恶意软件分析 & URL链接扫描免费在线病毒分析平台

分析任务

分析类型	虚拟机标签	开始时间	结束时间	持续时间
URL	win7-sp1-x64-hpdapp03-4	2018-07-18 01:15:39	2018-07-18 01:18:03	144 秒

魔盾分数

1.65

正常的

URL详细信息

URL
URL专业沙箱检测 -> http://www.cmdy5.com/

登录查看威胁特征

运行截图

访问主机纪录 (可点击查询WPING实时安全评级)

直接	IP	安全评级
否	121.205.7.237	中国
否	140.205.61.61	中国
否	175.6.243.35	中国
否	180.149.131.146	中国
否	180.163.251.231	中国
否	183.66.101.48	中国
否	220.168.170.35	中国
否	36.25.250.216	中国
否	58.215.145.188	中国
否	58.218.215.188	中国

域名解析 (可点击查询WPING实时安全评级)

域名	安全评级	响应
www.cmdy5.com	CNAME www.cmdy5.com.a.bdydns.com A 175.6.243.35 A 220.168.170.35 CNAME opencdn.jomodns.com
s4.cnzz.com	A 58.218.215.188 CNAME all.cnzz.com.danuoyi.tbcache.com CNAME c.cnzz.com A 58.215.145.188
c.cnzz.com
z11.cnzz.com	A 140.205.60.79 CNAME z.cnzz.com A 140.205.158.4 A 140.205.136.1 A 140.205.61.61 A 140.205.61.85 CNAME z.gds.cnzz.com A 140.205.218.67
push.zhanzhang.baidu.com	CNAME share.jomodns.com A 183.66.101.48
js.passport.qihucdn.com	A 121.205.7.237 A 36.25.250.216 CNAME 360.webcdn.qhcdn.com
s5.qhres.com
api.share.baidu.com	CNAME api.share.n.shifen.com A 180.149.131.146
s.360.cn	A 116.211.111.239 A 125.88.193.249 A 125.88.193.226 A 180.163.251.231 A 101.226.161.228 A 180.97.63.237
hm1.cnzz.com	A 140.205.218.72 CNAME hm1.cnzz.com.gds.alibabadns.com

摘要

登录查看详细行为信息

URL分析
防病毒引擎

WHOIS 信息

Name: Domain Admin
Country: US
State: MA
City: Burlington
ZIP Code: 01803
Address: 10 Corporate Drive

Orginization: Privacy Protect, LLC (PrivacyProtect.org)
Domain Name(s):
    CMDY5.COM
Creation Date:
    2016-08-12 05:51:11
Updated Date:
    2017-09-19 15:28:32
    2017-07-03 12:06:01
Expiration Date:
    2018-08-12 05:51:11
Email(s):
    abuse-contact@publicdomainregistry.com
    contact@privacyprotect.org

Registrar(s):
    PDR Ltd. d/b/a PublicDomainRegistry.com
Name Server(s):
    F1G1NS1.DNSPOD.NET
    F1G1NS2.DNSPOD.NET
    f1g1ns1.dnspod.net
    f1g1ns2.dnspod.net
Referral URL(s):
    None

防病毒引擎/厂商	网站安全分析
CLEAN MX	Clean Site
VX Vault	Clean Site
ZDB Zeus	Clean Site
Tencent	Clean Site
Netcraft	Unrated Site
desenmascara_me	Clean Site
PhishLabs	Unrated Site
Zerofox	Clean Site
K7AntiVirus	Clean Site
SecureBrain	Clean Site
Virusdie External Site Scan	Clean Site
SCUMWARE_org	Clean Site
Quttera	Clean Site
AegisLab WebGuard	Clean Site
MalwareDomainList	Clean Site
ZeusTracker	Clean Site
zvelo	Clean Site
Google Safebrowsing	Clean Site
ParetoLogic	Clean Site
Kaspersky	Unrated Site
BitDefender	Clean Site
Certly	Clean Site
G-Data	Clean Site
C-SIRT	Clean Site
OpenPhish	Clean Site
Websense ThreatSeeker	Clean Site
MalwarePatrol	Clean Site
Webutation	Clean Site
Trustwave	Clean Site
Web Security Guard	Clean Site
Dr_Web	Clean Site
ADMINUSLabs	Clean Site
Malwarebytes hpHosts	Clean Site
Opera	Clean Site
AlienVault	Clean Site
Emsisoft	Clean Site
Malc0de Database	Clean Site
Phishtank	Clean Site
Malwared	Clean Site
Avira	Clean Site
CyberCrime	Clean Site
Antiy-AVL	Clean Site
FraudSense	Clean Site
malwares_com URL checker	Clean Site
Comodo Site Inspector	Clean Site
Malekal	Clean Site
ESET	Clean Site
Sophos	Unrated Site
Yandex Safebrowsing	Clean Site
Spam404	Clean Site
Nucleon	Clean Site
Malware Domain Blocklist	Clean Site
Blueliv	Clean Site
ZCloudsec	Clean Site
AutoShun	Unrated Site
ThreatHive	Clean Site
FraudScore	Clean Site
Rising	Clean Site
URLQuery	Unrated Site
StopBadware	Unrated Site
Sucuri SiteCheck	Clean Site
Fortinet	Clean Site
ZeroCERT	Clean Site
Baidu-International	Clean Site
securolytics	Clean Site

进程树

iexplore.exe id: 1576
- iexplore.exe id: 2264

iexplore.exe, PID: 1576, 上一级进程 PID: 768

缺省注册表文件系统网络进程线程服务设备同步加密浏览器全部

iexplore.exe, PID: 2264, 上一级进程 PID: 1576

缺省注册表文件系统网络进程线程服务设备同步加密浏览器全部

下载PCAP包

访问主机纪录 (可点击查询WPING实时安全评级)

直接	IP	安全评级
否	121.205.7.237	中国
否	140.205.61.61	中国
否	175.6.243.35	中国
否	180.149.131.146	中国
否	180.163.251.231	中国
否	183.66.101.48	中国
否	220.168.170.35	中国
否	36.25.250.216	中国
否	58.215.145.188	中国
否	58.218.215.188	中国

TCP

源地址	源端口	目标地址	目标端口
192.168.122.204	49190	121.205.7.237 js.passport.qihucdn.com	80
192.168.122.204	49186	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49193	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49194	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49196	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49197	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49198	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49199	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49200	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49201	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49202	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49203	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49204	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49205	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49206	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49207	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49208	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49209	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49210	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49211	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49212	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49213	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49214	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49215	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49216	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49217	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49218	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49219	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49220	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49221	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49222	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49223	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49224	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49225	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49226	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49227	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49160	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49166	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49167	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49168	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49169	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49170	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49171	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49173	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49174	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49175	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49176	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49177	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49180	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49181	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49183	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49189	180.149.131.146 api.share.baidu.com	80
192.168.122.204	49187	183.66.101.48 push.zhanzhang.baidu.com	80
192.168.122.204	49178	220.168.170.35 www.cmdy5.com	80
192.168.122.204	49192	220.168.170.35 www.cmdy5.com	80
192.168.122.204	49188	36.25.250.216 js.passport.qihucdn.com	80
192.168.122.204	49184	58.215.145.188 s4.cnzz.com	80
192.168.122.204	49182	58.218.215.188 s4.cnzz.com	80

