find(".bdshare-slide-list-box"),a=n.find(".bdshare-slide-list-ul"),s=n.find(".bdshare-slide-list"),f=n.find(".bdshare-slide-bottom"),p(),t._entities.push(n);if(r.browser.ie==6){n.css("position","absolute");var d=parseInt(n.css("top"));setInterval(function(){var t=(e.bdTop|0)+r(window).scrollTop();d!=t&&window._bd_share_main.F.use("component/animate",function(e){e.animate(n[0],{top:t},300)})},1e3)}},t._init=function(){var e=!1;i.on("mouseenter click",d),n.on("mouseleave click",v),r("body").click(function(e){n.contains(e.target)||v()})},t._distory=function(){n.remove()}},o.ViewBase)});
文件名 f196fab9-c324-421a-b6f1-8118f90b98ea[1].png
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\f196fab9-c324-421a-b6f1-8118f90b98ea[1].png
文件大小 100650 字节
文件类型 PNG image data, 333 x 245, 8-bit/color RGB, non-interlaced
MD5 6a68296ca53b9bd0943bd59c4fd5d8dd
SHA1 f144f262c5d1bf1a1aa26515b781e406e328fb38
SHA256 8b34aba0e117f9aa7d7078c65a16dba2c34378d39a7df63fcff2c2a6285d907d
CRC32 682732E6
Ssdeep 1536:7C4N+75Z+d/Tsozah991scOEXo3o6TdBkcaU7UR43swoIqbtj650:24N+7voTVzahn1yBo6TdGctwEuVm0
下载提交魔盾安全分析
文件名 722100fb-6943-4bab-a6a6-cd7baf3e792b[1].jpg
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\722100fb-6943-4bab-a6a6-cd7baf3e792b[1].jpg
文件大小 40405 字节
文件类型 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 625x419, frames 3
MD5 c33bf6dae36b5d9d49d32f4cb5bf4ef7
SHA1 c5d6e71e2be910d32699b47cd1979294fd868341
SHA256 c281e68aa2c3d8d09ee221698d407d6fa5b7e54abcad25e9b428c84bd8535036
CRC32 64B70374
Ssdeep 768:w/GAoUarDCgFXRQuZ+6d+UNvyI+flEOYX1jRDYONxHa+K6fsOZh4z9MhG3VX:w/t+1U6YGyov1jJFNx6+IkhY9v3B
下载提交魔盾安全分析
文件名 view_base[1].js
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\view_base[1].js
文件大小 1616 字节
文件类型 ASCII text, with very long lines, with no line terminators
MD5 e719093c5a4ff674bcefbfe80f4dee2b
SHA1 b3fd7dafde05d63af3dfe9e0a59f9367f81402c5
SHA256 0a761914b5c673c75aa37204fc5a55624d03c5bd6df2ba93720cd9c33a0bf7f1
CRC32 F233EB07
Ssdeep 48:3Mwd+A/qq0FqqOsjqEBEqNzjLRsWPjsG3FXYa5FMI4dhd:3Mwdziq0wqODwJNzNs8R5FadH
Yara
  • Rule to detect the no presence of any attachment
  • Rule to detect the no presence of any image
  • Rule to detect the no presence of any url
下载提交魔盾安全分析显示文本
window._bd_share_main.F.module("view/view_base",function(e,t,n){var r=e("base/tangram").T,i=e("conf/const"),s=e("base/class").Class;t.ViewBase=s.create(function(e){function s(e){r(e).click(function(i){if(r(e).attr("data-bd-bind")==n){var s=o(i.target);s&&(i.preventDefault(),t.fire("clickact",{cmd:r(s).attr(t._actBtnSet.cmdAttr),element:s,event:i,buttonType:t._poptype}))}}).mouseenter(function(i){if(r(e).attr("data-bd-bind")==n){var s=o(i.target);t.fire("mouseenter",{element:s,event:i})}}).mousemove(function(i){if(r(e).attr("data-bd-bind")==n){var s=o(i.target);r(s).hasClass("bds_more")&&t.fire("moreover",{element:s})}}),r(e).attr("data-bd-bind",n)}function o(e){if(u(e))return e;if(t._actBtnSet.maxDomDepth>0){var n=t._actBtnSet.maxDomDepth,i=0,s=r(e).parent().get(0),o=t.entities;while(i<n){if(u(s))return s;s=r(s).parent().get(0);if(r.array(o).contains(s)||s==document.body)break;i++}}return null}function u(e){var n=t._actBtnSet;return e&&e.tagName&&(n.className||n.tagName)?(!n.className||r(e).hasClass(n.className))&&(!n.tagName||n.tagName.toLowerCase().indexOf("|"+e.tagName.toLowerCase()+"|")>-1)&&r(e).attr(n.cmdAttr):!1}var t=this,n=+(new Date);t._entities=[],t._buttonType=-1,t._actBtnSet={className:"",tagName:"|a|img|span",maxDomDepth:0,cmdAttr:i.CMD_ATTR},t.render=function(e){},t.init=function(){r(t._entities).each(function(e,t){s(t)}),t._init(),t._entities.length>0&&(_bd_share_main._LogPoolV2==_bd_share_main._LogPoolV2||[],_bd_share_main._LogPoolV2.push(e.type))},t._init=function(){},t.distory=function(){r(t._entities).removeAttr("data-bd-bind"),t._distory()},t._distory=function(){}})});
文件名 icons_0_16[1].png
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\icons_0_16[1].png
文件大小 15587 字节
文件类型 PNG image data, 16 x 3200, 8-bit colormap, non-interlaced
MD5 f8fe712adcbe277d37a2bf6b91362611
SHA1 0eec1e81a04664b2032bd389513349e9bd5d5b0f
SHA256 70b7372eea2e87354fb529a0c54e39971873a50ed2029778b0ef61ca74d688c2
CRC32 90EC644B
Ssdeep 384:d50wa2cNpr4Fu95w5yIjFV2CTg6OdBuc2fhW7:vngpr4Fg50yGFVzEgn5I
下载提交魔盾安全分析
文件名 topsplit[1].jpg
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\topsplit[1].jpg
文件大小 17678 字节
文件类型 JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2013:12:06 11:32:15], progressive, precision 8, 2x15, frames 3
MD5 faa948f2a7bf31217b6125badd9853a8
SHA1 7b39fcd7eb7cd1d618a945c8fbf8d9221dcf1df8
SHA256 458923c0f5675ee7c21b2b372f788ed05f73d61960200a646aed06fc4757d14f
CRC32 344DA0BC
Ssdeep 192:9fYNMtKw8QU28y4l7bAYNMtKw8Q6cknVEY5TiJZR4IYNMtKwV5n:9fYNg7hPiYYNg7ivnVEYZiJfYNg7zn
下载提交魔盾安全分析
文件名 xdf_1[1].jpg
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\xdf_1[1].jpg
文件大小 17173 字节
文件类型 JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=419, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1024], baseline, precision 8, 1000x96, frames 3
MD5 62d3b6887a351670d60ba82e91e9f2ee
SHA1 bde21d4b91bd8aa61132b3c99f1c033d1bcec7b5
SHA256 c30efe30452c6aaf79de92fa99d0cceec3adde8b8ab8e2640f2ce0ffa0b7c13b
CRC32 CF9A2A8D
Ssdeep 192:XKv/fG6MHMv/fG65knCt3ktmEtaxkK4dwx3USCjZLsCQmyM9gNxpbLckOcTgiVit:sHVHknCotaxL4dwqSCjRSegFXcgEV9
下载提交魔盾安全分析
文件名 new[1].gif
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\new[1].gif
文件大小 320 字节
文件类型 GIF image data, version 89a, 28 x 11
MD5 7e80f61b0eeb9a1f545ee230ed0b403d
SHA1 f540de88bb8580a453b33678c022be02ea3e1d41
SHA256 f2577315006c6dd7d083df08b2569198789c90bad63e36f693d2269c07fb0099
CRC32 3CD909B3
Ssdeep 6:m8xNl/hWVT61i713sb7cRt3pjzG65byEQeljeZtGiDlOsbe:H3TST649PZjy6WQWt1ks6
下载提交魔盾安全分析
文件名 api_base[1].js
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\api_base[1].js
文件大小 1468 字节
文件类型 ASCII text, with very long lines, with no line terminators
MD5 7abf8bdf4939d97f3141e355f781d1c6
SHA1 cbacd664451f80955c2ff4caccd4b9110062c714
SHA256 14a42e9371611c4b0405e74a309ea8b8e99461d8af3643012902e7453e36f40a
CRC32 99F7A8C0
Ssdeep 24:TcoAeRlarKKmwlVyY7HLGYHFXi2+iRkHf1SqYXIhTOhVF:TcFQIlJaY7KRdiRk/gZXIQTF
Yara
  • Rule to detect the no presence of any attachment
  • Rule to detect the no presence of any image
  • Rule to detect the no presence of any url
下载提交魔盾安全分析显示文本
window._bd_share_main.F.module("share/api_base",function(e,t,n){var r=e("base/tangram").T,i=e("base/class").Class;t.ApiBase=i.create(function(e){function s(e){window._bd_share_main.F.use("component/anticheat",function(t){t.process("mouseenter",e.event,e.element)}),t._processEvent(e)}function o(n){window._bd_share_main.F.use("component/anticheat",function(e){e.process("mouseclick",n.event,n.element)});var i=t._processAction(n);if(i&&i.data)if(n.cmd=="more"||n.cmd=="count")window._bd_share_main.F.use("component/pop_dialog",function(t){var r=t.Dialog;r.un(),r.on("clickact",o),r.on("mouseenter",s),r.show(n,e)});else if(n.cmd=="popup")u(n);else{var a;r.type(e.onBeforeClick)=="function"&&(a=r.extend({},e),a=e.onBeforeClick(n.cmd,a));var f=r.extend({},e,a,{__type:i.data.type,__buttonType:n.buttonType,__cmd:n.cmd,__element:n.element});window._bd_share_main.F.use("trans/trans",function(e){e.run(f)}),r.type(e.onAfterClick)=="function"&&e.onAfterClick(n.cmd)}}function u(t){window._bd_share_main.F.use("component/pop_popup",function(n){var r=n.Popup;r.un(),r.on("clickact",o),r.on("mouseenter",s),r.show(t,e)})}var t=this,n=null,i=null;t.getView=function(){return n},t.setView=function(e){n=e},t.init=function(){t._init(),n&&(n.on("clickact",o),n.on("mouseenter",s),n.on("moreover",u))},t.distory=function(){t._distory(),n&&(n.un(),n.distory()),delete t},t._init=function(){},t._distory=function(){},t._processEvent=function(e){},t._processAction=function(e){}})});
文件名 4af82847-3875-47e5-93ce-1b965adf3537[1].png
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\4af82847-3875-47e5-93ce-1b965adf3537[1].png
文件大小 646945 字节
文件类型 PNG image data, 442 x 502, 8-bit/color RGBA, non-interlaced
MD5 07256bf54c4684bf71cdc9af64285312
SHA1 2262355dd9fa7208a93a8d7283e68b27e9d275ef
SHA256 63a4acc67e6219e84a406dea87884db5cf507c75ad90c36700a74d793957f710
CRC32 87C0A4C7
Ssdeep 12288:HD9EjYnhEKDP5YEJlTgZq/7JY4qooi72zm5lLBoSkhHzO109rHseHWEX/jGMMxRh:HDFhjPuA0q/dY4qojLt4zO109rV2UKMQ
下载提交魔盾安全分析
文件名 index.dat
相关文件
C:\Users\test\AppData\Roaming\Microsoft\Windows\IECompatCache\index.dat
文件大小 65536 字节
文件类型 Internet Explorer cache file version Ver 5.2
MD5 191d3d20f356bf520a7d1ed07b1bc08b
SHA1 bdba37ad96d8801e8d2c9e30e68afaf3822b0e4a
SHA256 d2eae7eeb07f08972ec78e59eaf73b6cfa48e92121748f61a394a28e33e36788
CRC32 BFF870C9
Ssdeep 384:wEEG/+oBMgfh3+EIOTcxi8kB+JuE1uPFykblh2F/0mjv3Bw2LI/u1sVdvM2zLOY4:wEEG/+xo
下载提交魔盾安全分析
文件名 bbd131ab-09f1-412e-885e-55a73b312ca5[1].jpg
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\bbd131ab-09f1-412e-885e-55a73b312ca5[1].jpg
文件大小 18698 字节
文件类型 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 377x338, frames 3
MD5 b22a78424c65a32f046e5bb2020c1599
SHA1 2143261297ec1ca823daba4ce47864957b91144b
SHA256 10d2f8e184ee09f26b40932a7be116eb9fc1096a603266218d368045ecb44b1d
CRC32 6DD37F85
Ssdeep 384:JsDbJ5bdbljUG02lfOjl7zSXOrT4iJo4tq/Y7iGThzpBFF9:0J5bPwG0BjJGXc4iFsozV/
下载提交魔盾安全分析
文件名 banner[1].png
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\banner[1].png
文件大小 77196 字节
文件类型 PNG image data, 1000 x 139, 8-bit/color RGBA, non-interlaced
MD5 568b522f6396e8e2dd7ff163b8d7c88a
SHA1 3d5583fa202844cc0656d7a41636a64b66031488
SHA256 9b895a8e5184bb32e0aa28552ca4ffb21a1ce32ba3418a800a0557560ebdd4b8
CRC32 8A9C5329
Ssdeep 1536:I2IgtJKujtRawmGWUTmneRBPYAXlPl68jgkIcZlbVkm:sgtTjtRiXlezYAXH68jsUKm
下载提交魔盾安全分析
文件名 bf14f296-1b48-402a-9328-85cb0096aa6e[1].jpg
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\bf14f296-1b48-402a-9328-85cb0096aa6e[1].jpg
文件大小 17174 字节
文件类型 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 645x431, frames 3
MD5 e4dfbb7abd37d2a0f00a7527ce598742
SHA1 98f76b0251c19f31384be46506916650434315da
SHA256 7709a1f741e240cfc1176a9c9af8debf7f328e2acb8bf0d76b3fe2eec5a527fc
CRC32 166F72AB
Ssdeep 384:AIhtJejWWUKXiT83orgUuQe0JJTaCDyA0QUMJ0hv:LwKWriT0orgUtFJNaCSvhv
下载提交魔盾安全分析
文件名 RecoveryStore.{D66EA763-E06B-11E7-BBD3-525400DC3206}.dat
相关文件
C:\Users\test\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D66EA763-E06B-11E7-BBD3-525400DC3206}.dat
文件大小 5120 字节
文件类型 Composite Document File V2 Document, Cannot read section info
MD5 72a0f684ee1d93e081cad65f6c8f6347
SHA1 711d06e8a47c7821b9945857afc10ee92da2fd1b
SHA256 c0a3b5812dd1d2c9fed96a8320343c7536d6343be2bbb71fe8e7521daf9c335b
CRC32 9F903E83
Ssdeep 12:rl0oXGF2wrEgm8G+IaCrI05c8OhbCF2vrEg5+IaCrI057uHrG77dQNlTqo5LuNlv:rJwG8O/K8yv5/JQNlWoVuNlWoVx
下载提交魔盾安全分析
文件名 e79c2398-7c90-4cb7-8c10-02c1fb0572a7[1].jpg
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\e79c2398-7c90-4cb7-8c10-02c1fb0572a7[1].jpg
文件大小 40405 字节
文件类型 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 718x538, frames 3
MD5 b5a146c3bb5ed0371b657e9aeabca6be
SHA1 ca2378048eb95caf3f27a045dff8654c207e2269
SHA256 9b0f1d94199ca98fae8e13604dcd7359e143210ad4c99cf87c980b8dcc30f755
CRC32 A04ED8A9
Ssdeep 768:XSvvGMQJTStHV2rfctDNVopjy+xF2YQ2QkfUyZalyYrFB0hB7:XSuJmt12rE/L+x45U1/0L0h9
下载提交魔盾安全分析
文件名 test@baidu[1].txt
相关文件
C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@baidu[1].txt
文件大小 109 字节
文件类型 ASCII text
MD5 725bb7adb493d64c488358298a57f289
SHA1 4091d80c7f8f3c31d69381f23288bcf265d62f34
SHA256 c8bbf4e9041ddfee488f97ec16aea059f2505904b9977239d8ec5c28bab3e682
CRC32 3AF72B12
Ssdeep 3:lmsShtkW8WKQdW4hUvkAYv7YVU2jnRvU1UTN0QN:Vc0WpRhBYUWJyKf
下载提交魔盾安全分析显示文本
BAIDUID
0CD644D3BD343554B30644A58E61CBE8:FG=1
baidu.com/
2147484672
812550016
30708554
1957916912
30635328
*
文件名 prototype[1].ashx
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\prototype[1].ashx
文件大小 5110 字节
文件类型 ASCII text, with CRLF, LF line terminators
MD5 b6753311759ee43422d7d24a6e0c6f58
SHA1 6173238f3e865be96c77ca03d3a667f8131322ae
SHA256 e6588912694f553918ced61eec533ef0e6c38d41723a7f081d5563d531b9895a
CRC32 D9E9F31C
Ssdeep 96:ECxmOSQpCAkCKFU8ziMY+fw6eWkHgChsfhsNInFP3LuzV7bWRqt:EKmOZppe1zU+fw6eBH5mfmNaP3pi
下载提交魔盾安全分析显示文本
// JavaScript prototype extensions