UDP

源地址	源端口	目标地址	目标端口
192.168.122.204	49889	192.168.122.1	53
192.168.122.204	50538	192.168.122.1	53
192.168.122.204	51233	192.168.122.1	53
192.168.122.204	52015	192.168.122.1	53
192.168.122.204	54125	192.168.122.1	53
192.168.122.204	56083	192.168.122.1	53
192.168.122.204	56618	192.168.122.1	53
192.168.122.204	58669	192.168.122.1	53
192.168.122.204	60659	192.168.122.1	53
192.168.122.204	61362	192.168.122.1	53
192.168.122.204	62304	192.168.122.1	53

域名解析 (可点击查询WPING实时安全评级)

域名	安全评级	响应
www.cmdy5.com	CNAME www.cmdy5.com.a.bdydns.com A 175.6.243.35 A 220.168.170.35 CNAME opencdn.jomodns.com
s4.cnzz.com	A 58.218.215.188 CNAME all.cnzz.com.danuoyi.tbcache.com CNAME c.cnzz.com A 58.215.145.188
c.cnzz.com
z11.cnzz.com	A 140.205.60.79 CNAME z.cnzz.com A 140.205.158.4 A 140.205.136.1 A 140.205.61.61 A 140.205.61.85 CNAME z.gds.cnzz.com A 140.205.218.67
push.zhanzhang.baidu.com	CNAME share.jomodns.com A 183.66.101.48
js.passport.qihucdn.com	A 121.205.7.237 A 36.25.250.216 CNAME 360.webcdn.qhcdn.com
s5.qhres.com
api.share.baidu.com	CNAME api.share.n.shifen.com A 180.149.131.146
s.360.cn	A 116.211.111.239 A 125.88.193.249 A 125.88.193.226 A 180.163.251.231 A 101.226.161.228 A 180.97.63.237
hm1.cnzz.com	A 140.205.218.72 CNAME hm1.cnzz.com.gds.alibabadns.com

TCP

源地址	源端口	目标地址	目标端口
192.168.122.204	49190	121.205.7.237 js.passport.qihucdn.com	80
192.168.122.204	49186	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49193	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49194	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49196	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49197	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49198	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49199	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49200	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49201	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49202	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49203	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49204	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49205	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49206	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49207	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49208	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49209	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49210	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49211	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49212	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49213	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49214	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49215	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49216	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49217	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49218	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49219	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49220	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49221	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49222	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49223	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49224	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49225	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49226	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49227	140.205.61.61 z11.cnzz.com	80
192.168.122.204	49160	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49166	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49167	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49168	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49169	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49170	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49171	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49173	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49174	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49175	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49176	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49177	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49180	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49181	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49183	175.6.243.35 www.cmdy5.com	80
192.168.122.204	49189	180.149.131.146 api.share.baidu.com	80
192.168.122.204	49187	183.66.101.48 push.zhanzhang.baidu.com	80
192.168.122.204	49178	220.168.170.35 www.cmdy5.com	80
192.168.122.204	49192	220.168.170.35 www.cmdy5.com	80
192.168.122.204	49188	36.25.250.216 js.passport.qihucdn.com	80
192.168.122.204	49184	58.215.145.188 s4.cnzz.com	80
192.168.122.204	49182	58.218.215.188 s4.cnzz.com	80

UDP

源地址	源端口	目标地址	目标端口
192.168.122.204	49889	192.168.122.1	53
192.168.122.204	50538	192.168.122.1	53
192.168.122.204	51233	192.168.122.1	53
192.168.122.204	52015	192.168.122.1	53
192.168.122.204	54125	192.168.122.1	53
192.168.122.204	56083	192.168.122.1	53
192.168.122.204	56618	192.168.122.1	53
192.168.122.204	58669	192.168.122.1	53
192.168.122.204	60659	192.168.122.1	53
192.168.122.204	61362	192.168.122.1	53
192.168.122.204	62304	192.168.122.1	53

HTTP 请求

URI	HTTP数据
URL专业沙箱检测 -> http://www.cmdy5.com/	GET / HTTP/1.1 Accept: / Referer: http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=16&ved=0CCEQfjSmJlQnJVd3JCaXFtT1lK&url=http%3A%2F%2Fwww.cmdy5.com%2F&ei=TUdkYmdsY1BvdElj&usg=AFQjREliZXVZeEtIdk9p Accept-Language: zh-cn User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/template/m1938/css/style.css	GET /template/m1938/css/style.css HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/upload/vod/2018-06/15293867351.jpg	GET /upload/vod/2018-06/15293867351.jpg HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/upload/vod/2018-06/15300265091.jpg	GET /upload/vod/2018-06/15300265091.jpg HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/upload/vod/2018-07/153101652713.jpg	GET /upload/vod/2018-07/153101652713.jpg HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/template/m1938/Images/logo.png	GET /template/m1938/Images/logo.png HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/upload/vod/2018-07/15304349861.jpg	GET /upload/vod/2018-07/15304349861.jpg HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/upload/vod/2018-06/153002596715.jpg	GET /upload/vod/2018-06/153002596715.jpg HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/upload/vod/2018-06/15295955656.jpg	GET /upload/vod/2018-06/15295955656.jpg HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/upload/vod/2018-06/15290767765.jpg	GET /upload/vod/2018-06/15290767765.jpg HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/upload/vod/2018-05/15251845165.jpg	GET /upload/vod/2018-05/15251845165.jpg HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/upload/vod/2018-05/15276051722.jpg	GET /upload/vod/2018-05/15276051722.jpg HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/upload/vod/2018-04/15238593526.jpg	GET /upload/vod/2018-04/15238593526.jpg HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/upload/vod/2017-07/14997858281.jpg	GET /upload/vod/2017-07/14997858281.jpg HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/upload/vod/2018-07/15318394353.jpg	GET /upload/vod/2018-07/15318394353.jpg HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/upload/vod/2018-06/15297665262.jpg	GET /upload/vod/2018-06/15297665262.jpg HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/upload/vod/2018-07/15318394291.jpg	GET /upload/vod/2018-07/15318394291.jpg HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/template/m1938/Images/duomi-bg.png	GET /template/m1938/Images/duomi-bg.png HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/upload/vod/2018-07/153183942518.jpg	GET /upload/vod/2018-07/153183942518.jpg HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/upload/vod/2018-07/153183942415.jpg	GET /upload/vod/2018-07/153183942415.jpg HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/template/m1938/images/duomi-bg.png	GET /template/m1938/images/duomi-bg.png HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/template/m1938/Images/p.png	GET /template/m1938/Images/p.png HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://s4.cnzz.com/z_stat.php?id=1260132971	GET /z_stat.php?id=1260132971 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: s4.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/template/m1938/Images/load.gif	GET /template/m1938/Images/load.gif HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive
URL专业沙箱检测 -> http://c.cnzz.com/core.php?web_id=1260132971&t=z	GET /core.php?web_id=1260132971&t=z HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: c.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://z11.cnzz.com/stat.htm?id=1260132971&r=&lg=zh-cn&ntime=none&cnzz_eid=1359923184-1531842449-&showp=800x600&t=%E8%8D%89%E6%B0%91%E7%94%B5%E5%BD%B1%E7%BD%91_%E6%89%8B%E6%9C%BA%E7%94%B5%E5%BD%B1%E5%85%8D%E8%B4%B9%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B&umuuid=164ac854d0845c-0031f224a72e934-26596859-75300-164ac854d17680&h=1&rnd=1968701600	GET /stat.htm?id=1260132971&r=&lg=zh-cn&ntime=none&cnzz_eid=1359923184-1531842449-&showp=800x600&t=%E8%8D%89%E6%B0%91%E7%94%B5%E5%BD%B1%E7%BD%91_%E6%89%8B%E6%9C%BA%E7%94%B5%E5%BD%B1%E5%85%8D%E8%B4%B9%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B&umuuid=164ac854d0845c-0031f224a72e934-26596859-75300-164ac854d17680&h=1&rnd=1968701600 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: z11.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://push.zhanzhang.baidu.com/push.js	GET /push.js HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: push.zhanzhang.baidu.com Connection: Keep-Alive
URL专业沙箱检测 -> http://js.passport.qihucdn.com/11.0.1.js?35d2f5ba191c08cfa7652aa8b9691c5c	GET /11.0.1.js?35d2f5ba191c08cfa7652aa8b9691c5c HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: js.passport.qihucdn.com Connection: Keep-Alive
URL专业沙箱检测 -> http://api.share.baidu.com/s.gif?l=http://www.cmdy5.com/	GET /s.gif?l=http://www.cmdy5.com/ HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: api.share.baidu.com Connection: Keep-Alive
URL专业沙箱检测 -> http://s5.qhres.com/static/ab77b6ea7f3fbf79.js	GET /static/ab77b6ea7f3fbf79.js HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: s5.qhres.com Connection: Keep-Alive
URL专业沙箱检测 -> http://www.cmdy5.com/favicon.ico	GET /favicon.ico HTTP/1.1 Accept: / Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Host: www.cmdy5.com Connection: Keep-Alive Cookie: UM_distinctid=164ac854d0845c-0031f224a72e934-26596859-75300-164ac854d17680; CNZZDATA1260132971=1359923184-1531842449-%7C1531842449
URL专业沙箱检测 -> http://www.cmdy5.com/template/m1938/Images/erweima.png	GET /template/m1938/Images/erweima.png HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.cmdy5.com Connection: Keep-Alive Cookie: UM_distinctid=164ac854d0845c-0031f224a72e934-26596859-75300-164ac854d17680; CNZZDATA1260132971=1359923184-1531842449-%7C1531842449
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2018%3A16%3A45%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2018%3A16%3A45%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A14%3A52%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A14%3A52%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A16%3A11%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A16%3A11%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A16%3A27%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A16%3A27%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A16%3A57%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A16%3A57%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A17%3A01%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A17%3A01%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A17%3A07%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A17%3A07%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A17%3A13%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A17%3A13%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A17%3A19%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A17%3A19%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A17%3A29%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A17%3A29%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A17%3A34%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A17%3A34%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A17%3A41%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A17%3A41%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A17%3A46%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A17%3A46%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A17%3A52%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A17%3A52%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A17%3A58%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A17%3A58%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A18%3A06%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A18%3A06%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A18%3A11%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A18%3A11%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A18%3A20%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A18%3A20%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A18%3A25%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A18%3A25%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A18%3A47%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A18%3A47%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A18%3A56%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A18%3A56%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A19%3A09%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A19%3A09%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A19%3A14%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A19%3A14%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A19%3A27%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A19%3A27%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A19%3A42%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A19%3A42%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A19%3A51%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A19%3A51%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A19%3A59%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A19%3A59%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A20%3A06%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A20%3A06%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A20%3A13%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A20%3A13%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A20%3A19%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A20%3A19%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A20%3A25%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A20%3A25%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A20%3A34%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A20%3A34%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A20%3A41%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A20%3A41%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive
URL专业沙箱检测 -> http://hm1.cnzz.com/heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A20%3A50%202018	GET /heatmap.gif?id=1260132971&x=398&y=319&w=780&s=800x600&b=msie%208.0&c=1&r=&a=0&p=http%3A%2F%2Fwww.cmdy5.com%2F&random=Wed%20Jul%2018%2020%3A20%3A50%202018 HTTP/1.1 Accept: / Referer: http://www.cmdy5.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: hm1.cnzz.com Connection: Keep-Alive

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

No TLS

Suricata HTTP

No Suricata HTTP

未发现网络提取文件

文件名	favicon[2].ico
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\favicon[2].ico
文件大小	16958 字节
文件类型	MS Windows icon resource - 1 icon, 64x64
MD5	013bb1bc46f2d60e673c989e155688d2
SHA1	cc5fef8c5f75875b8b86d377a19e1d3aa05a8d41
SHA256	08923e8ac0708f15ff87d1d4f4250a0f2e950daf4023c65ee436dd83bc81eee4
CRC32	38B24381
Ssdeep	192:+GfIeVuiC9DtUEqbe1yHSNn/ZLeutII4iVatWsfn5vau16nowMOmNKvrIyKirxzC:bfNuiChGEKe1tfP7ab5CuUowMOr/VQZ
	下载提交魔盾安全分析

文件名	15304349861[1].jpg
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\15304349861[1].jpg
文件大小	24216 字节
文件类型	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 270x405, frames 3
MD5	8763fb69aee2521feba2d7b2fbf277dd
SHA1	3f9038f8b8b96a5815a01747aa31981eba5effad
SHA256	6bd2014d26373eefbb38cffbfb2ad63a7d86dffbe16efcbb8701835ef0a328e3
CRC32	C9BDDB66
Ssdeep	384:z/Jpz10yMU9L63lwZheFzFD2v9XPjhJDBjyMa2syx3yAnqgbxc10vrYTAWHDs:z/Jpz+6LYwZhigv9rhlN1sY3yAnqgbK6
	下载提交魔盾安全分析