Object.extend = function(dest, source, replace) {
	for(prop in source) {
		if(replace == false && dest[prop] != null) continue;
		dest[prop] = source[prop];
	}
	return dest;
}

Object.extend(Function.prototype, {
	getArguments: function() {
		var args = [];
		for(var i=0; i<this.arguments.length; i++)
			args.push(this.arguments[i]);
		return args;
	},
	apply: function(o, a) {
		var r, x = "__fapply";
		if(typeof o != "object") o = {};
		o[x] = this;
		var s = "r = o." + x + "(";
		for(var i=0; i<a.length; i++) {
			if(i>0) s += ",";
			s += "a[" + i + "]";
		}
		s += ");";
		eval(s);
		delete o[x];
		return r;
	},
	bind: function(o) {
		if(!window.__objs) {
			window.__objs = [];
			window.__funcs = [];
		}

		var objId = o.__oid;
		if(!objId)
			__objs[objId = o.__oid = __objs.length] = o;

		var me = this;
		var funcId = me.__fid;
		if(!funcId)
			__funcs[funcId = me.__fid = __funcs.length] = me;

		if(!o.__closures)
			o.__closures = [];

		var closure = o.__closures[funcId];
		if(closure)
			return closure;

		o = null;
		me = null;

		return __objs[objId].__closures[funcId] = function() {
			return __funcs[funcId].apply(__objs[objId], arguments);
		};
	}
}, false);

Object.extend(Function, {
	isFunction: function(f) {
		if(f != null && typeof f == "function")
			return true;
		return false;
	}
}, false);

Object.extend(String.prototype, {
	endsWith: function(s) {
		return (this.substr(this.length - s.length) == s);
	},
	startsWith: function(s) {
		return (this.substr(0, s.length) == s);
	},
	trimLeft: function() {
		return this.replace(/^\s*/,"");
	},
	trimRight: function() {
		return this.replace(/\s*$/,"");
	},
	trim: function() {
		return this.trimRight().trimLeft();
	}
}, false);

Object.extend(String, {
	format: function(s) {
		for(var i=1; i<arguments.length; i++) {
			s = s.replace("{" + (i -1) + "}", arguments[i]);
		}
		return s;
	},
	isNullOrEmpty: function(s) {
		if(s == null || s.length == 0)
			return true;
		return false;
	}
}, false);

Object.extend(Array.prototype, {
	push: function(o) {
		this[this.length] = o;
	},
	clear: function() {
		this.length = 0;
		return this;
	},
	shift: function() {
		if(this.length == 0) return null;
		var o = this[0];
		for(var i=0; i<this.length-1; i++)
			this[i] = this[i + 1];
		this.length--;
		return o;
	}
}, false);

// JavaScript namespaces

Object.extend(window, {
	addNamespace: function(ns) {
		var nsParts = ns.split(".");
		var root = window;
		for(var i=0; i<nsParts.length; i++) {
			if(typeof root[nsParts[i]] == "undefined")
				root[nsParts[i]] = {};
			root = root[nsParts[i]];
		}
	},
	$: function() {
		var elements = new Array();
		for(var i=0; i<arguments.length; i++) {
			var e = arguments[i];
			if(typeof e == 'string')
				e = document.getElementById(e);
			if (arguments.length == 1)
				return e;
			elements.push(e);
		}
		return elements;
	},
	Class: {
		create: function() {
			return function() {
				if(typeof this.initialize == "function")
					this.initialize.apply(this, arguments);
			}
		}
	}
}, false);

// Browser related properties

addNamespace("MS.Browser");
MS.Browser.isIE = (window.navigator.appName.toLowerCase().indexOf('explorer') != -1 || window.navigator.appName.toLowerCase().indexOf('msie') != -1 );
if(window.navigator.userAgent.toLowerCase().indexOf('opera') != -1) MS.Browser.isIE = false;

// Debugging

addNamespace("MS.Debug");

Object.extend(MS.Debug, {
	enabled: false,
	trace: function(s) {
		window.status = s;
	}
}, false);

// DHTML related functions

addNamespace("MS.Position");

Object.extend(MS.Position, {
	getLocation: function(ele) {
		var x = 0;
		var y = 0;
		var p;
		for(p=ele; p; p=p.offsetParent) {
			if(p.offsetLeft && p.offsetTop) {
				x += p.offsetLeft;
				y += p.offsetTop;
			}
		}
		return {left:x,top:y};
	},
	getBounds: function(ele) {
		var offset = MS.Position.getLocation(ele);
		var width = ele.offsetWidth;
		var height = ele.offsetHeight;
		return {left:offset.left, top:offset.top, width:width, height:height};
	}
}, false);

// Event binding for DHTML

function addEvent(o, evType, f, capture) {
	if(o.addEventListener) {
		o.addEventListener(evType, f, capture);
		return true;
	} else if (o.attachEvent) {
		var r = o.attachEvent("on" + evType, f);
		return r;
	} else {
		// alert("Handler could not be attached");
	}
} 

function removeEvent(o, evType, f, capture) {
	if(o.removeEventListener) {
		o.removeEventListener(evType, f, capture);
		return true;
	} else if (o.detachEvent) {
		o.detachEvent("on" + evType, f);
	} else {
		// alert("Handler could not be removed");
	}
}

// Helper classes (.NET style)

function StringBuilder() {
	this.s = [];
}

Object.extend(StringBuilder.prototype, {
	append: function(v) {
		this.s.push(v);
	},
	clear: function() {
		this.s.length = 0;
	},
	toString: function() {
		return this.s.join("");
	}
});
文件名 tangram[1].js
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\tangram[1].js
文件大小 109287 字节
文件类型 data
MD5 81040e695eba15ff3767063e37768233
SHA1 e1952e27f6dc3d6339128cec157acef8cc0a775f
SHA256 2b7fc19ce6cbcd3a161b62abb3766cb953a72e8473f4fd0f38fcdba3515ae487
CRC32 E4B090A2
Ssdeep 1536:mpht1agWPDf79u385/iMbxwQd5UOOOxpE9iJSJ9d1+RuZDmaoAA8y1PRh2UitDyo:mf2bHd2UknHtmaokGThQKE
Yara
  • Rule to detect the no presence of any attachment
  • Rule to detect the no presence of any image
  • Rule to detect the presence of an or several urls
下载提交魔盾安全分析
文件名 topbg[1].jpg
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\topbg[1].jpg
文件大小 1150 字节
文件类型 JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 4x32, frames 3
MD5 d7964dd9e46ff2650a69c93e48c8b6bc
SHA1 ef83e8c8fe0742d5b3998851a50f242f15dff35d
SHA256 5dad8aa1da3f069378195fd47c4d5447a3295f8b0180d7fd19b5656daace7ec3
CRC32 985390DB
Ssdeep 24:LK1he91Wwjx82lY2T3ouVSW8VHy1yJ3VSIwHtuaGs27Imr:8qQNn2xYD9yEJ3YIktua+vr
下载提交魔盾安全分析
文件名 converter[1].ashx
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\converter[1].ashx
文件大小 2945 字节
文件类型 ASCII text, with CRLF line terminators
MD5 ff3eba9c8ccaf5d06fbac5da7d060aab
SHA1 03fcb0fadaccd212064edb3b48ea6a73eae0acdc
SHA256 2fb89d024e8101c9fcfe7380badb39b6426cc69bc0bc410cbea9c57a88eabce5
CRC32 78425137
Ssdeep 48:TpamtiktyVryAjAh1YZz/g7HvuDqqPY1qvzrtQJTe//5z0HAs:Tpam4YKWAjAh1YxyH2DHPAqLZQxoh0HP
下载提交魔盾安全分析显示文本
addNamespace("Ajax.Web");

Ajax.Web.NameValueCollection = function() {
	this.__type = "System.Collections.Specialized.NameValueCollection";
	this.add = function(key, value) {
		if(this[key] == null) {
			this[key] = value;
		}
	}
	this.getKeys = function() {
		var keys = [];
		
		for(key in this)
			if(typeof this[key] != "function")
				keys.push(key);
			
		return keys;
	}
	this.getValue = function(key) {
		return this[key];
	}
	this.toJSON = function() {
		var o = this;
		o.toJSON = null;
		delete o.toJSON;
		return AjaxPro.toJSON(o);
	}
}


addNamespace("Ajax.Web");

Ajax.Web.DataSet = function(tables) {
	this.__type = "System.Data.DataSet,System.Data";
	this.Tables = [];

	this.addTable = function(table) {
		this.Tables.push(table);
	}

	if(tables != null) {
		for(var i=0; i<tables.length; i++) {
			this.addTable(tables[i]);
		}
	}
}

addNamespace("Ajax.Web");

Ajax.Web.DataTable = function(columns, rows) {
	this.__type = "System.Data.DataTable,System.Data";
	this.Columns = [];
	this.Rows = [];

	this.addColumn = function(name, type) {
		var c = {Name:name,__type:type};
		this.Columns.push(c);
	}
	this.toJSON = function() {
		var dt = {};

		dt.Columns = [];
		for(var i=0; i<this.Columns.length; i++)
			dt.Columns.push([this.Columns[i].Name, this.Columns[i].__type]);

		dt.Rows = [];
		for(var i=0; i<this.Rows.length; i++) {
			var row = [];
			for(var j=0; j<this.Columns.length; j++)
				row.push(this.Rows[i][this.Columns[j].Name]);
			dt.Rows.push(row);
		}
		return AjaxPro.toJSON(dt);
	}
	this.addRow = function(row) {
		this.Rows.push(row);
	}

	if(columns != null) {
		for(var i=0; i<columns.length; i++) {
			this.addColumn(columns[i][0], columns[i][1]);
		}
	}
	if(rows != null) {
		for(var i=0; i<rows.length; i++) {
			var row = {};
			for(var c=0; c<this.Columns.length && c<rows[i].length; c++) {
				row[this.Columns[c].Name] = rows[i][c];
			}
			this.addRow(row);
		}
	}
}



addNamespace("Ajax.Web");