文件名	15295955656[1].jpg
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\15295955656[1].jpg
文件大小	18606 字节
文件类型	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 270x394, frames 3
MD5	c092e45218464b780f722797876cf753
SHA1	c0665dd489f5aa796416dcb3c881aa986fe13e63
SHA256	75081a54e0c1d16bf1a7b4c18971aab8d114f6df63ed0caedd84657009af69a7
CRC32	867ADD0A
Ssdeep	384:QK4TDjOtoA/ABNhFTZ0gQ4Y11Tl+Y9yN3pKM9t3Q6cv5DAXq:QXvOp4BXFTjwTld8KctArv5DAXq
	下载提交魔盾安全分析

文件名	15276051722[1].jpg
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\15276051722[1].jpg
文件大小	18660 字节
文件类型	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 270x398, frames 3
MD5	2de9c251cea28bea2a6067a6a961a4bc
SHA1	948e8c80519b229794587ebffd161e459dc79e30
SHA256	4d8cfbbdb91cce2302f95a9bc37a6ae9dbf19dba2f25ac93403fd44693ef7b16
CRC32	7D896B8F
Ssdeep	384:Uw+/ojF1vjQhC0dBuvQ+lvj/eDlaWedgTcgLG/kK:UJg18EcWj/eRISct/N
	下载提交魔盾安全分析

文件名	153002596715[1].jpg
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\153002596715[1].jpg
文件大小	15365 字节
文件类型	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 270x366, frames 3
MD5	ce8e50cf9aefb1aaa6ca70c2c275069b
SHA1	8c4c6f0230e84168a84c088bd03ee5f6291f57dc
SHA256	f5c98ae1841190d4f1a66dedec6b6d6530cf35c88dd46f12324931613f5bdbc5
CRC32	6E506A8D
Ssdeep	384:0k0pbW2DqGFFIDzloN04+T/hLtzH/msjkaSNsmnzi:0Vtl1FF6+S4+T3/6Fbnzi
	下载提交魔盾安全分析

文件名	logo[1].png
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\logo[1].png
文件大小	14877 字节
文件类型	PNG image data, 156 x 50, 8-bit/color RGBA, non-interlaced
MD5	f3601c5c529c2338b12930daeb7b72a7
SHA1	912a0c4cd29b27d569d2587553d4c4136bb0d8e8
SHA256	cc13cdc1b5c32246f0590a152be7aa3386f61d2de65eea3935c18928413b6708
CRC32	B86CC7E3
Ssdeep	384:250wb6ACaJKNPRqxBiSBVjIZE1ud/hujI9I6CuPz84pb:MRZCaJERqxUSrIUFM9aAz8k
	下载提交魔盾安全分析

文件名	p[1].png
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\p[1].png
文件大小	3703 字节
文件类型	PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced
MD5	cba129c8bd7f55015621f97ecf4e63e3
SHA1	65b820363b64d29eaa7f8fa4c84d339006a0b2e6
SHA256	38acee89b4b064c0adf5d804d4bcb86d11a64fdeed92af278c9e99cd5c4a2312
CRC32	684CC1FC
Ssdeep	96:oSMllcHitlIxv9vk7C1+I4wWHLihk/xlgbxgPnqm0bf:oSHIIHUCD4waXa1B
	下载提交魔盾安全分析

文件名	{06FDE9E4-89E5-11E8-8524-525400DA09C9}.dat
相关文件	C:\Users\test\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{06FDE9E4-89E5-11E8-8524-525400DA09C9}.dat
文件大小	5120 字节
文件类型	Composite Document File V2 Document, Cannot read section info
MD5	82aaa6dc478af92da2cea792a63189e6
SHA1	ebb447b237bd354d6da8a69add9c538c7c84d239
SHA256	d5662e69ed238431f407f3fcdeab8a2f9833114b1233f97c2f4b82d9c192acc9
CRC32	22DFD8FA
Ssdeep	24:rIYRI+p/YGunYLU/CNlVousNlVoue6ByQl:rfyGQGFU/golo1kyQl
	下载提交魔盾安全分析

文件名	ab77b6ea7f3fbf79[1].js
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\ab77b6ea7f3fbf79[1].js
文件大小	478 字节
文件类型	ASCII text, with very long lines, with no line terminators
MD5	5dd27f8f2b042194c3cdabd62fd80110
SHA1	c035036a939799d4c29b9c0f7229ae1953d03109
SHA256	928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
CRC32	2DD0834F
Ssdeep	12:24pCOYsQNe+DMuDA/rP/0+pC51JNjhwU8CDRRxLhdH1MTQSkfn:24pXL8MuDA/gzXhwSRR1H1+QSkf
Yara	Rule to detect the no presence of any image Rule to detect the no presence of any attachment Rule to detect the no presence of any url
	下载提交魔盾安全分析显示文本
(function(e){function t(e){var t=location.href,n=t.split("").reverse(),r=e.split(""),i=[];for(var s=0,o=16;s<o;s++)i.push(r[s]+(n[s]\|\|""));return i.join("")}var n=/([http\|https]:\/\/[a-zA-Z0-9\_\.]+\.so\.com)/gi,r=e.location.href;if(r&&!n.test(r)&&window.navigator.appName){var i="//s.360.cn/so/zz.gif",s=document.getElementById("sozz"),o=s.src.split("?")[1],u=t(o),a=new Image;r&&(i+="?url="+encodeURIComponent(r)),o&&(i+="&sid="+o),u&&(i+="&token="+u),o&&(a.src=i)}})(window);