Ajax.Web.Dictionary = function(type, kT, vT, items) {
	this.__type = type;
	this.kT = kT;
	this.vT = vT;
	this.keys = [];
	this.values = [];

	this.add = function(key, value) {
		this.keys.push(key);
		this.values.push(value);
		return this.values.length -1;
	}

	if(items != null && !isNaN(items.length)) {
		for(var i=0; i<items.length; i++) {
			this.add(items[i][0], items[i][1]);
		}
	}

	this.containsKey = function(key) {
		for(var i=0; i<this.keys.length; i++) {
			if(this.keys[i] == key) return true;
		}
		return false;
	}
	this.getValue = function(key) {
		for(var i=0; i<this.keys.length && i<this.values.length; i++) {
			if(this.keys[i] == key) return this.values[i];
		}
		return null;
	}
	this.toJSON = function() {
		var o = {__type:this.__type,kT:this.kT,vT:this.vT,keys:this.keys,values:this.values};
		return AjaxPro.toJSON(o);
	}
}





文件名 core[1].ashx
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\core[1].ashx
文件大小 13672 字节
文件类型 HTML document, ASCII text, with CRLF line terminators
MD5 c7e0bb9be7bd6919014d9487d1b26261
SHA1 b1c929b53f8abc5b259203fd971de8d200f6037b
SHA256 37cb6a70165bcc145bac4c19e8e1ed946b11242577daf18681e58ac5757c19ec
CRC32 B693155E
Ssdeep 192:9LXtafw8Q8IEOGj/4xlMG3c+U8PE/mf4JzQdF9Uox4f/Cw1Zrmup0Wku5VtHfk/j:pX04XMGHlE/rJzQJ54VHjp0WLcL
下载提交魔盾安全分析显示文本
addNamespace("AjaxPro");

Object.extend(AjaxPro, {
	noOperation: function() {},
	cryptProvider: null,
	queue: null,
	token: "",
	version: "6.5.17.1",
	ID: "AjaxPro",
	noActiveX: false,
	timeoutPeriod: 5000,
	queue: null,
	typeOf: function(o) {
		if(o != null && o.__type) {
			var ts = this.__type.split(',');

			if(ts.length > 0)
				return ts[0];
			else
				return typeof o;

		} else {
			return typeof o;
		}
	},
	getInstance: function(className, o) {
		if(o == null) o = window;
		var c = className.split(".");	
		if(c.length > 1)
			return AjaxPro.getInstance(className.substr(className.indexOf(".") +1), o[c[0]]);
		return o[className];
	},
	toJSON: function(o) {
		if(o == null)
			return "null";
		switch(o.constructor) {
			case String:
				var s = o; // .encodeURI();
				s = '"' + s.replace(/(["\\])/g, '\\$1') + '"';
				s = s.replace(/\n/g,"\\n");
				s = s.replace(/\r/g,"\\r");
				return s;
			case Array:
				var v = [];
				for(var i=0; i<o.length; i++)
					v.push(AjaxPro.toJSON(o[i])) ;
				return "[" + v.join(",") + "]";
			case Number:
				return isFinite(o) ? o.toString() : AjaxPro.toJSON(null);
			case Boolean:
				return o.toString();
			case Date:
				var d = new Object();
				d.__type = "System.DateTime";
				d.Year = o.getUTCFullYear();
				d.Month = o.getUTCMonth() +1;
				d.Day = o.getUTCDate();
				d.Hour = o.getUTCHours();
				d.Minute = o.getUTCMinutes();
				d.Second = o.getUTCSeconds();
				d.Millisecond = o.getUTCMilliseconds();
				d.TimezoneOffset = o.getTimezoneOffset();
				return AjaxPro.toJSON(d);
			default:
				if(o["toJSON"] != null && typeof o["toJSON"] == "function")
					return o.toJSON();
				if(typeof o == "object") {
					var v=[];
					for(attr in o) {
						if(typeof o[attr] != "function")
							v.push('"' + attr + '":' + AjaxPro.toJSON(o[attr]));
					}
					if(v.length>0)
						return "{" + v.join(",") + "}";
					return "{}";		
				}
				return o.toString();
		}
	}
});

// IFrame XmlHttp Proxy

AjaxPro.IFrameXmlHttp = function() {};
AjaxPro.IFrameXmlHttp.prototype = {
	onreadystatechange: null, headers: [], method: "POST", url: null, async: true, iframe: null,
	status: 0, readyState: 0, responseText: null,
	abort: function() {
	},
	readystatechanged: function() {
		var doc = this.iframe.contentDocument || this.iframe.document;
		if(doc != null && doc.readyState == "complete" && doc.body != null && doc.body.res != null) {
			this.status = 200;
			this.readyState = 4;
			this.responseText = doc.body.res;
			this.onreadystatechange();
			return;
		}
		setTimeout(this.readystatechanged.bind(this), 10);
	},
	open: function(method, url, async) {
		if(async == false) {
			alert("Synchronous call using IFrameXMLHttp is not supported.");
			return;
		}
		if(this.iframe == null) {
			var iframeID = "hans";
			if (document.createElement && document.documentElement &&
				(window.opera || navigator.userAgent.indexOf('MSIE 5.0') == -1))
			{
				var ifr = document.createElement('iframe');
				ifr.setAttribute('id', iframeID);
				ifr.style.visibility = 'hidden';
				ifr.style.position = 'absolute';
				ifr.style.width = ifr.style.height = ifr.borderWidth = '0px';

				this.iframe = document.getElementsByTagName('body')[0].appendChild(ifr);
			}
			else if (document.body && document.body.insertAdjacentHTML)
			{
				document.body.insertAdjacentHTML('beforeEnd', '<iframe name="' + iframeID + '" id="' + iframeID + '" style="border:1px solid black;display:none"></iframe>');
			}
			if (window.frames && window.frames[iframeID]) this.iframe = window.frames[iframeID];
			this.iframe.name = iframeID;
			this.iframe.document.open();
			this.iframe.document.write("<html><body></body></html>");
			this.iframe.document.close();
		}
		this.method = method;
		this.url = url;
		this.async = async;
	},
	setRequestHeader: function(name, value) {
		for(var i=0; i<this.headers.length; i++) {
			if(this.headers[i].name == name) {
				this.headers[i].value = value;
				return;
			}
		}
		this.headers.push({"name":name,"value":value});
	},
	getResponseHeader: function(name, value) {
		return null;
	},
	addInput: function(doc, form, name, value) {
		var ele;
		var tag = "input";
		if(value.indexOf("\n") >= 0) tag = "textarea";
		
		if(doc.all) {
			ele = doc.createElement("<" + tag + " name=\"" + name + "\" />");
		}else{
			ele = doc.createElement(tag);
			ele.setAttribute("name", name);
		}
		ele.setAttribute("value", value);
		form.appendChild(ele);
		ele = null;
	},
	send: function(data) {
		if(this.iframe == null) {
			// alert("Connection must be opened before sending data.");
			return;
		}
		var doc = this.iframe.contentDocument || this.iframe.document;
		var form = doc.createElement("form");
		
		doc.body.appendChild(form);
		
		form.setAttribute("action", this.url);
		form.setAttribute("method", this.method);
		
		for(var i=0; i<this.headers.length; i++) {
			switch(this.headers[i].name.toLowerCase()) {
				case "content-length":
				case "accept-encoding":
					break;
				case "content-type":
					form.setAttribute("enctype", this.headers[i].value);
					break;
				default:
					this.addInput(doc, form, this.headers[i].name, this.headers[i].value);
			}
		}
		this.addInput(doc, form, "data", data);
		form.submit();
		setTimeout(this.readystatechanged.bind(this), 1);
	}
};

// IE compatibility methods

if(!window.XMLHttpRequest) {
	window.XMLHttpRequest = function() {
		var xmlHttp = null;
		if(!AjaxPro.noActiveX) {
			var clsids = ["Msxml2.XMLHTTP.4.0", "MSXML2.XMLHTTP", "Microsoft.XMLHTTP"];
			for(var i=0; i<clsids.length && xmlHttp == null; i++) {
				try {
					xmlHttp = new ActiveXObject(clsids[i]);
				} catch(e){}
			}
		}
		if(xmlHttp == null && MS.Browser.isIE) {
			return new AjaxPro.IFrameXmlHttp();
		}
		return xmlHttp;
	}
}

// Ajax.NET Professional Request and Queue

AjaxPro.Request = function(url) {
	this.url = url;
	this.xmlHttp = null;
};

AjaxPro.Request.prototype = {
	url: null,
	callback: null,
	onLoading: null,
	onError: null,
	onTimeout: null,
	onStateChanged: null,
	args: null,
	context: null,
	isRunning: false,
	abort: function() {
		this.xmlHttp.onreadystatechange = AjaxPro.noOperation;
		this.xmlHttp.abort();
		
		this.isRunning = false;
	},
	doStateChange: function() {
		if(this.onStateChanged != null && typeof this.onStateChanged == "function")
			try{ this.onStateChanged(this.xmlHttp.readyState, this); }catch(e){}

		if(this.xmlHttp.readyState != 4)
			return;

		if(this.xmlHttp.status == 200) {
			this.duration = new Date().getTime() - this.__start;

			if(this.timeoutTimer != null) clearTimeout(this.timeoutTimer);
			if(typeof this.onLoading == "function") this.onLoading(false);
			
			var res = this.createResponse();
			
			this.abort();

			if(res.error != null && typeof this.onError == "function")
				try{ this.onError(res.error, this); }catch(e){}
			
			if(typeof this.callback == "function")
				this.callback(res, this);
		} else {
			var res = this.createResponse(true);

			res.error = {Message:this.xmlHttp.statusText,Type:"ConnectFailure",Status:this.xmlHttp.status};

			this.abort();
			
			if(res.error != null && typeof this.onError == "function")
				try{ this.onError(res.error, this); }catch(e){}
			
			if(typeof this.callback == "function")
				this.callback(res, this);
		}
	},
	createResponse: function(noContent) {
		var r = new Object();
		r.error = null;
		r.value = null;
		r.request = {method:this.method,args:this.args};
		r.context = this.context;

		if(MS.Debug.enabled == true)
			MS.Debug.trace("... " + this.method + " finished.");
		
		if(!noContent) {
			var responseText = new String(this.xmlHttp.responseText);

			if(AjaxPro.cryptProvider != null && typeof AjaxPro.cryptProvider == "function")
				responseText = AjaxPro.cryptProvider.decrypt(responseText);

			if(this.xmlHttp.getResponseHeader("Content-Type") == "text/xml")
				r.value = this.xmlHttp.responseXML;
			else
				if(resp <truncated>
文件名 Site[1].css
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\Site[1].css
文件大小 12081 字节
文件类型 assembler source, UTF-8 Unicode (with BOM) text, with CRLF line terminators
MD5 34a2f9f5879596cd5457fff888175973
SHA1 8a67afba9356a51a859c43fd6b4bcf9b10508cad
SHA256 c359afcf5e0504a560988e244a691801c5c87029fa16b514a92773a6f993b387
CRC32 5AAA36F5
Ssdeep 192:ZcnLQ0huhJZHvKCeAbOcpk7c6ArpRW91eu1VEzzsGG:ELQlpk7rKIyYVFt
下载提交魔盾安全分析
文件名 4a1a1c26-f711-4c39-8fa7-7bc573a71374[1].jpg
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\4a1a1c26-f711-4c39-8fa7-7bc573a71374[1].jpg
文件大小 20078 字节
文件类型 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 667x445, frames 3
MD5 ab7249e2e931344f7f0c0f50c00adfc1
SHA1 1007669be13646e2ead4806500917e9a1041e12c
SHA256 7290ab60bc52461c28d40669ff83d5220f2e6126e161c77bcfc39d0162b458f7
CRC32 76CA679B
Ssdeep 384:ATbUf+X+1HH4+UbsaXSaouZ6jxbZVtgeljiJ77uE3j:AnUfz1n4tb/oBbDt3aqET
下载提交魔盾安全分析
文件名 slide_share[1].css
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\slide_share[1].css
文件大小 5715 字节
文件类型 UTF-8 Unicode text, with very long lines, with no line terminators
MD5 e1c68eefc264f210aa5d9f079c50d088
SHA1 c5ec2833333865b7076a9e85e8575a014b636191
SHA256 1146a9860dae1fbbb776e96c57dbeecb40f2dfc049f6a398c9292c9561afff83
CRC32 00ADE920
Ssdeep 48:f0mv4VcUEyxyq48C3w54s+gaGd2P1jMfdbUmqE2KtF/wwG6hYe5EzEdWnmb0zV3M:8/yUHxyqUm4mD9umLZyXZSTftsL0
下载提交魔盾安全分析显示文本
.bdshare-slide-button-box{height:326px;position:fixed;overflow:visible}.bdshare-slide-button-box .bdshare-slide-button{width:24px;height:88px;display:block;position:absolute;top:58px}.bdshare-slide-style-r0 .bdshare-slide-button{background:url(../img/share/r0.gif?v=d9371706.gif) no-repeat 0 0}.bdshare-slide-style-r1 .bdshare-slide-button{background:url(../img/share/r1.gif?v=5668db67.gif) no-repeat 0 0}.bdshare-slide-style-r2 .bdshare-slide-button{background:url(../img/share/r2.gif?v=08b06973.gif) no-repeat 0 0}.bdshare-slide-style-r3 .bdshare-slide-button{background:url(../img/share/r3.gif?v=76e62e61.gif) no-repeat 0 0}.bdshare-slide-style-r4 .bdshare-slide-button{background:url(../img/share/r4.gif?v=1a3eaae1.gif) no-repeat 0 0}.bdshare-slide-style-r5 .bdshare-slide-button{background:url(../img/share/r5.gif?v=c90e5a12.gif) no-repeat 0 0}.bdshare-slide-style-r6 .bdshare-slide-button{background:url(../img/share/r6.gif?v=8af9306f.gif) no-repeat 0 0}.bdshare-slide-style-r7 .bdshare-slide-button{background:url(../img/share/r7.gif?v=053cdaac.gif) no-repeat 0 0}.bdshare-slide-style-r8 .bdshare-slide-button{background:url(../img/share/r8.gif?v=640a093b.gif) no-repeat 0 0}.bdshare-slide-style-l0 .bdshare-slide-button{background:url(../img/share/l0.gif?v=4e666e56.gif) no-repeat 0 0}.bdshare-slide-style-l1 .bdshare-slide-button{background:url(../img/share/l1.gif?v=3ffb4640.gif) no-repeat 0 0}.bdshare-slide-style-l2 .bdshare-slide-button{background:url(../img/share/l2.gif?v=47242a70.gif) no-repeat 0 0}.bdshare-slide-style-l3 .bdshare-slide-button{background:url(../img/share/l3.gif?v=78e2d043.gif) no-repeat 0 0}.bdshare-slide-style-l4 .bdshare-slide-button{background:url(../img/share/l4.gif?v=4afa38d2.gif) no-repeat 0 0}.bdshare-slide-style-l5 .bdshare-slide-button{background:url(../img/share/l5.gif?v=5e170970.gif) no-repeat 0 0}.bdshare-slide-style-l6 .bdshare-slide-button{background:url(../img/share/l6.gif?v=8759da8b.gif) no-repeat 0 0}.bdshare-slide-style-l7 .bdshare-slide-button{background:url(../img/share/l7.gif?v=df4c2738.gif) no-repeat 0 0}.bdshare-slide-style-l8 .bdshare-slide-button{background:url(../img/share/l8.gif?v=31ac73d4.gif) no-repeat 0 0}.bdshare-slide-list-box{border:solid 1px #e9e9e9;text-align:left;overflow:hidden;background:#f6f6f6}.bdshare-slide-top{height:28px;color:#626262;overflow:hidden;font-weight:bold;font-size:14px;line-height:28px;padding:0 5px}.bdshare-slide-list{background:#fff;overflow:auto;overflow-x:hidden;padding:5px 0;margin:0;background:#fff;overflow:auto;overflow-x:hidden;_zoom:1}.bdshare-slide-list-ul{padding:0;margin:0;border:0;list-style:none}.bdshare-slide-bottom{line-height:25px;font-size:12px;text-align:right;clear:both;height:30px}.bdshare-slide-bottom a{color:#999;text-decoration:none;border:0;float:right}.bdshare-slide-bottom a:hover{color:#00a9e0}.bdshare-slide-list li{float:left;padding:2px;margin-left:6px;_margin-left:3px;height:28px;overflow:hidden;list-style:none;width:100px}.bdshare-slide-list a,.bdshare-slide-bottom a{color:#565656;font:12px '\xe5\xae\x8b\xe4\xbd\x93';display:block;background-image:url(../img/share/icons_0_16.png?v=91362611.png);background-repeat:no-repeat;padding:5px 0 5px 28px;text-decoration:none;border:1px solid #fff;line-height:18px}.bdshare-slide-list a:hover{background-color:#f3f3f3;border:1px solid #eee;border-radius:3px;-webkit-border-radius:3px;-moz-border-radius:3px}.slide-qzone{background-position:4px -47px}.slide-tsina{background-position:4px -99px}.slide-renren{background-position:4px -203px}.slide-tqq{background-position:4px -255px}.slide-kaixin001{background-position:4px -307px}.slide-tqf{background-position:4px -359px}.slide-hi{background-position:4px -411px}.slide-douban{background-position:4px -463px}.slide-tieba{background-position:4px -723px}.slide-hx{background-position:4px -983px}.slide-fx{background-position:4px -1035px}.slide-ty{background-position:4px -1191px}.slide-fbook{background-position:4px -1347px}.slide-twi{background-position:4px -1399px}.slide-zx{background-position:4px -1607px}.slide-linkedin{background-position:4px -1659px}.slide-meilishuo{background-position:4px -1711px}.slide-mogujie{background-position:4px -1763px}.slide-diandian{background-position:4px -1815px}.slide-huaban{background-position:4px -1867px}.slide-duitang{background-position:4px -2023px}.slide-youdao{background-position:4px -2075px}.slide-wealink{background-position:4px -2179px}.slide-copy{background-position:4px -2283px}.slide-mail{background-position:4px -2335px}.slide-print{background-position:4px -2387px}.slide-mshare{background-position:4px -2439px}.slide-sqq{background-position:4px -2647px}.slide-sdo{background-position:4px -2699px}.slide-qingbiji{background-position:4px -2751px}.slide-people{background-position:4px -2803px}.slide-xinhua{background-position:4px -2907px}.slide-yaolan{background-position:4px -2959px}.slide-thx{background-position:4px -2491px}.slide-bdhome{background-position:4px -151px}.slide-bdxc{background-position:4px -2543px}.slide-bdysc{background-position:4px -3063px}.slide-isohu{background-position:4px -3011px}.slide-more{background-position:4px 5px}.slide-ibaidu{background-position:4px -3115px}.slide-weixin{background-position:4px -1607px}.slide-iguba{background-position:4px -1295px}.slide-evernotecn{background-position:4px -3179px}.bdshare-slide-bottom .slide-more{border:none;margin-right:10px}.slide-tsohu,.slide-tfh,.slide-baidu,.slide-qq,.slide-msn,.slide-sohu,.slide-qy,.slide-leho,.slide-ifeng,.slide-ff,.slide-tuita,.slide-ms,.slide-deli,.slide-s51,.slide-t163,.slide-share189,.slide-xg,.slide-s139{display:none}.bdshare-slide-list a:hover{-moz-background-clip:padding;-webkit-background-clip:padding-box;background-clip:padding-box}
文件名 paperimg[1].png
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\paperimg[1].png
文件大小 14200 字节
文件类型 PNG image data, 100 x 80, 8-bit/color RGB, non-interlaced
MD5 d604d05a42049d82922862492ea7081b
SHA1 c77821c05b70431f79ab1ab134d3808cb83a5062
SHA256 7694c98faafaae884e2fc85b840c6c2add27ebb989a3e09e22aafc30d216f77a
CRC32 38F8E068
Ssdeep 384:W50wx9kce7Egm8SPDh9p8g+G44cP53YN9BPl:sX9Em8QW/PFYvB9
下载提交魔盾安全分析
文件名 6b122413-0e1e-4852-bdc0-79a05d40ee79[1].png
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\6b122413-0e1e-4852-bdc0-79a05d40ee79[1].png
文件大小 20079 字节
文件类型 PNG image data, 245 x 232, 8-bit/color RGB, non-interlaced
MD5 ec241cad1d7f45aa0d732420c4565892
SHA1 e744028205b10b2154411646c92309f0e65a989f
SHA256 9534142beebdb9f457261f5dceb4ca8d2214aa238b5dc4c435ca7ec66c8f57b0
CRC32 CD1EA0C2
Ssdeep 384:yBleqjMmx7Z8ab7e1poQ87gi4uYuCmKSJSDJ4X+VW74WDo1oR89ZPO:K8qhe13buYuCmvJ3+VWTxeZ2
下载提交魔盾安全分析
文件名 newtrain[1].png
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\newtrain[1].png
文件大小 4706 字节
文件类型 PNG image data, 40 x 37, 8-bit/color RGBA, non-interlaced
MD5 89d9d5149d07c7bb7b4f41ea1c5d3651
SHA1 8cabc9c9986729b981fd5c31e39b1e538579b8c9
SHA256 3fd9b513f6fa0f1554389d40c525463abd62bf4ddcef3f180d455afffbfde699
CRC32 F1EF476B
Ssdeep 96:QSMllcHitlIxv9vk7C1+I4wWHLihk/xameQUW64UC2JASbsRzuNuQY:QSHIIHUCD4waBR8rApGuQY
下载提交魔盾安全分析
文件名 0bbf8412-461c-4b33-94df-74e070c5289e[1].jpg
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\0bbf8412-461c-4b33-94df-74e070c5289e[1].jpg
文件大小 152693 字节
文件类型 JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], progressive, precision 8, 1280x960, frames 3
MD5 62f1b2b668d5f82c881f8a26831407d2
SHA1 a095f7482bbc2bcf5f8492703427f90ebae2e903
SHA256 3aea4720af265e18d455fefccc59b6c280c0df50b5784f60334b91c03014828a
CRC32 E21AE423
Ssdeep 3072:Bb6W3V4k70e2W/zhfH+kUKTuG3kn1ISM2LPvC0Ef5WYpjguB7Ye9i:Bu858o501IXqXCtfM5u+eA
下载提交魔盾安全分析
文件名 logger[1].js
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\logger[1].js
文件大小 2203 字节
文件类型 ASCII text, with very long lines, with no line terminators
MD5 d397b4ba354d353f9ad34be1d16ec0e3
SHA1 91b378941ecd038d42eb4713354ab059eb0d7a85
SHA256 f5416ffdacd8f2fcac33f770940b51fe38f5868c65c257e9620332ab7aaf8027
CRC32 7CFA398F
Ssdeep 48:DBxDn8sq2tbrk4QT8CEYmQ8BoeCLYdR55qmzu4E1qJmCT:DBxD8sBAD44x8ucJmCT
Yara
  • Rule to detect the no presence of any attachment
  • Rule to detect the no presence of any image
  • Rule to detect the presence of an or several urls
下载提交魔盾安全分析显示文本
window._bd_share_main.F.module("trans/logger",function(e,t){var n=e("base/tangram").T,r=e("component/comm_tools"),i=e("conf/const").URLS,s=/([http|https]:\/\/[a-zA-Z0-9\_\.]+\.baidu\.com)/ig,o=/[#|&](\d+\-[a-zA-Z\d]+\-\d+\-\d+\-[a-f\d]{32}$)/g,u=(r.getPageUrl().match(o)||"").toString().replace(/#|&/g,""),a=function(e,t){window._bd_share_main.F.use("component/anticheat",function(r){t.sloc=r.getSloc(e);var s=i.commitUrl+"?"+n.ajax.param(t);n.sio(s).log()})},f=function(e){var t=r.getPageUrl();if(s.test(t)&&u=="")return;var o={share:0,slide:0,imgshare:1,addtoshare:2,videoshare:3},a=[0,0,0,0,0,0,0,0];n.each(_bd_share_main._LogPoolV2,function(e,t){a[o[t]]=1});var f={pid:307,type:3071,sign:u,desturl:encodeURIComponent(document.referrer),linkid:r.getLinkId(),apitype:parseInt(a.reverse().join(""),2)},l=i.nsClick+"?"+n.ajax.param(f);n.sio(l).log();var c="http://api.share.baidu.com/v.gif?l="+encodeURIComponent(window.location.href);n.sio(c).log()},l=function(){var e={pid:307,type:3072,sign:u,uid:_bd_share_main.uid,linkid:r.getLinkId(),desturl:encodeURIComponent(document.referrer)},t=i.nsClick+"?"+n.ajax.param(e);n.sio(t).log()},c=function(){if(u!=""){var e={url:r.getPageUrl().replace(o,""),title:document.title.substr(0,300),sign:u},t=i.backUrl+"?"+n.ajax.param(e);n.sio(t).log()}},h=function(){var e=+(new Date),t={spendTime:0,scrollTop:0,viewHeight:0},r=+(new Date),i=function(){var e=new Date-r;if(e>t.spendTime){var n=document.compatMode=="BackCompat"?document.body:document.documentElement;t={spendTime:e,scrollTop:window.pageYOffset||document.documentElement.scrollTop||document.body.scrollTop,viewHeight:n.clientHeight}}r=new Date},s=0,o=1e3;setInterval(function(){document.hasFocus()&&s++},o),n(window).on("scroll",i),n(window).on("beforeunload",function(){var r=new Date-e;if(r==0)return;i();var u=["http://nsclick.baidu.com/v.gif?pid=307","type=3075","l="+r,"t="+t.scrollTop,"s="+t.spendTime,"v="+t.viewHeight,"f="+s*o,"r="+encodeURIComponent(document.referrer),"u="+encodeURIComponent(window.location.href)].join("&");/firefox\/(\d+\.\d+)/i.test(navigator.userAgent)?n.ajax.request(u,{async:!1,timeout:300}):n.sio(u).log()})};t.commit=a,t.nsClick=f,t.dialog=l,t.back=c,t.duration=h});
文件名 index.dat
相关文件
C:\Users\test\AppData\Local\Microsoft\Feeds Cache\index.dat