文件名	core[1].php
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\core[1].php
文件大小	2807 字节
文件类型	HTML document, ASCII text, with very long lines, with CRLF line terminators
MD5	67ef462856eacf81d8276503169b25c3
SHA1	7378d9dcd1dde87cc403de04c769d0d8ebdddd67
SHA256	806c5f4ce94249772c3570077c1a9bd7e1c136c2c9eade02b0b9a13a0e27fa4d
CRC32	60E679EB
Ssdeep	48:zxAA/MwUPjwypl7D+pyVjkTBi2k+RXGfrgo+ufW+Emz7jUprCntFar5TY5FNSLGe:9awql+s8BVWtW+Em5/GY5FaGGN
	下载提交魔盾安全分析显示文本
!function(){var p,q,r,a=encodeURIComponent,b="1260132971",c="",d="",e="online_v3.php",f="z11.cnzz.com",g="1",h="text",i="z",j="站长统计",k=window["_CNZZDbridge_"+b]["bobject"],l=function(){var scripts=document.getElementsByTagName('script');for(var i=0,len=scripts.length;i<len;i++){var a,el=scripts[i];if(el.src&&(a=(/^(https?:)\/\/[\w\.\-]+\.cnzz\.com\//i).exec(el.src))){return a[1];}}return location.protocol;}(),m="1",n=l+"//online.cnzz.com/online/"+e,o=[];o.push("id="+b),o.push("h="+f),o.push("on="+a(d)),o.push("s="+a(c)),n+="?"+o.join("&"),"0"===m&&k["callRequest"]([l+"//cnzz.mmstat.com/9.gif?abc=1"]),g&&(""!==d?k["createScriptIcon"](n,"utf-8"):(q="z"==i?"http://www.cnzz.com/stat/website.php?web_id="+b:"http://quanjing.cnzz.com","pic"===h?(r=l+"//icon.cnzz.com/img/"+c+".gif",p="<a href='"+q+"' target=_blank title='"+j+"'><img border=0 hspace=0 vspace=0 src='"+r+"'></a>"):p="<a href='"+q+"' target=_blank title='"+j+"'>"+j+"</a>",k["createIcon"]([p])))}();(function(){function n(){this.c()}var p=['http://www.cmdy5.com/'],e=document,g=window,m=encodeURIComponent,q="unknow",l=null;n.prototype={c:function(){if(!1===this.d())return!1;var a;this.a(e,"mousedown",this.b);a=g.navigator.userAgent;l=e.documentElement&&0!==e.documentElement.clientHeight?e.documentElement:e.body;a=a?a.toLowerCase().replace(/-/g,""):"";for(var b="netscape;se 1.;se 2.;saayaa;360se;tencent;qqbrowser;mqqbrowser;maxthon;myie;theworld;konqueror;firefox;chrome;safari;msie 5.0;msie 5.5;msie 6.0;msie 7.0;msie 8.0;msie 9.0;msie 10.0;Mozilla;opera".split(";"), d=0;d<b.length;d+=1)if(-1!==a.indexOf(b[d])){q=b[d];break}},a:function(a,b,d){a.addEventListener?a.addEventListener(b,d,!1):a.attachEvent?a.attachEvent("on"+b,d):a["on"+b]=d},b:function(a){a\|\|(a=g[a]);var b=a.target\|\|a.srcElement;"IMG"===b.tagName&&(b=b.parentNode);var b="A"===b.tagName?1:0,d=a.which\|\|a.button,k=a.clientX;a=a.clientY;var f=g.pageYOffset\|\|l.scrollTop,k=k+(g.pageXOffset\|\|l.scrollLeft);a+=f;var f=l.clientWidth\|\|g.innerWidth,r=g.location.href,c=[];c.push("id= <truncated>

文件名	z_stat[1].php
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\z_stat[1].php
文件大小	11266 字节
文件类型	ASCII text, with very long lines
MD5	dd87cc1b8847f5fa4fee6ae4493b2956
SHA1	0fc8b24753951455868f7d5917192befad4f850f
SHA256	ab4079587eafd8ed7c15a1ef944fd33b9c071e8f2f1c043607c733dd72c4d2ec
CRC32	B82127A2
Ssdeep	192:2awufjkzCOu9xxgsoyHijK/Va2mdhqOepSIg9RA25ywADwDPL+8Lhu76BA3W:2awufjkzCOu9rho6LVaMO99KeVLp86Bx
	下载提交魔盾安全分析显示文本
(function(){var scheme=function(){var scripts=document.getElementsByTagName('script');for(var i=0,len=scripts.length;i<len;i++){var a,el=scripts[i];if(el.src&&(a=(/^(https?:)\/\/[\w\.\-]+\.cnzz\.com\//i).exec(el.src))){return a[1];}}return location.protocol;}();function k(){this.c="1260132971";this.ca="z";this.Z="";this.W="";this.Y="";this.C="1531842449";this.aa="z11.cnzz.com";this.X="";this.G="CNZZDATA"+this.c;this.F="_CNZZDbridge_"+this.c;this.P="_cnzz_CV"+this.c;this.R="CZ_UUID"+this.c;this.L="UM_distinctid";this.H="0";this.K={};this.a={};this.Aa()}function g(a, b){try{var c=[];c.push("siteid=1260132971");c.push("name="+f(a.name));c.push("msg="+f(a.message));c.push("r="+f(h.referrer));c.push("page="+f(e.location.href));c.push("agent="+f(e.navigator.userAgent));c.push("ex="+f(b));c.push("rnd="+Math.floor(2147483648*Math.random()));(new Image).src="http://jserr.cnzz.com/log.php?"+c.join("&")}catch(d){}}var h=document,e=window,f=encodeURIComponent,m=decodeURIComponent,r=unescape;k.prototype={Aa:function(){try{this.ja(),this.V(),this.wa(),this.T(),this.za(), this.w(),this.ua(),this.ta(),this.xa(),this.o(),this.sa(),this.va(),this.ya(),this.qa(),this.oa(),this.ra(),this.Ea(),e[this.F]=e[this.F]\|\|{},this.pa("_cnzz_CV")}catch(a){g(a,"i failed")}},Ca:function(){try{var a=this;e._czc={push:function(){return a.M.apply(a,arguments)}}}catch(b){g(b,"oP failed")}},oa:function(){try{var a=e._czc;if("[object Array]"==={}.toString.call(a))for(var b=0;b<a.length;b++){var c=a[b];switch(c[0]){case "_setAccount":e._cz_account="[object String]"==={}.toString.call(c[1])? c[1]:String(c[1]);break;case "_setAutoPageview":"boolean"===typeof c[1]&&(e._cz_autoPageview=c[1])}}}catch(d){g(d,"cS failed")}},Ea:function(){try{if("undefined"===typeof e._cz_account\|\|e._cz_account===this.c){e._cz_account=this.c;if("[object Array]"==={}.toString.call(e._czc))for(var a=e._czc,b=0,c=a.length;b<c;b++)this.M(a[b]);this.Ca()}}catch(d){g(d,"pP failed")}},M:function(a){try{if("[object Array]"==={}.toString.call(a))switch(a[0]){case "_trackPageview":if(a[ <truncated>

文件名	RecoveryStore.{06FDE9E3-89E5-11E8-8524-525400DA09C9}.dat
相关文件	C:\Users\test\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{06FDE9E3-89E5-11E8-8524-525400DA09C9}.dat
文件大小	3584 字节
文件类型	Composite Document File V2 Document, Cannot read section info
MD5	1205bb1e5cbea6959fe525b0d9ce25fa
SHA1	5a12af754dfbb11d4395a87d0cdc9bc40006bfe8
SHA256	6817b634dd310bc7d446ff2247791b83732852bbb35c92b63b1bbce7180b50aa
CRC32	0BC243CA
Ssdeep	12:rl0YmGF2irEg5+IaCrI017+F4/sDrEgmf+IaCy8qgQNlTqoltHtH:rIi5/P/YGv/TQNlWoltHJ
	下载提交魔盾安全分析

文件名	index.dat
相关文件	C:\Users\test\AppData\Roaming\Microsoft\Windows\IECompatCache\index.dat
文件大小	65536 字节
文件类型	Internet Explorer cache file version Ver 5.2
MD5	0ee0d92f5ad9cd4d354a120734ae8e5e
SHA1	a3d2338356b933a1240f053b89efe7f1b5e63353
SHA256	bd15c1573c53ac40e26c307c00be243ace57eb5fd0d2879349b24832d2e7a771
CRC32	36F430F7
Ssdeep	384:wEEG/+oo0M7hPfdoW7QRyUEZeluUFyvp64PBhqNLguX3/5YSHYjitk9t7sub/2Iw:wEEG/+Rg
	下载提交魔盾安全分析