文件大小 32768 字节
文件类型 Internet Explorer cache file version Ver 5.2
MD5 0aee387ca0a52dcdd8f8a29ea76edb42
SHA1 5df81547dcadb2a7b8bc689da8e1383ba1a84cb9
SHA256 c31bc37e102b70a472837d530ec80bdaea28b0fefda3e9aa8c8cda98c4200c4e
CRC32 B451CA0B
Ssdeep 12:qjtSaFpbZli3zIoYDPO7em4GZj03W/cKYDPOCG5A30WUsOXQDG9YRm4GZ5:qj4avEIoYTCebGZ7ZYTlEJ0oQQ4bGZ
魔盾安全分析结果 2.0分析时间:2016-11-06 20:10:20查看分析报告
下载提交魔盾安全分析
文件名 1201[1].jpg
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\1201[1].jpg
文件大小 14703 字节
文件类型 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 265x225, frames 3
MD5 c5106cf2e09bbec6a15d45cf57bdf439
SHA1 266a80f007321bd30e5d7affce8a765df337a7f7
SHA256 9182253765637a5f97d57b22741756b296aa723fde4294d19ccff691f4cf2b6e
CRC32 4F867590
Ssdeep 384:DqEcQ9aP2m4mJH898t0/KuR8+wEwprfyLs+ZK:Dz9W4mJC8tOK2gvNyLsd
下载提交魔盾安全分析
文件名 xdfcode[1].jpg
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\xdfcode[1].jpg
文件大小 46788 字节
文件类型 JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=430, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=430], baseline, precision 8, 155x155, frames 3
MD5 bd147397db25d560580bea267dc6e415
SHA1 0115c0eba62b0c11ab05fb1a43f2c9c677866261
SHA256 aa2937e4f0cba78a3a2f80b41bb4df2ef5c0774f918446591158f0246b3569e7
CRC32 9726780A
Ssdeep 768:mli4ZwIZXJ9U6CQli4ZwIZXJ9U6E/kGJQj8rib9sYOr4IZBt3TMf60rZS:mljZwIWSljZwIWF/fej8mbMtofTrZS
下载提交魔盾安全分析
文件名 jquery.SuperSlide[1].js
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\jquery.SuperSlide[1].js
文件大小 9381 字节
文件类型 UTF-8 Unicode text, with very long lines, with CRLF line terminators
MD5 c8e5846b8cbfa034bcc31c8f6d2e2a46
SHA1 dc036a870e6799318ad38acfb1bf9a32dc226cf4
SHA256 aa23cb65b41b2c8857ad95838408efadd4ab9210d73b6f0443bfd0122dea7fb1
CRC32 055F468F
Ssdeep 192:1Y/K1uHRX42xdRGLa6+uGI4QjIlaHwmIuTNSaXHZe2HNc0SqaFvKm31H0ryWQMPW:1YSgx1xdRGL95YlHhlwyT1Xh3
Yara
  • Rule to detect the no presence of any attachment
  • Rule to detect the no presence of any image
  • Rule to detect the presence of an or several urls
下载提交魔盾安全分析显示文本
/*!
 * SuperSlide v2.0 
 * \xe8\xbd\xbb\xe6\x9d\xbe\xe8\xa7\xa3\xe5\x86\xb3\xe7\xbd\x91\xe7\xab\x99\xe5\xa4\xa7\xe9\x83\xa8\xe5\x88\x86\xe7\x89\xb9\xe6\x95\x88\xe5\xb1\x95\xe7\xa4\xba\xe9\x97\xae\xe9\xa2\x98
 * \xe8\xaf\xa6\xe5\xb0\xbd\xe4\xbf\xa1\xe6\x81\xaf\xe8\xaf\xb7\xe7\x9c\x8b\xe5\xae\x98\xe7\xbd\x91\xef\xbc\x9ahttp://www.SuperSlide2.com/
 *
 * Copyright 2011-2013, \xe5\xa4\xa7\xe8\xaf\x9d\xe4\xb8\xbb\xe5\xb8\xad
 *
 * \xe8\xaf\xb7\xe5\xb0\x8a\xe9\x87\x8d\xe5\x8e\x9f\xe5\x88\x9b\xef\xbc\x8c\xe4\xbf\x9d\xe7\x95\x99\xe5\xa4\xb4\xe9\x83\xa8\xe7\x89\x88\xe6\x9d\x83
 * \xe5\x9c\xa8\xe4\xbf\x9d\xe7\x95\x99\xe7\x89\x88\xe6\x9d\x83\xe7\x9a\x84\xe5\x89\x8d\xe6\x8f\x90\xe4\xb8\x8b\xe5\x8f\xaf\xe5\xba\x94\xe7\x94\xa8\xe4\xba\x8e\xe4\xb8\xaa\xe4\xba\xba\xe6\x88\x96\xe5\x95\x86\xe4\xb8\x9a\xe7\x94\xa8\xe9\x80\x94
 */
(function(a){a.fn.slide=function(b){return a.fn.slide.defaults={effect:"fade",autoPlay:!1,delayTime:500,interTime:2500,triggerTime:150,defaultIndex:0,titCell:".hd li",mainCell:".bd",targetCell:null,trigger:"mouseover",scroll:1,vis:1,titOnClassName:"on",autoPage:!1,prevCell:".prev",nextCell:".next",pageStateCell:".pageState",opp:!1,pnLoop:!0,easing:"linear",startFun:null,endFun:null,switchLoad:null},this.each(function(){var c=a.extend({},a.fn.slide.defaults,b),d=c.effect,e=a(c.prevCell,a(this)),f=a(c.nextCell,a(this)),g=a(c.pageStateCell,a(this)),h=a(c.titCell,a(this)),i=h.size(),j=a(c.mainCell,a(this)),k=j.children().size(),l=c.switchLoad;if(null!=c.targetCell)var m=a(c.targetCell,a(this));var n=parseInt(c.defaultIndex),o=parseInt(c.delayTime),p=parseInt(c.interTime);parseInt(c.triggerTime);var r=parseInt(c.scroll),s=parseInt(c.vis),t="false"==c.autoPlay||0==c.autoPlay?!1:!0,u="false"==c.opp||0==c.opp?!1:!0,v="false"==c.autoPage||0==c.autoPage?!1:!0,w="false"==c.pnLoop||0==c.pnLoop?!1:!0,x=0,y=0,z=0,A=0,B=c.easing,C=null,D=n;if(0==i&&(i=k),v){var E=k-s;i=1+parseInt(0!=E%r?E/r+1:E/r),0>=i&&(i=1),h.html("");for(var F=0;i>F;F++)h.append("<li>"+(F+1)+"</li>");var h=a("li",h)}if(j.children().each(function(){a(this).width()>z&&(z=a(this).width(),y=a(this).outerWidth(!0)),a(this).height()>A&&(A=a(this).height(),x=a(this).outerHeight(!0))}),k>=s)switch(d){case"fold":j.css({position:"relative",width:y,height:x}).children().css({position:"absolute",width:z,left:0,top:0,display:"none"});break;case"top":j.wrap('<div class="tempWrap" style="overflow:hidden; position:relative; height:'+s*x+'px"></div>').css({position:"relative",padding:"0",margin:"0"}).children().css({height:A});break;case"left":j.wrap('<div class="tempWrap" style="overflow:hidden; position:relative; width:'+s*y+'px"></div>').css({width:k*y,position:"relative",overflow:"hidden",padding:"0",margin:"0"}).children().css({"float":"left",width:z});break;case"leftLoop":case"leftMarquee":j.children().clone().appendTo(j).clone().prependTo(j),j.wrap('<div class="tempWrap" style="overflow:hidden; position:relative; width:'+s*y+'px"></div>').css({width:3*k*y,position:"relative",overflow:"hidden",padding:"0",margin:"0",left:-k*y}).children().css({"float":"left",width:z});break;case"topLoop":case"topMarquee":j.children().clone().appendTo(j).clone().prependTo(j),j.wrap('<div class="tempWrap" style="overflow:hidden; position:relative; height:'+s*x+'px"></div>').css({height:3*k*x,position:"relative",padding:"0",margin:"0",top:-k*x}).children().css({height:A})}var G=function(){a.isFunction(c.startFun)&&c.startFun(n,i)},H=function(){a.isFunction(c.endFun)&&c.endFun(n,i)},I=function(b){b.eq(n).find("img").each(function(){a(this).attr(l)!==void 0&&a(this).attr("src",a(this).attr(l)).removeAttr(l)})},J=function(a){if(D!=n||a||"leftMarquee"==d||"topMarquee"==d){switch(d){case"fade":case"fold":case"top":case"left":n>=i?n=0:0>n&&(n=i-1);break;case"leftMarquee":case"topMarquee":n>=1?n=1:0>=n&&(n=0);break;case"leftLoop":case"topLoop":var b=n-D;i>2&&b==-(i-1)&&(b=1),i>2&&b==i-1&&(b=-1);var p=Math.abs(b*r);n>=i?n=0:0>n&&(n=i-1)}if(G(),null!=l&&I(j.children()),m&&(null!=l&&I(m),m.hide().eq(n).animate({opacity:"show"},o,function(){j[0]||H()})),k>=s)switch(d){case"fade":j.children().stop(!0,!0).eq(n).animate({opacity:"show"},o,B,function(){H()}).siblings().hide();break;case"fold":j.children().stop(!0,!0).eq(n).animate({opacity:"show"},o,B,function(){H()}).siblings().animate({opacity:"hide"},o,B);break;case"top":j.stop(!0,!1).animate({top:-n*r*x},o,B,function(){H()});break;case"left":j.stop(!0,!1).animate({left:-n*r*y},o,B,function(){H()});break;case"leftLoop":0>b?j.stop(!0,!0).animate({left:-(k-p)*y},o,B,function(){for(var a=0;p>a;a++)j.children().last().prependTo(j);j.css("left",-k*y),H()}):j.stop(!0,!0).animate({left:-(k+p)*y},o,B,function(){for(var a=0;p>a;a++)j.children().first().appendTo(j);j.css("left",-k*y),H()});break;case"topLoop":0>b?j.stop(!0,!0).animate({top:-(k-p)*x},o,B,function(){for(var a=0;p>a;a++)j.children().last().prependTo(j);j.css("top",-k*x),H()}):j.stop(!0,!0).animate({top:-(k+p)*x},o,B,function(){for(var a=0;p>a;a++)j.children().first().appendTo(j);j.css("top",-k*x),H()});break;case"leftMarquee":var q=j.css("left").replace("px","");0==n?j.animate({left:++q},0,function(){if(j.css("left").replace("px","")>=0){for(var a=0;k>a;a++)j.children().last().prependTo(j);j.css("left",-k*y)}}):j.animate({left:--q},0,function(){if(2*-k*y>=j.css("left").replace("px","")){for(var a=0;k>a;a++)j.children().first().appendTo(j);j.css("left",-k*y)}});break;case"topMarquee":var t=j.css("top").replace("px","");0==n?j.animate({top:++t},0,function(){if(j.css("top").replace("px","")>=0){for(var a=0;k>a;a++)j.children().last().prependTo(j);j.css("top",-k*x)}}):j.animate({top:--t},0,function(){if(2*-k*x>=j.css("top").replace("px","")){for(var a=0;k>a;a++)j.children().first().appendTo(j);j.css("top",-k*x)}})}h.removeClass(c.titOnClassName).eq(n).addClass(c.titOnClassName),D=n,0==w&&(f.removeClass("nextStop"),e.removeClass("prevStop"),0==n?e.addClass("prevStop"):n==i-1&&f.addClass("nextStop")),g.html("<span>"+(n+1)+"</span>/"+i)}};J(!0),t&&("leftMarquee"==d||"topMarquee"==d?(u?n--:n++,C=setInterval(J,p),j.hover(function(){t&&clearInterval(C)},function(){t&&(clearInterval(C),C=setInterval(J,p))})):(C=setInterval(function(){u?n--:n++,J()},p),a(this).hover(function(){t&&clearInterval(C)},function(){t&&(clearInterval(C),C=setInterval(function(){u?n--:n++,J()},p))})));var K;"mouseover"==c.trigger?h.hover(function(){n=h.index(this),K=window.setTimeout(J,c.triggerTime)},function(){clearTimeout(K)}):h.click(function(){n=h.index(this),J()}),f.click(function(){(1==w||n!=i-1)&&(n++,J())}),e.click(function(){(1==w||0!=n)&&(n--,J())})})}})(jQuery),jQuery.easing.jswing=jQuery.easing.swing,jQuery.extend(jQuery.easing,{def:"easeOutQuad",swing:function(a,b,c,d,e){return jQuery.easing[jQuery.easing.def](a,b,c,d,e)},easeInQuad:function(a,b,c,d,e){return d*(b/=e)*b+c},easeOutQuad:function(a,b,c,d,e){return-d*(b/=e)*(b-2)+c},easeInOutQuad:function(a,b,c,d,e){return 1>(b/=e/2)?d/2*b*b+c:-d/2*(--b*(b-2)-1)+c},easeInCubic:function(a,b,c,d,e){return d*(b/=e)*b*b+c},easeOutCubic:function(a,b,c,d,e){return d*((b=b/e-1)*b*b+1)+c},easeInOutCubic:function(a,b,c,d,e){return 1>(b/=e/2)?d/2*b*b*b+c:d/2*((b-=2)*b*b+2)+c},easeInQuart:function(a,b,c,d,e){return d*(b/=e)*b*b*b+c},easeOutQuart:function(a,b,c,d,e){return-d*((b=b/e-1)*b*b*b-1)+c},easeInOutQuart:function(a,b,c,d,e){return 1>(b/=e/2)?d/2*b*b*b*b+c:-d/2*((b-=2)*b*b*b-2)+c},easeInQuint:function(a,b,c,d,e){return d*(b/=e)*b*b*b*b+c},easeOutQuint:function(a,b,c,d,e){return d*((b=b/e-1)*b*b*b*b+1)+c},easeInOutQuint:function(a,b,c,d,e){return 1>(b/=e/2)?d/2*b*b*b*b*b+c:d/2*((b-=2)*b*b*b*b+2)+c},easeInSine:function(a,b,c,d,e){return-d*Math.cos(b/e*(Math.PI/2))+d+c},easeOutSine:function(a,b,c,d,e){return d*Math.sin(b/e*(Math.PI/2))+c},easeInOutSine:function(a,b,c,d,e){return-d/2*(Math.cos(Math.PI*b/e)-1)+c},easeInExpo:function(a,b,c,d,e){return 0==b?c:d*Math.pow(2,10*(b/e-1))+c},easeOutExpo:function(a,b,c,d,e){return b==e?c+d:d*(-Math.pow(2,-10*b/e)+1)+c},easeInOutExpo:function(a,b,c,d,e){return 0==b?c:b==e?c+d:1>(b/=e/2)?d/2*Math.pow(2,10*(b-1))+c:d/2*(-Math.pow(2,-10*--b)+2)+c},easeInCirc:function(a,b,c,d,e){return-d*(Math.sqrt(1-(b/=e)*b)-1)+c},easeOutCirc:function(a,b,c,d,e){return d*Math.sqrt(1-(b=b/e-1)*b)+c},easeInOutCirc:function(a,b,c,d,e){return 1>(b/=e/2)?-d/2*(Math.sqrt(1-b*b)-1)+c:d/2*(Math.sqrt(1-(b-=2)*b)+1)+c},easeInElastic:function(a,b,c,d,e){var f=1.70158,g=0,h=d;if(0==b)return c;if(1==(b/=e))return c+d;if(g||(g=.3*e),Math.abs(d)>h){h=d;var f=g/4}else var f=g/(2*Math.PI)*Math.asin(d/h);return-(h*Math.pow(2,10*(b-=1))*Math.sin((b*e-f)*2*Math.PI/g))+c},easeOutElastic:function(a,b,c,d,e){var f=1.70158,g=0,h=d;if(0==b)return c;if(1==(b/=e))return c+d;if(g||(g=.3*e),Math.abs(d)>h){h=d;var f=g/4}else va <truncated>
文件名 l0[1].gif
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\l0[1].gif
文件大小 1061 字节
文件类型 GIF image data, version 89a, 24 x 88
MD5 a568ce9a9f2d4f5b16037c314e666e56
SHA1 738b92632b0a9789a9eb568b8d101eb64f55f6e0
SHA256 1cdee25bbaeae624cf1cd52ea445fe6e1e08f7ab6135ee78bc31274609ea1032
CRC32 F9BA5DD6
Ssdeep 24:HVtZ3H23iow8Al2u2/ygE9j7ohvZjXtpzdcl1GCyxj0P:HVtZ3zow8Dul9jCZjTzdK1G/xj0P
下载提交魔盾安全分析
文件名 597767b9-c25d-4b71-b123-e6c587cec219[1].jpg
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\597767b9-c25d-4b71-b123-e6c587cec219[1].jpg
文件大小 55925 字节
文件类型 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 622x416, frames 3
MD5 26f8e77c6b51ae6d704a48af0933c05b
SHA1 7275e408f1c43907241ca30a2554d5615f1ddf21
SHA256 dd3e6fbed485f8b7ee1c9688db8e0e1bb4dc91dbfa3c4ce4b33586acfe92bb98
CRC32 B8B9A15D
Ssdeep 1536:zwmQ7xtcebU2y8oXPLrt1hsC/C/CRqEtBejkVAvP61ZfV5:EmWxt0woXPXt1hsCKDEOjkg2ZfV5
下载提交魔盾安全分析
文件名 share[1].js
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\share[1].js
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\share[2].js
文件大小 17305 字节
文件类型 ASCII text, with very long lines, with no line terminators
MD5 34789c2f7429b322f95b4c1fa8375778
SHA1 10cf3cfe6327bcc451f9af062c59d6d93e612780
SHA256 0fc0f2c35018b7c54e4c76b701ded43ea1cac8fd047c2a4d65e3a91cb56b6688
CRC32 38162B9F
Ssdeep 384:wbRpiiwqRysuDwVVduSLTSvH4Pbd/WyMBNiSfy98W7E:wDiiDyscgVduSLTSvYPRWySM7E
Yara
  • Rule to detect the no presence of any attachment
  • Rule to detect the no presence of any image
  • Rule to detect the presence of an or several urls
下载提交魔盾安全分析显示文本
window._bd_share_main?window._bd_share_is_recently_loaded=!0:(window._bd_share_is_recently_loaded=!1,window._bd_share_main={version:"2.0",jscfg:{domain:{staticUrl:"http://bdimg.share.baidu.com/"}}}),!window._bd_share_is_recently_loaded&&(window._bd_share_main.F=window._bd_share_main.F||function(e,t){function r(e,t){if(e instanceof Array){for(var n=0,r=e.length;n<r;n++)if(t.call(e[n],e[n],n)===!1)return}else for(var n in e)if(e.hasOwnProperty(n)&&t.call(e[n],e[n],n)===!1)return}function i(e,t){this.svnMod="",this.name=null,this.path=e,this.fn=null,this.exports={},this._loaded=!1,this._requiredStack=[],this._readyStack=[],i.cache[this.path]=this;if(t&&t.charAt(0)!=="."){var n=t.split(":");n.length>1?(this.svnMod=n[0],this.name=n[1]):this.name=t}this.svnMod||(this.svnMod=this.path.split("/js/")[0].substr(1)),this.type="js",this.getKey=function(){return this.svnMod+":"+this.name},this._info={}}function o(e,t){var n=t=="css",r=document.createElement(n?"link":"script");return r}function u(t,n,r,i){function c(){c.isCalled||(c.isCalled=!0,clearTimeout(l),r&&r())}var s=o(t,n);s.nodeName==="SCRIPT"?a(s,c):f(s,c);var l=setTimeout(function(){throw new Error("load "+n+" timeout : "+t)},e._loadScriptTimeout||1e4),h=document.getElementsByTagName("head")[0];n=="css"?(s.rel="stylesheet",s.href=t,h.appendChild(s)):(s.type="text/javascript",s.src=t,h.insertBefore(s,h.firstChild))}function a(e,t){e.onload=e.onerror=e.onreadystatechange=function(){if(/loaded|complete|undefined/.test(e.readyState)){e.onload=e.onerror=e.onreadystatechange=null;if(e.parentNode){e.parentNode.removeChild(e);try{if(e.clearAttributes)e.clearAttributes();else for(var n in e)delete e[n]}catch(r){}}e=undefined,t&&t()}}}function f(e,t){e.attachEvent?e.attachEvent("onload",t):setTimeout(function(){l(e,t)},0)}function l(e,t){if(t&&t.isCalled)return;var n,r=navigator.userAgent,i=~r.indexOf("AppleWebKit"),s=~r.indexOf("Opera");if(i||s)e.sheet&&(n=!0);else if(e.sheet)try{e.sheet.cssRules&&(n=!0)}catch(o){if(o.name==="SecurityError"||o.name==="NS_ERROR_DOM_SECURITY_ERR")n=!0}setTimeout(function(){n?t&&t():l(e,t)},1)}var n="api";e.each=r,i.currentPath="",i.loadedPaths={},i.loadingPaths={},i.cache={},i.paths={},i.handlers=[],i.moduleFileMap={},i.requiredPaths={},i.lazyLoadPaths={},i.services={},i.isPathsLoaded=function(e){var t=!0;return r(e,function(e){if(!(e in i.loadedPaths))return t=!1}),t},i.require=function(e,t){e.search(":")<0&&(t||(t=n,i.currentPath&&(t=i.currentPath.split("/js/")[0].substr(1))),e=t+":"+e);var r=i.get(e,i.currentPath);if(r.type=="css")return;if(r){if(!r._inited){r._inited=!0;var s,o=r.svnMod;if(s=r.fn.call(null,function(e){return i.require(e,o)},r.exports,new h(r.name,o)))r.exports=s}return r.exports}throw new Error('Module "'+e+'" not found!')},i.baseUrl=t?t[t.length-1]=="/"?t:t+"/":"/",i.getBasePath=function(e){var t,n;return(n=e.indexOf("/"))!==-1&&(t=e.slice(0,n)),t&&t in i.paths?i.paths[t]:i.baseUrl},i.getJsPath=function(t,r){if(t.charAt(0)==="."){r=r.replace(/\/[^\/]+\/[^\/]+$/,""),t.search("./")===0&&(t=t.substr(2));var s=0;t=t.replace(/^(\.\.\/)+/g,function(e){return s=e.length/3,""});while(s>0)r=r.substr(0,r.lastIndexOf("/")),s--;return r+"/"+t+"/"+t.substr(t.lastIndexOf("/")+1)+".js"}var o,u,a,f,l,c;if(t.search(":")>=0){var h=t.split(":");o=h[0],t=h[1]}else r&&(o=r.split("/")[1]);o=o||n;var p=/\.css(?:\?|$)/i.test(t);p&&e._useConfig&&i.moduleFileMap[o][t]&&(t=i.moduleFileMap[o][t]);var t=l=t,d=i.getBasePath(t);return(a=t.indexOf("/"))!==-1&&(u=t.slice(0,a),f=t.lastIndexOf("/"),l=t.slice(f+1)),u&&u in i.paths&&(t=t.slice(a+1)),c=d+o+"/js/"+t+".js",c},i.get=function(e,t){var n=i.getJsPath(e,t);return i.cache[n]?i.cache[n]:new i(n,e)},i.prototype={load:function(){i.loadingPaths[this.path]=!0;var t=this.svnMod||n,r=window._bd_share_main.jscfg.domain.staticUrl+"static/"+t+"/",o=this,u=/\.css(?:\?|$)/i.test(this.name);this.type=u?"css":"js";var a="/"+this.type+"/"+i.moduleFileMap[t][this.name];e._useConfig&&i.moduleFileMap[t][this.name]?r+=this.type+"/"+i.moduleFileMap[t][this.name]:r+=this.type+"/"+this.name+(u?"":".js");if(e._firstScreenCSS.indexOf(this.name)>0||e._useConfig&&a==e._firstScreenJS)o._loaded=!0,o.ready();else{var f=(new Date).getTime();s.create({src:r,type:this.type,loaded:function(){o._info.loadedTime=(new Date).getTime()-f,o.type=="css"&&(o._loaded=!0,o.ready())}})}},lazyLoad:function(){var e=this.name;if(i.lazyLoadPaths[this.getKey()])this.define(),delete i.lazyLoadPaths[this.getKey()];else{if(this.exist())return;i.requiredPaths[this.getKey()]=!0,this.load()}},ready:function(e,t){var n=t?this._requiredStack:this._readyStack;if(e)this._loaded?e():n.push(e);else{i.loadedPaths[this.path]=!0,delete i.loadingPaths[this.path],this._loaded=!0,i.currentPath=this.path;if(this._readyStack&&this._readyStack.length>0){this._inited=!0;var s,o=this.svnMod;this.fn&&(s=this.fn.call(null,function(e){return i.require(e,o)},this.exports,new h(this.name,o)))&&(this.exports=s),r(this._readyStack,function(e){e()}),delete this._readyStack}this._requiredStack&&this._requiredStack.length>0&&(r(this._requiredStack,function(e){e()}),delete this._requiredStack)}},define:function(){var e=this,t=this.deps,n=this.path,s=[];t||(t=this.getDependents()),t.length?(r(t,function(t){s.push(i.getJsPath(t,e.path))}),r(t,function(t){var n=i.get(t,e.path);n.ready(function(){i.isPathsLoaded(s)&&e.ready()},!0),n.lazyLoad()})):this.ready()},exist:function(){var e=this.path;return e in i.loadedPaths||e in i.loadingPaths},getDependents:function(){var e=this,t=this.fn.toString(),n=t.match(/function\s*\(([^,]*),/i),i=new RegExp("[^.]\\b"+n[1]+"\\(\\s*('|\")([^()\"']*)('|\")\\s*\\)","g"),s=t.match(i),o=[];return s&&r(s,function(e,t){o[t]=e.substr(n[1].length+3).slice(0,-2)}),o}};var s={create:function(e){var t=e.src;if(t in this._paths)return;this._paths[t]=!0,r(this._rules,function(e){t=e.call(null,t)}),u(t,e.type,e.loaded)},_paths:{},_rules:[],addPathRule:function(e){this._rules.push(e)}};e.version="1.0",e.use=function(e,t){typeof e=="string"&&(e=[e]);var n=[],s=[];r(e,function(e,t){s[t]=!1}),r(e,function(e,o){var u=i.get(e),a=u._loaded;u.ready(function(){var e=u.exports||{};e._INFO=u._info,e._INFO&&(e._INFO.isNew=!a),n[o]=e,s[o]=!0;var i=!0;r(s,function(e){if(e===!1)return i=!1}),t&&i&&t.apply(null,n)}),u.lazyLoad()})},e.module=function(e,t,n){var r=i.get(e);r.fn=t,r.deps=n,i.requiredPaths[r.getKey()]?r.define():i.lazyLoadPaths[r.getKey()]=!0},e.pathRule=function(e){s.addPathRule(e)},e._addPath=function(e,t){t.slice(-1)!=="/"&&(t+="/");if(e in i.paths)throw new Error(e+" has already in Module.paths");i.paths[e]=t};var c=n;e._setMod=function(e){c=e||n},e._fileMap=function(t,n){if(typeof t=="object")r(t,function(t,n){e._fileMap(n,t)});else{var s=c;typeof n=="string"&&(n=[n]),t=t.indexOf("js/")==1?t.substr(4):t,t=t.indexOf("css/")==1?t.substr(5):t;var o=i.moduleFileMap[s];o||(o={}),r(n,function(e){o[e]||(o[e]=t)}),i.moduleFileMap[s]=o}},e._eventMap={},e.call=function(t,n,r){var i=[];for(var s=2,o=arguments.length;s<o;s++)i.push(arguments[s]);e.use(t,function(e){var t=n.split(".");for(var r=0,s=t.length;r<s;r++)e=e[t[r]];e&&e.apply(this,i)})},e._setContext=function(e){typeof e=="object"&&r(e,function(e,t){h.prototype[t]=i.require(e)})},e._setContextMethod=function(e,t){h.prototype[e]=t};var h=function(e,t){this.modName=e,this.svnMod=t};return h.prototype={domain:window._bd_share_main.jscfg.domain,use:function(t,n){typeof t=="string"&&(t=[t]);for(var r=t.length-1;r>=0;r--)t[r]=this.svnMod+":"+t[r];e.use(t,n)}},e._Context=h,e.addLog=function(t,n){e.use("lib/log",function(e){e.defaultLog(t,n)})},e.fire=function(t,n,r){e.use("lib/mod_evt",function(e){e.fire(t,n,r)})},e._defService=function(e,t){if(e){var n=i.services[e];n=n||{},r(t,function(e,t){n[t]=e}),i.services[e]=n}},e.getService=function(t,n,r){var s=i.services[t];if(!s)throw new Error(t+" mod didn't define any services");var o=s[n];if(!o)throw new Error(t+" mod didn't provide service "+n);e.use(t+":"+o,r)},e}({})),!window._bd_share_is_recently_loaded&&window._bd_share_main.F.module("base/min_tangram",function(e,t){var n={};n.each=function(e,t,n){var r,i,s,o=e.length;if("function"==typeof t)for(s=0;s<o;s++){i=e[s],r=t.call(n||e,s,i);if(r===!1) <truncated>
文件名 jquery1.3.2[1].js
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\jquery1.3.2[1].js
文件大小 57254 字节
文件类型 ASCII text, with very long lines
MD5 bb381e2d19d8eace86b34d20759491a5
SHA1 3dc9f7c2642efff4482e68c9d9df874bf98f5bcb
SHA256 c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
CRC32 0C090BCF
Ssdeep 1536:+vnXSI+9Escogo5uW8xbm5sIacSs0DEHUjnqTDUBu6VCdZWa:w8gdzIF0oDUstZX
Yara
  • Rule to detect the no presence of any attachment
  • Rule to detect the no presence of any image
  • Rule to detect the presence of an or several urls
下载提交魔盾安全分析显示文本
/*
 * jQuery JavaScript Library v1.3.2
 * http://jquery.com/
 *
 * Copyright (c) 2009 John Resig
 * Dual licensed under the MIT and GPL licenses.
 * http://docs.jquery.com/License
 *
 * Date: 2009-02-19 17:34:21 -0500 (Thu, 19 Feb 2009)
 * Revision: 6246
 */
(function(){var l=this,g,y=l.jQuery,p=l.$,o=l.jQuery=l.$=function(E,F){return new o.fn.init(E,F)},D=/^[^<]*(<(.|\s)+>)[^>]*$|^#([\w-]+)$/,f=/^.[^:#\[\.,]*$/;o.fn=o.prototype={init:function(E,H){E=E||document;if(E.nodeType){this[0]=E;this.length=1;this.context=E;return this}if(typeof E==="string"){var G=D.exec(E);if(G&&(G[1]||!H)){if(G[1]){E=o.clean([G[1]],H)}else{var I=document.getElementById(G[3]);if(I&&I.id!=G[3]){return o().find(E)}var F=o(I||[]);F.context=document;F.selector=E;return F}}else{return o(H).find(E)}}else{if(o.isFunction(E)){return o(document).ready(E)}}if(E.selector&&E.context){this.selector=E.selector;this.context=E.context}return this.setArray(o.isArray(E)?E:o.makeArray(E))},selector:"",jquery:"1.3.2",size:function(){return this.length},get:function(E){return E===g?Array.prototype.slice.call(this):this[E]},pushStack:function(F,H,E){var G=o(F);G.prevObject=this;G.context=this.context;if(H==="find"){G.selector=this.selector+(this.selector?" ":"")+E}else{if(H){G.selector=this.selector+"."+H+"("+E+")"}}return G},setArray:function(E){this.length=0;Array.prototype.push.apply(this,E);return this},each:function(F,E){return o.each(this,F,E)},index:function(E){return o.inArray(E&&E.jquery?E[0]:E,this)},attr:function(F,H,G){var E=F;if(typeof F==="string"){if(H===g){return this[0]&&o[G||"attr"](this[0],F)}else{E={};E[F]=H}}return this.each(function(I){for(F in E){o.attr(G?this.style:this,F,o.prop(this,E[F],G,I,F))}})},css:function(E,F){if((E=="width"||E=="height")&&parseFloat(F)<0){F=g}return this.attr(E,F,"curCSS")},text:function(F){if(typeof F!=="object"&&F!=null){return this.empty().append((this[0]&&this[0].ownerDocument||document).createTextNode(F))}var E="";o.each(F||this,function(){o.each(this.childNodes,function(){if(this.nodeType!=8){E+=this.nodeType!=1?this.nodeValue:o.fn.text([this])}})});return E},wrapAll:function(E){if(this[0]){var F=o(E,this[0].ownerDocument).clone();if(this[0].parentNode){F.insertBefore(this[0])}F.map(function(){var G=this;while(G.firstChild){G=G.firstChild}return G}).append(this)}return this},wrapInner:function(E){return this.each(function(){o(this).contents().wrapAll(E)})},wrap:function(E){return this.each(function(){o(this).wrapAll(E)})},append:function(){return this.domManip(arguments,true,function(E){if(this.nodeType==1){this.appendChild(E)}})},prepend:function(){return this.domManip(arguments,true,function(E){if(this.nodeType==1){this.insertBefore(E,this.firstChild)}})},before:function(){return this.domManip(arguments,false,function(E){this.parentNode.insertBefore(E,this)})},after:function(){return this.domManip(arguments,false,function(E){this.parentNode.insertBefore(E,this.nextSibling)})},end:function(){return this.prevObject||o([])},push:[].push,sort:[].sort,splice:[].splice,find:function(E){if(this.length===1){var F=this.pushStack([],"find",E);F.length=0;o.find(E,this[0],F);return F}else{return this.pushStack(o.unique(o.map(this,function(G){return o.find(E,G)})),"find",E)}},clone:function(G){var E=this.map(function(){if(!o.support.noCloneEvent&&!o.isXMLDoc(this)){var I=this.outerHTML;if(!I){var J=this.ownerDocument.createElement("div");J.appendChild(this.cloneNode(true));I=J.innerHTML}return o.clean([I.replace(/ jQuery\d+="(?:\d+|null)"/g,"").replace(/^\s*/,"")])[0]}else{return this.cloneNode(true)}});if(G===true){var H=this.find("*").andSelf(),F=0;E.find("*").andSelf().each(function(){if(this.nodeName!