文件名	load[1].gif
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\load[1].gif
文件大小	60869 字节
文件类型	GIF image data, version 89a, 250 x 350
MD5	831b08b2a704e771789e835f97e9ca25
SHA1	78df55de459ba48bd887ad5bd6963a6b85414b56
SHA256	034572b83f4ca45c4f30e0a1d5dc8b2d1a4e170a48728e59e07022d7987fbc77
CRC32	9A6A957B
Ssdeep	768:JwgYhek5Jr3z+8IXLeC/PH1eA4+LxNGVVu/j4nqHlO6Y+9rzT9jGvY0kZ56Gg6cI:Jwgee4cXq41eh+LqV1+9rg/oPlhZ2AX
	下载提交魔盾安全分析

文件名	15293867351[1].jpg
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\15293867351[1].jpg
文件大小	19710 字节
文件类型	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 270x405, frames 3
MD5	d101086c781b875184d2da3264fbb0df
SHA1	eedc45ffe8612b21ab84ab179f8124b6e4b2df2e
SHA256	afcd01d76a55dd04b1ac35e277afbad8269e197ede5372659b2f4158e4172f16
CRC32	4D632282
Ssdeep	384:zDfbbd5FmztS68MdTg2RKczyrZe30BOHjYsE3om:zDjwzt78Mdcqdp3E3P
	下载提交魔盾安全分析

文件名	15318394353[1].jpg
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\15318394353[1].jpg
文件大小	136435 字节
文件类型	PNG image data, 219 x 304, 8-bit/color RGB, non-interlaced
MD5	b88830dec05d3f2e99223d73cae6c2e0
SHA1	17acbe743c7304fd7d24b0d2a484dc3d4702cb34
SHA256	a397832b6452800225d275be64104b02e889f99f2b26c1373e9b2fd52932a066
CRC32	2B6007B9
Ssdeep	3072:CqKdmmm1VwpkT1m2OBTSavDcVWpQmClQaVP6mECd3j:4mmmfwamfZNvIwpUymXdT
	下载提交魔盾安全分析

文件名	15318394291[1].jpg
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\15318394291[1].jpg
文件大小	31837 字节
文件类型	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 270x360, frames 3
MD5	42a02c03fecaeb80751d6bb1666a8c2b
SHA1	ee60f98f53691284f46889f465babfd8f3a433af
SHA256	e67e7ae6ec04a69d5ed1c0610372cda50f8e5c9c5f6f878ff70acf7935ef3bca
CRC32	91B6DE59
Ssdeep	768:A0RD2YtcvfShOhTHiem02ECGhZ7vc/xSaflwlVGh:AEiSyBX5CGhNvExF9cYh
	下载提交魔盾安全分析

文件名	15238593526[1].jpg
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\15238593526[1].jpg
文件大小	21901 字节
文件类型	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 270x403, frames 3
MD5	5f5e07924a3f1f2241ea20ea2d24f19d
SHA1	1f3174fe3f354f35ac9b445bace3f15271404326
SHA256	ecb10e6348bbf7bbd247be518d2aed30d8df3159c5743c419096d118894b279d
CRC32	80E75C26
Ssdeep	384:5eO0Wqxhmoq2jmyhxDar3R2Totg1Wgznh9OfachQQmqq/1BxXQ2UnC0fRRKqcXOv:5L0WuEoqhyLDaDREEgThga9x982VYRR5
	下载提交魔盾安全分析

文件名	MSIMGSIZ.DAT
相关文件	C:\Users\test\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
文件大小	16384 字节
文件类型	data
MD5	fc69294ee28967ac68984e3517a14e15
SHA1	948c74b17c1a424afbece3a7e1fb834859168914
SHA256	4cf8230569e78606bb278a851066684601101888b4fd7eb52af1c8186aeac3f0
CRC32	85B7532B
Ssdeep	48:jGQhN7sXHWrVmqESaakad5PIy+9/mJrcVjdS6gPdY4z7el:CBXHbbSrka5PILmmJdcPzz76
	下载提交魔盾安全分析

文件名	style[1].css
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\style[1].css
文件大小	41654 字节
文件类型	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF, LF line terminators
MD5	b91860e7aa8c4212dfa25a879cb6589a
SHA1	45e3e6b57e541eb4a0d7652beca5e4d52598653b
SHA256	59bb4803e9b5969d550581626a50bf94cfc62a83c7059debc0b3df6e5b77fd1d
CRC32	E0E7AEE3
Ssdeep	768:AV0LJZJm/M4xiEzd8MZx9QD8JIKFnZFRYJiFkunqS9LnewnnK3pnK9U2MqxbXth/:AX1iarKXan8sU8mv1I
	下载提交魔盾安全分析

文件名	index.dat
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012018071820180719\index.dat
文件大小	32768 字节
文件类型	Internet Explorer cache file version Ver 5.2
MD5	d7ecc84350b39ae94be1cbf389b46731
SHA1	12fc52a3487d8ce72850e6390e4dda4d98c8f662
SHA256	ec2fd5cde223ee66e522f2c3fa3c08337db543a02aa7ea4eccb099c005979f5c
CRC32	6C7DBCDC
Ssdeep	6:qjyxXKEvulb3Xq/F/hDj4DC6y3oCF/hD4C6:qjREGB3XspDZ3oGpD
	下载提交魔盾安全分析

文件名	153183942415[1].jpg
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\153183942415[1].jpg
文件大小	177532 字节
文件类型	JPEG image data, baseline, precision 8, 770x1080, frames 3
MD5	0dc5fe5a07644a22058cdb51acac7933
SHA1	848b3714fc8d82bfebfd95091ce4aca9ecbb3f5d
SHA256	94b6d758ce93eb93a95d4c1beea00ac3750456984d496b5411cb4644caee0974
CRC32	0F0704DC
Ssdeep	3072:plJYOuClQV+CuEykMCCQLcG4PCC8RFv/A+3Dx/gdL9qbfoAnws5dx/Ua184tLrY:pHwC6TSkMqcDcx/A+3M9qPwuXtLrY
	下载提交魔盾安全分析

文件名	153183942518[1].jpg
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\153183942518[1].jpg
文件大小	224570 字节
文件类型	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, extended sequential, precision 8, 770x1080, frames 3
MD5	aac9c50b1c33a28939bbccec9ca21573
SHA1	10e604a804a75c13325e8e3abee369e2d344b58f
SHA256	c19342c4aada38a9c51de79c59477c72b737c1bf732e978a00984315f229d634
CRC32	C40E093F
Ssdeep	6144:MZXf/7Tt7InmUJ6lMUNwCKKACzgr/2DvPJRJAJ:MZXrVblM4tACzgr/2bJPa
	下载提交魔盾安全分析