==H[F].nodeName){return}var I=o.data(H[F],"events");for(var K in I){for(var J in I[K]){o.event.add(this,K,I[K][J],I[K][J].data)}}F++})}return E},filter:function(E){return this.pushStack(o.isFunction(E)&&o.grep(this,function(G,F){return E.call(G,F)})||o.multiFilter(E,o.grep(this,function(F){return F.nodeType===1})),"filter",E)},closest:function(E){var G=o.expr.match.POS.test(E)?o(E):null,F=0;return this.map(function(){var H=this;while(H&&H.ownerDocument){if(G?G.index(H)>-1:o(H).is(E)){o.data(H,"closest",F);return H}H=H.parentNode;F++}})},not:function(E){if(typeof E==="string"){if(f.test(E)){return this.pushStack(o.multiFilter(E,this,true),"not",E)}else{E=o.multiFilter(E,this)}}var F=E.length&&E[E.length-1]!==g&&!E.nodeType;return this.filter(function(){return F?o.inArray(this,E)<0:this!=E})},add:function(E){return this.pushStack(o.unique(o.merge(this.get(),typeof E==="string"?o(E):o.makeArray(E))))},is:function(E){return !!E&&o.multiFilter(E,this).length>0},hasClass:function(E){return !!E&&this.is("."+E)},val:function(K){if(K===g){var E=this[0];if(E){if(o.nodeName(E,"option")){return(E.attributes.value||{}).specified?E.value:E.text}if(o.nodeName(E,"select")){var I=E.selectedIndex,L=[],M=E.options,H=E.type=="select-one";if(I<0){return null}for(var F=H?I:0,J=H?I+1:M.length;F<J;F++){var G=M[F];if(G.selected){K=o(G).val();if(H){return K}L.push(K)}}return L}return(E.value||"").replace(/\r/g,"")}return g}if(typeof K==="number"){K+=""}return this.each(function(){if(this.nodeType!=1){return}if(o.isArray(K)&&/radio|checkbox/.test(this.type)){this.checked=(o.inArray(this.value,K)>=0||o.inArray(this.name,K)>=0)}else{if(o.nodeName(this,"select")){var N=o.makeArray(K);o("option",this).each(function(){this.selected=(o.inArray(this.value,N)>=0||o.inArray(this.text,N)>=0)});if(!N.length){this.selectedIndex=-1}}else{this.value=K}}})},html:function(E){return E===g?(this[0]?this[0].innerHTML.replace(/ jQuery\d+="(?:\d+|null)"/g,""):null):this.empty().append(E)},replaceWith:function(E){return this.after(E).remove()},eq:function(E){return this.slice(E,+E+1)},slice:function(){return this.pushStack(Array.prototype.slice.apply(this,arguments),"slice",Array.prototype.slice.call(arguments).join(","))},map:function(E){return this.pushStack(o.map(this,function(G,F){return E.call(G,F,G)}))},andSelf:function(){return this.add(this.prevObject)},domManip:function(J,M,L){if(this[0]){var I=(this[0].ownerDocument||this[0]).createDocumentFragment(),F=o.clean(J,(this[0].ownerDocument||this[0]),I),H=I.firstChild;if(H){for(var G=0,E=this.length;G<E;G++){L.call(K(this[G],H),this.length>1||G>0?I.cloneNode(true):I)}}if(F){o.each(F,z)}}return this;function K(N,O){return M&&o.nodeName(N,"table")&&o.nodeName(O,"tr")?(N.getElementsByTagName("tbody")[0]||N.appendChild(N.ownerDocument.createElement("tbody"))):N}}};o.fn.init.prototype=o.fn;function z(E,F){if(F.src){o.ajax({url:F.src,async:false,dataType:"script"})}else{o.globalEval(F.text||F.textContent||F.innerHTML||"")}if(F.parentNode){F.parentNode.removeChild(F)}}function e(){return +new Date}o.extend=o.fn.extend=function(){var J=arguments[0]||{},H=1,I=arguments.length,E=false,G;if(typeof J==="boolean"){E=J;J=arguments[1]||{};H=2}if(typeof J!=="object"&&!o.isFunction(J)){J={}}if(I==H){J=this;--H}for(;H<I;H++){if((G=arguments[H])!=null){for(var F in G){var K=J[F],L=G[F];if(J===L){continue}if(E&&L&&typeof L==="object"&&!L.nodeType){J[F]=o.extend(E,K||(L.length!=null?[]:{}),L)}else{if(L!==g){J[F]=L}}}}}return J};var b=/z-?index|font-?weight|opacity|zoom|line-?height/i,q=document.defaultView||{},s=Object.prototype.toString;o.extend({noConflict:function(E){l.$=p;if(E){l.jQuery=y}return o},isFunction:function(E){return s.call(E)==="[object Function]"},isArray:function(E){return s.call(E)==="[object Array]"},isXMLDoc:function(E){return E.nodeType===9&&E.documentElement.nodeName!=="HTML"||!!E.ownerDocument&&o.isXMLDoc(E.ownerDocument)},globalEval:function(G){if(G&&/\S/.test(G)){var F=document.getElementsByTagName("head")[0]||document.documentElement,E=document.createElement("script");E.type="text/javascript";if(o.support.scriptEval){E.appendChild(document.createTextNode(G))}else{E.text=G}F.insertBefore(E,F.firstChild);F.removeChild(E)}},nodeName:function(F,E){return F.nodeName&&F.nodeName.toUpperCase()==E.toUpperCase()},each:function(G,K,F){var E,H=0,I=G.length;if(F){if(I===g){for(E in G){if(K.apply(G[E],F)===false){break}}}else{for(;H<I;){if(K.apply(G[H++],F)===false){break}}}}else{if(I===g){for(E in G){if(K.call(G[E],E,G[E])===false){break <truncated>
文件名 6761d680-cfa7-4d5d-96b2-89acc25fef95[1].jpg
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\6761d680-cfa7-4d5d-96b2-89acc25fef95[1].jpg
文件大小 85074 字节
文件类型 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 800x533, frames 3
MD5 972fb32d4d8e124a6e966e0709fb841f
SHA1 6a466a49ce4669c3634a581b8a6627514f0f74cf
SHA256 1351d2d316c52cb8ddee15d3b5f05900ba710395880556e1f7327c9ae943e622
CRC32 76889323
Ssdeep 1536:lJNGNU6uMVp0BH3mPTSJg8SO9Z/GqF0kXecRRlh/y/LmCcS0GG1ygutrq5qEbocn:v0NU6zp0x3mPf8hBFhuolh/4LmCcsIft
下载提交魔盾安全分析
文件名 index.dat
相关文件
C:\Users\test\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
文件大小 262144 字节
文件类型 Internet Explorer cache file version Ver 5.2
MD5 fbe6ba880d1f6cadfd771536120f2c73
SHA1 34b1a30160c6c7675a5c69b62d98661ab7a494bb
SHA256 a2cdabb3fc43f2e94ca47fac764eea7819768bdf094690a6369be41fc4a5fd01
CRC32 E94B92FD
Ssdeep 768:pFFwZHojCtOlWNw3nsiMsieuugxdKOri:rFwZIjCtkWm3siMbeuugxdKoi
下载提交魔盾安全分析
文件名 index.dat
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017121520171216\index.dat
文件大小 32768 字节
文件类型 Internet Explorer cache file version Ver 5.2
MD5 d0b0339f62bdd7ced8c151f1f1e7f0fa
SHA1 488b6e7a9b48a573a62cd61fbdb1199d00fd2a41
SHA256 ca92b4bfc58a65a0c81047a7fb6c6ccbd9316690fe39c6a219ffb8f26e24a86e
CRC32 926A3AE2
Ssdeep 6:qjyxXKns3EHUD6hF4j/jRrhxcKSOk3EHUDYJF4jHBv:qjRs3QI6Tib5EKlk3QIai
下载提交魔盾安全分析
文件名 slide_api[1].js
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\slide_api[1].js
文件大小 471 字节
文件类型 ASCII text, with very long lines, with no line terminators
MD5 0cdb6ce64560b238ed230353ec14f516
SHA1 c317e3f7fec13d89178e475f26a689bb94e5aa76
SHA256 7cd7017f254e4c7bc5042047ce4e061c9232a6275b9c925ad1745f256c1f6d1f
CRC32 92C0AE95
Ssdeep 12:eE+MDOdiL9yey2XidO5A6KpMTpTIee3MujF5eQchCS:nqoAey2XQ4A6KpASH3MYHchCS
Yara
  • Rule to detect the no presence of any attachment
  • Rule to detect the no presence of any image
  • Rule to detect the no presence of any url
下载提交魔盾安全分析显示文本
window._bd_share_main.F.module("share/slide_api",function(e,t,n){var r=e("base/tangram").T,i=e("base/class").Class,s=e("share/api_base");t.Api=i.create(function(e){var t=this;t._init=function(){var e=t.getView();e.render(),e.init()},t._slidePop=function(t,n){t._popupBox=n.boxEle,t._getPosition=function(){return{top:0,left:e.bdPos=="left"?0:n.element.width()}},t.show(n,e)},t._processAction=function(e){return{data:{type:"share"}}},t._distory=function(){}},s.ApiBase)});
文件名 xdf_2[1].jpg
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\xdf_2[1].jpg
文件大小 17174 字节
文件类型 JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=509, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1024], baseline, precision 8, 1000x97, frames 3
MD5 796e280a701c98af72fdb3247589cee3
SHA1 39e7beb5bc25bcf2a874bee4c1c11825e33afa6a
SHA256 8a95695d9d4d5e8c2c07054bbae286ca911ca622df09aef346a8a573735ec1a3
CRC32 A611765E
Ssdeep 384:yPLQVCikPLQ+nJsFL7WYMHqt7naiMk07tEP:yBrhTlG7nalM
下载提交魔盾安全分析
文件名 control[1].css
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\control[1].css
文件大小 1694 字节
文件类型 assembler source, UTF-8 Unicode (with BOM) text, with CRLF line terminators
MD5 a5e51d639bf3235a8c147610a5ed9389
SHA1 2b827cfe5145febd01b999fd0a4b35e897299dcd
SHA256 62d95e1ed2f211cf70476774a3f933192dbea0df06367a251ee6ce7cba710798
CRC32 DD6166AF
Ssdeep 48:wg+TWKgzRdeddf0Nn3q5p/6FJq5p/62VbDe:dj7AQoa2LbDe
下载提交魔盾安全分析
文件名 abe48391-80db-42d8-9d3b-3f30aaaf949a[1].jpg
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\abe48391-80db-42d8-9d3b-3f30aaaf949a[1].jpg
文件大小 8461 字节
文件类型 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1632x2448, frames 3
MD5 42d12e0ab411d62a4ac24e1da63823fd
SHA1 7db46b392b050d2fc2806caa3eb8a65428d6a032
SHA256 577a8a1513db5db17d8c4f3ba67936ff41e50d854b74ab3438d010cab931b4aa
CRC32 1D8A4C99
Ssdeep 192:e1jqyKS2XjRiIPJqLugaOLwPh3f56HUwdda8tjNTBlRFkOmm:e1fKFT5PA60wf5+UwbaMjN99Hmm
下载提交魔盾安全分析
文件名 MSIMGSIZ.DAT
相关文件
C:\Users\test\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
文件大小 16384 字节
文件类型 data
MD5 408485a6a1520d267d465e1fd1288817
SHA1 dc944ad92f3366856dec8b1eec1bbb11b703a1b3
SHA256 c492ba0f00d0b93f9f88dabcf177e2676e935347c25760234eae14b9ba8711ba
CRC32 3F2E1803
Ssdeep 48:jGQ2d7BsXHWrVmqESaakad5PIy+9/8JrccjdS6gPmY4z7el:C2XHbbSrka5PIL8m4dcPez76
下载提交魔盾安全分析
文件名 qq_link[1].gif
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\qq_link[1].gif
文件大小 1022 字节
文件类型 GIF image data, version 89a, 16 x 16
MD5 12caca9223d31b489a41da0669bfd3b4
SHA1 2c79c14845d28f4a6dc3ffb9e38e49b7fbb88aba
SHA256 3ac854a77b34b6bc93b09a2c729049249b3b22909be3c6809d663d4963f980fd
CRC32 85462EF8
Ssdeep 12:mmkH9NJuQd5Y4085RgVE+Kl5DtRGGNdbqBmkjt4T25R1h8X3lyaS2wJF0q70lgS:mmkdNJuQB5RlfDSGNdbPC1e4ZJF0m0t
下载提交魔盾安全分析
文件名 {D66EA764-E06B-11E7-BBD3-525400DC3206}.dat
相关文件
C:\Users\test\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D66EA764-E06B-11E7-BBD3-525400DC3206}.dat
文件大小 61440 字节
文件类型 Composite Document File V2 Document, Cannot read section info
MD5 30ac78f6e791ec6ebd3e1097020f6204
SHA1 70e4127c01dc2547ca75172fa593cefce545fa6c
SHA256 68e3c28dd20d4b1a449e8897667bdb393d2eb736d06573a56135a7e9676916e4
CRC32 D111BA46
Ssdeep 768:WGJd0//pCJw0IjUfvSpt1gFbedtFjNJp9pO+0+3/TXzYPo3Mcp9x5MiwMaMbjLi6:w8yjsfbevzJp9pO1+/IPoVF5rwa
下载提交魔盾安全分析
文件名 jcarousellite[1].js
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\jcarousellite[1].js
文件大小 15071 字节
文件类型 ISO-8859 text, with CRLF line terminators
MD5 cc046a7d11e392f6fcc1eb553457f2a8
SHA1 1571546f49f67b6d4fae4b9dafd87d84a2ad6878
SHA256 1beb897fb4955b27044fc81e01445b0eb9892a9ac5275e720779ccdc8897a9d2
CRC32 0E6D8E78
Ssdeep 384:VE5jGkT3edNCCi3583GeGp9Jxi/ogw4SE0:VGjGkT3edni3m3G1p5eogw4P0
Yara
  • Rule to detect the no presence of any attachment
  • Rule to detect the presence of an or several images
  • Rule to detect the presence of an or several urls
下载提交魔盾安全分析
文件名 index.dat
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017121420171215\index.dat
文件大小 32768 字节
文件类型 Internet Explorer cache file version Ver 5.2
MD5 31f3cccbbf522ee74ce56932962d97f4
SHA1 6150ca78c57d86a74a3346de19501a7dae6adb2d
SHA256 20f076591cc3a08f32a4c5af25f4feb11b8a176b66ed355503f9cae14dbc6080
CRC32 835B0BE0
Ssdeep 6:qjyxXK7tx0L3WWVFXjubl/jRKMRu8qcbIO73WWbFXjublHBv:qjRX0L3XvzklbUSbd73Xhzkl
下载提交魔盾安全分析
文件名 b5d7c8d9-f188-4ce5-bf8b-f46cb33aacb3[1].jpg
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\b5d7c8d9-f188-4ce5-bf8b-f46cb33aacb3[1].jpg
文件大小 19620 字节
文件类型 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 377x340, frames 3
MD5 d95da5a4981c76736c78c5ce4d656bdc
SHA1 32a79c569f2596e6ec7b5e8f50282628cdc37f2b
SHA256 f0cd054f61b516dffe388425ad79dcafefa57efa064a8268713a885ba9927fd2
CRC32 C49899C1
Ssdeep 384:Npa0A/a6zuYFkNogFlW+OLkwgxWY6Va5Xd0QgsrCaJWkfwD+w3G:pA/YYFurHbOLmKwd0Jsrb6+X
下载提交魔盾安全分析
HTML 总结报告
(需15-60分钟同步)
下载