文件名	index.dat
相关文件	C:\Users\test\AppData\Local\Microsoft\Feeds Cache\index.dat
文件大小	32768 字节
文件类型	Internet Explorer cache file version Ver 5.2
MD5	0aee387ca0a52dcdd8f8a29ea76edb42
SHA1	5df81547dcadb2a7b8bc689da8e1383ba1a84cb9
SHA256	c31bc37e102b70a472837d530ec80bdaea28b0fefda3e9aa8c8cda98c4200c4e
CRC32	B451CA0B
Ssdeep	12:qjtSaFpbZli3zIoYDPO7em4GZj03W/cKYDPOCG5A30WUsOXQDG9YRm4GZ5:qj4avEIoYTCebGZ7ZYTlEJ0oQQ4bGZ
魔盾安全分析结果	2.0 分析时间：2016-11-06 20:10:20 查看分析报告
	下载提交魔盾安全分析

文件名	erweima[1].png
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\erweima[1].png
文件大小	43227 字节
文件类型	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2016:08:19 12:58:20], progressive, precision 8, 150x150, frames 3
MD5	8728bfd6b6471a5172ff4d939064ae21
SHA1	0f7f2d4b2aa06e5487a8fbd7a7273bed61d97514
SHA256	bf3b524c220c7510019b5f35e50bd537122deb2d2acc2eb04a7992273ce807aa
CRC32	AE187E4E
Ssdeep	768:lfa14WYxNP/wm9GZa+b+a14WYxNP/wm9GZa+zF1TIuY9aIqDiq4zflQN31n8Mnz:NA+xx/EN6A+xx/ENzHYPVq4zfAr
	下载提交魔盾安全分析

文件名	14997858281[1].jpg
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\14997858281[1].jpg
文件大小	15091 字节
文件类型	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 220x308, frames 3
MD5	d48f6064b9ab640fb0604031f3b0949c
SHA1	d315d766145d9ea43cbd35f1103a32ad41b08a8d
SHA256	31b0dff30dd39a54c5b64a79b9b5162fb1f27a1697fc4705aa5845fc4fffeae4
CRC32	3106B19F
Ssdeep	384:Ps2QB/42QRh+7w7gZPxU9adysx+Np4fwhBmG+:PsFBw2Q76w7yOAdysx+NpMEBmT
	下载提交魔盾安全分析

文件名	stat[1].htm
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\stat[1].htm C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\heatmap[1].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\heatmap[1].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\heatmap[2].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\heatmap[1].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\heatmap[1].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\heatmap[2].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\heatmap[3].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\heatmap[2].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\heatmap[2].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\heatmap[3].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\heatmap[4].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\heatmap[3].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\heatmap[3].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\heatmap[4].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\heatmap[5].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\heatmap[4].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\heatmap[4].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\heatmap[5].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\heatmap[6].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\heatmap[5].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\heatmap[5].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\heatmap[6].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\heatmap[7].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\heatmap[6].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\heatmap[6].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\heatmap[7].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\heatmap[8].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\heatmap[7].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\heatmap[7].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\heatmap[8].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\heatmap[9].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\heatmap[8].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\heatmap[8].gif C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\heatmap[9].gif
文件大小	2 字节
文件类型	ASCII text, with no line terminators
MD5	444bcb3a3fcf8389296c49467f27e1d6
SHA1	7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
SHA256	2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
CRC32	79DCDD47
Ssdeep	3:V:V
Yara	Rule to detect the no presence of any image Rule to detect the no presence of any attachment Rule to detect the no presence of any url
	下载提交魔盾安全分析显示文本
ok

文件名	15290767765[1].jpg
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\15290767765[1].jpg
文件大小	19787 字节
文件类型	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 270x404, frames 3
MD5	a3d2537c5aaac2bfd7fa0917d4e8fe12
SHA1	a20f59f8f4e346140045a5c8cb881600a58c5579
SHA256	2073c84b7fd7f4d1c1a68bf26dc094a8e7e1cb01bb3f7f4ebb3d59564bedcd76
CRC32	3C1C9091
Ssdeep	384:yWOOIB5p21taXPY0JfaKfIkRCD2w9pR9oLx9f8UDI/t8yX4ok8aEj1Is:yZOIBrQ0BfVCaw9pR9Qnf9DIe4SlY1d
	下载提交魔盾安全分析

文件名	153101652713[1].jpg
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\153101652713[1].jpg
文件大小	25037 字节
文件类型	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 270x385, frames 3
MD5	0b87541092c278336b4d481befa0cabe
SHA1	02b7063673db73fe5ef16c2341eabeff0fb054df
SHA256	1b1e0b50196c912a820986ad61f822c46d8ba159f133b8156dbdaaccb4c9073d
CRC32	6819819F
Ssdeep	384:KYNg7LnHLSE1sz301R31W3nkBJdtHJyPYHNotA00dnGEGaz2TLuTF4:KYyHnrAIlWEJHpyptA00tp6Pup4
	下载提交魔盾安全分析

文件名	11.0.1[1].js
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\11.0.1[1].js
文件大小	104 字节
文件类型	HTML document, ASCII text, with no line terminators
MD5	debd615e09dfab3d6a64da77be5acb34
SHA1	a92cc177fd428362cf9d94d5838a5c2210695327
SHA256	84a67f91a4d920a528727e5e225ee886b8fbf194c436e14816f640c61e3ee479
CRC32	F3F629BB
Ssdeep	3:yLRmcpZBbQxYkNX/CNOWkRBGKdzEHPWHLGXImMn:yL/pZ9gYkNvCUhRFoHP0VmMn
Yara	Rule to detect the no presence of any image Rule to detect the no presence of any attachment Rule to detect the presence of an or several urls
	下载提交魔盾安全分析显示文本
document.write('<script charset="utf-8" src="http://s5.qhres.com/static/ab77b6ea7f3fbf79.js"></script>')

文件名	push[1].js
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\push[1].js
文件大小	281 字节
文件类型	ASCII text, with no line terminators
MD5	1bb5a3267c9865ad4abe8d937734b62b
SHA1	b5478dd2edb3e64242eced1db2dbd945ef81f592
SHA256	674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
CRC32	77905197
Ssdeep	6:qQQfwvP/kGTMKxvasm9IlCPcWKF/ZOd1zlCi64J1JVOXMMc3jfn:cfwvP8GAktCPbK415Ci7eLc3jfn
Yara	Rule to detect the no presence of any image Rule to detect the no presence of any attachment Rule to detect the no presence of any url
	下载提交魔盾安全分析显示文本
!function(){var e=/([http\|https]:\/\/[a-zA-Z0-9\_\.]+\.baidu\.com)/gi,r=window.location.href,o=document.referrer;if(!e.test(r)){var n="//api.share.baidu.com/s.gif";o?(n+="?r="+encodeURIComponent(document.referrer),r&&(n+="&l="+r)):r&&(n+="?l="+r);var t=new Image;t.src=n}}(window);