Processing ( 73.289 seconds )

  • 34.32 NetworkAnalysis
  • 14.133 BehaviorAnalysis
  • 12.886 Suricata
  • 9.847 Dropped
  • 1.332 VirusTotal
  • 0.62 Static
  • 0.098 AnalysisInfo
  • 0.05 Debug
  • 0.003 Memory

Signatures ( 10.83 seconds )

  • 4.332 md_url_bl
  • 1.934 md_bad_drop
  • 0.675 stealth_timeout
  • 0.657 api_spamming
  • 0.307 antiav_detectreg
  • 0.259 dridex_behavior
  • 0.159 stealth_network
  • 0.138 dead_connect
  • 0.131 antivm_generic_disk
  • 0.124 mimics_filetime
  • 0.123 webmail_phish
  • 0.113 infostealer_ftp
  • 0.111 stealth_file
  • 0.103 antivm_generic_scsi
  • 0.099 virus
  • 0.086 bootkit
  • 0.069 secure_login_phish
  • 0.064 infostealer_im
  • 0.062 hancitor_behavior
  • 0.062 generic_phish
  • 0.062 antianalysis_detectreg
  • 0.06 hawkeye_behavior
  • 0.055 antivm_generic_services
  • 0.052 infostealer_browser_password
  • 0.049 antisandbox_sleep
  • 0.043 heapspray_js
  • 0.043 md_domain_bl
  • 0.042 kazybot_behavior
  • 0.038 antiav_detectfile
  • 0.036 infostealer_mail
  • 0.029 virtualcheck_js
  • 0.027 infostealer_bitcoin
  • 0.023 antiemu_wine_func
  • 0.023 vawtrak_behavior
  • 0.02 ipc_namedpipe
  • 0.02 ispy_behavior
  • 0.019 betabot_behavior
  • 0.019 shifu_behavior
  • 0.019 kovter_behavior
  • 0.019 geodo_banking_trojan
  • 0.017 ransomware_message
  • 0.017 kibex_behavior
  • 0.016 infostealer_browser
  • 0.015 stack_pivot
  • 0.015 clickfraud_cookies
  • 0.015 antivm_vbox_files
  • 0.015 antivm_xen_keys
  • 0.015 darkcomet_regkeys
  • 0.015 ransomware_extensions
  • 0.014 antivm_parallels_keys
  • 0.013 antidbg_windows
  • 0.012 andromeda_behavior
  • 0.012 persistence_autorun
  • 0.012 ransomware_files
  • 0.011 antivm_vbox_libs
  • 0.01 injection_createremotethread
  • 0.01 securityxploded_modules
  • 0.01 antivm_generic_diskreg
  • 0.009 sets_autoconfig_url
  • 0.009 recon_fingerprint
  • 0.008 antiav_avast_libs
  • 0.008 rat_luminosity
  • 0.007 Locky_behavior
  • 0.007 injection_runpe
  • 0.007 silverlight_js
  • 0.007 cryptowall_behavior
  • 0.006 antisandbox_sunbelt_libs
  • 0.006 java_js
  • 0.006 antivm_vmware_events
  • 0.006 js_phish
  • 0.006 antidbg_devices
  • 0.006 antisandbox_productid
  • 0.005 internet_dropper
  • 0.005 network_tor
  • 0.005 network_anomaly
  • 0.005 antiav_bitdefender_libs
  • 0.005 exec_crash
  • 0.005 disables_wfp
  • 0.005 antivm_xen_keys
  • 0.005 antivm_hyperv_keys
  • 0.005 antivm_vbox_acpi
  • 0.005 antivm_vbox_keys
  • 0.005 antivm_vmware_keys
  • 0.005 antivm_vpc_keys
  • 0.005 disables_browser_warn
  • 0.005 rat_pcclient
  • 0.004 tinba_behavior
  • 0.004 rat_nanocore
  • 0.004 disables_spdy
  • 0.004 upatre_behavior
  • 0.004 antisandbox_sboxie_libs
  • 0.004 bypass_firewall
  • 0.004 network_torgateway
  • 0.004 packer_armadillo_regkey
  • 0.003 injection_explorer
  • 0.003 kelihos_behavior
  • 0.003 dyre_behavior
  • 0.003 cerber_behavior
  • 0.003 browser_scanbox
  • 0.003 antivm_generic_bios
  • 0.003 antivm_generic_system
  • 0.003 antivm_vmware_files
  • 0.003 browser_security
  • 0.003 codelux_behavior
  • 0.003 recon_programs
  • 0.002 antivm_vmware_libs
  • 0.002 antivm_vbox_window
  • 0.002 h1n1_behavior
  • 0.002 js_suspicious_redirect
  • 0.002 antianalysis_detectfile
  • 0.002 antivm_generic_cpu
  • 0.002 sniffer_winpcap
  • 0.002 targeted_flame
  • 0.001 sundown_js
  • 0.001 ransomware_dmalocker
  • 0.001 persistence_bootexecute
  • 0.001 modifies_desktop_wallpaper
  • 0.001 chimera_behavior
  • 0.001 network_bind
  • 0.001 ursnif_behavior
  • 0.001 antisandbox_script_timer
  • 0.001 antiemu_wine_reg
  • 0.001 antisandbox_sunbelt_files
  • 0.001 antivm_vpc_files
  • 0.001 banker_cridex
  • 0.001 banker_zeus_mutex
  • 0.001 banker_zeus_url
  • 0.001 bot_drive
  • 0.001 bot_drive2
  • 0.001 browser_addon
  • 0.001 disables_system_restore
  • 0.001 disables_windows_defender
  • 0.001 downloader_cabby
  • 0.001 ie_martian_children
  • 0.001 maldun_blacklist
  • 0.001 modify_security_center_warnings
  • 0.001 modify_uac_prompt
  • 0.001 network_tor_service
  • 0.001 office_security
  • 0.001 ransomware_radamant
  • 0.001 rat_spynet
  • 0.001 stealth_hiddenreg
  • 0.001 stealth_hide_notifications
  • 0.001 whois_create

Reporting ( 1.717 seconds )

  • 1.717 ReportHTMLSummary
Task ID 122480
Mongo ID 5a31d1802e06334c282678ee
Cuckoo release 1.4-Maldun