文件名	15300265091[1].jpg
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\15300265091[1].jpg
文件大小	24421 字节
文件类型	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 270x405, frames 3
MD5	788eee52b9b97c9bf1d8dd56a1a46ca3
SHA1	a3097596c40cb654e64a97f2788c9059f4a8e914
SHA256	d1d308f0a5fef6d3493336aa2228dd9fb9d49e893df89ef38f0fa6e350424736
CRC32	BB3DB97B
Ssdeep	384:zP83Fv0kEvVaKlaMnJf3U8ZydYBwI9ocn5FiEUC7jfgRwq3ZqlCw68X9QbFklA:zP8FEQExZydKtaEUC3fjoZUCwtebFkG
	下载提交魔盾安全分析

文件名	15251845165[1].jpg
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\15251845165[1].jpg
文件大小	20697 字节
文件类型	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 270x404, frames 3
MD5	eb1dcd1b54fe5fd0335a09df4edd103a
SHA1	17780143fd7a3d8247523c37fe02036fe98252c8
SHA256	21147f5c4b93387bda738e8f65478eb1dc7fa51758c85d23bb324536498e11d5
CRC32	85EC5381
Ssdeep	384:y8p3JWk02v2O0yHg9cVPY2pVwk3zuY+SYr+K3ENSk5FF2UUUV5KK:y8p5WO0ymcO2UIzurSY6K3YF0UU8z
	下载提交魔盾安全分析

文件名	15297665262[1].jpg
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\15297665262[1].jpg
文件大小	20425 字节
文件类型	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 270x377, frames 3
MD5	1d0249a2da871d9d4dfd9a7ff903a3b4
SHA1	38ae1bcf9a11c03e893e986ca4caca9cf9e92627
SHA256	c1c52e083b6aacafd87aae7010d4855c86965fd39bc39852230b6edf49a0b84f
CRC32	768B298D
Ssdeep	384:333STcJ+kVo0Lf7NTCr5P+S1YriBk3iZDn0XOOg3YV4xQeDByv:3HSYJ+kV7n8r52H33iV8OR3S4xvDK
	下载提交魔盾安全分析

文件名	duomi-bg[1].png
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\duomi-bg[1].png
文件大小	54789 字节
文件类型	PNG image data, 300 x 500, 8-bit/color RGBA, non-interlaced
MD5	6135dc9255f503cc2b9ef103b9ac336a
SHA1	c55b9a498974240b289d8e07d8b7a9643b5d852f
SHA256	9538cf8da5e0ee27c6401fa64ad52f4e57cd46ae779518c3134138fc02fa7cfc
CRC32	FBCBE8F7
Ssdeep	768:E1qeMo+i6t2N9o7JAkAkzdHtZ1zhjEGAsXyfCpUfihyt2krYekqvrE8gqVnyK:pclmFAkA4j/jXZtpUf81ZqDJg8h
	下载提交魔盾安全分析

HTML 总结报告 (需15-60分钟同步)	下载

Processing ( 30.329 seconds )

14.79 NetworkAnalysis
7.709 Suricata
2.318 Dropped
2.016 BehaviorAnalysis
1.807 Static
1.33 VirusTotal
0.32 AnalysisInfo
0.037 Debug
0.002 Memory

Signatures ( 4.749 seconds )

2.689 md_url_bl
1.037 md_bad_drop
0.162 antiav_detectreg
0.108 stealth_timeout
0.098 api_spamming
0.061 infostealer_ftp
0.038 antivm_generic_scsi
0.038 md_domain_bl
0.035 infostealer_im
0.033 antianalysis_detectreg
0.022 stealth_file
0.02 infostealer_mail
0.019 antivm_generic_services
0.019 mimics_filetime
0.018 stealth_network
0.018 antiav_detectfile
0.016 antivm_generic_disk
0.014 dridex_behavior
0.013 bootkit
0.013 infostealer_bitcoin
0.012 virus
0.011 geodo_banking_trojan
0.009 betabot_behavior
0.009 kibex_behavior
0.009 antivm_xen_keys
0.009 ransomware_extensions
0.008 clickfraud_cookies
0.008 shifu_behavior
0.008 darkcomet_regkeys
0.007 vawtrak_behavior
0.007 antivm_parallels_keys
0.007 antivm_vbox_files
0.007 ransomware_files
0.006 antiemu_wine_func
0.006 dead_connect
0.006 persistence_autorun
0.005 hancitor_behavior
0.005 ransomware_message
0.005 infostealer_browser_password
0.005 kovter_behavior
0.005 antivm_generic_diskreg
0.005 recon_fingerprint
0.004 hawkeye_behavior
0.004 antidbg_windows
0.003 andromeda_behavior
0.003 upatre_behavior
0.003 stack_pivot
0.003 network_anomaly
0.003 injection_createremotethread
0.003 sets_autoconfig_url
0.003 kazybot_behavior
0.003 antivm_vbox_libs
0.003 securityxploded_modules
0.003 antidbg_devices
0.003 antisandbox_productid
0.003 antivm_vbox_keys
0.003 antivm_vmware_keys
0.003 antivm_vpc_keys
0.003 disables_browser_warn
0.002 tinba_behavior
0.002 internet_dropper
0.002 network_tor
0.002 rat_nanocore
0.002 antiav_avast_libs
0.002 rat_luminosity
0.002 kelihos_behavior
0.002 Locky_behavior
0.002 ipc_namedpipe
0.002 disables_wfp
0.002 cerber_behavior
0.002 injection_runpe
0.002 cryptowall_behavior
0.002 antivm_xen_keys
0.002 antivm_hyperv_keys
0.002 antivm_vbox_acpi
0.002 browser_security
0.002 bypass_firewall
0.002 network_torgateway
0.002 packer_armadillo_regkey
0.002 rat_pcclient
0.001 disables_spdy
0.001 injection_explorer
0.001 antisandbox_sunbelt_libs
0.001 antisandbox_sboxie_libs
0.001 antiav_bitdefender_libs
0.001 dyre_behavior
0.001 exec_crash
0.001 antivm_vmware_events
0.001 ispy_behavior
0.001 antianalysis_detectfile
0.001 antivm_generic_bios
0.001 antivm_generic_cpu
0.001 antivm_generic_system
0.001 antivm_vmware_files
0.001 bot_drive
0.001 bot_drive2
0.001 browser_addon
0.001 codelux_behavior
0.001 ie_martian_children
0.001 maldun_blacklist
0.001 modify_uac_prompt
0.001 recon_programs
0.001 sniffer_winpcap
0.001 targeted_flame

Reporting ( 0.448 seconds )

0.448 ReportHTMLSummary


Task ID	170824
Mongo ID	5b4e2502a093ef5700ea0e0c
Cuckoo release	1.4-Maldun