魔盾安全分析报告
| 分析类型 | 开始时间 | 结束时间 | 持续时间 | 分析引擎版本 |
|---|---|---|---|---|
| URL | 2020-11-26 10:14:47 | 2020-11-26 10:16:50 | 123 秒 | 1.4-Maldun |
| 虚拟机机器名 | 标签 | 虚拟机管理 | 开机时间 | 关机时间 |
|---|---|---|---|---|
| win7-sp1-x64-shaapp03-1 | win7-sp1-x64-shaapp03-1 | KVM | 2020-11-26 10:14:47 | 2020-11-26 10:16:51 |
| 魔盾分数 |
|---|
0.425正常的 |
URL信息
| URL | http://ad.twoshadow.cn |
|---|---|
| VirusTotal | VirusTotal查询失败 |
特征
魔盾wping.org 域名信誉系统
Greylist: ad.twoshadow.cn
Greylist: test.doumaibiji.cn
Greylist: tt-img.7654.com
Greylist: pos.baidu.com
Greylist: show-3.mediav.com
运行截图
网络分析
域名解析
| 域名 | 响应 |
|---|---|
| ad.twoshadow.cn |
CNAME ad.twoshadow.cn.cdn.dnsv1.com
A 180.96.32.88 CNAME 3s63h1np.slt.cdntip.com A 180.96.32.89 |
| www.bsrkt.com | A 140.143.135.97 |
| test.doumaibiji.cn | A 123.206.5.93 |
| bsrkt.com |
A 59.63.235.236
A 125.78.252.115 A 59.63.235.194 A 59.63.235.122 CNAME bsrkt.com.cdn.dnsv1.com CNAME 1185166.p23.tc.cdntip.com |
| mini.eastday.com |
A 101.227.98.71
CNAME mini.eastday.com.cdn20.com |
| tt-img.7654.com |
CNAME tt-img.7654.com.cdn.dnsv1.com
CNAME 1285743.p23.tc.cdntip.com |
| show.g.mediav.com |
CNAME max.mdvdns.qhcdn.com
A 180.163.247.134 |
| acroipm.adobe.com |
CNAME acroipm.adobe.com.edgesuite.net
A 23.218.94.163 CNAME a1983.dscd.akamai.net A 23.218.94.155 |
| 02imgmini.eastday.com |
A 58.216.107.116
CNAME cdn-e57n62s8.sched.s2.tdnsv5.com A 221.228.219.98 CNAME 02imgmini.eastday.com.cdn.dnsv1.com A 58.216.106.215 A 222.186.49.111 A 58.216.107.214 A 58.220.28.104 A 221.228.219.62 |
| 07imgmini.eastday.com |
CNAME 07imgmini.eastday.com.cdn.dnsv1.com
CNAME cdn-hdua9ats.sched.s2.tdnsv5.com |
| 09imgmini.eastday.com |
CNAME cdn-gksx5hzk.sched.s2.tdnsv5.com
CNAME 09imgmini.eastday.com.cdn.dnsv1.com |
| 05imgmini.eastday.com |
CNAME 05imgmini.eastday.com.cdn.dnsv1.com
CNAME cdn-1orxuk74.sched.s2.tdnsv5.com |
| ttpcstatic.dftoutiao.com |
CNAME ttpcstatic.dftoutiao.com.cdn.dnsv1.com
CNAME 2121167.p23.tc.cdntip.com |
| dup.baidustatic.com |
CNAME ecomcbjs.jomodns.com
A 180.163.198.49 |
| unionstatis.dftoutiao.com | A 117.50.0.67 |
| position.dftoutiao.com | A 123.59.74.13 |
| cidzxpc.dfxwdc.com | A 106.75.57.236 |
| imgmini.eastday.com | CNAME imgmini.eastday.com.cdn20.com |
| minipc.eastday.com |
CNAME minipc.eastday.com.cdn.dnsv1.com
A 117.34.34.78 A 58.49.224.62 A 42.202.141.119 CNAME 1529636.sched.sma.tdnsv5.com A 122.246.3.114 A 58.220.28.112 A 221.233.41.191 A 113.96.156.254 A 114.98.176.203 A 117.34.34.125 |
| ttpcssp.dftoutiao.com |
CNAME 2023088.p23.tc.cdntip.com
CNAME ttpcssp.dftoutiao.com.cdn.dnsv1.com |
| hm.baidu.com |
CNAME hm.e.shifen.com
A 106.120.159.126 |
| pos.baidu.com |
A 180.101.49.206
CNAME cb.e.shifen.com |
| ad.xwdsp.com | A 106.75.97.110 |
| nativematerialpc.ssp.eastdaymedia.com.cn | A 49.233.239.251 |
| cpro.baidustatic.com |
CNAME cpro.baidustatic.com.a.bdydns.com
A 114.80.30.35 CNAME opencdnbdwm.jomodns.com |
| pcunionreportlog.dftoutiao.com | A 106.75.100.126 |
| feed-image.baidu.com |
CNAME feed-image.baidu.com.a.bdydns.com
CNAME opencdn.jomodns.com |
| miniapp-ad.cdn.bcebos.com | CNAME miniapp-ad.cdn.bcebos.com.a.bdydns.com |
| wn.pos.baidu.com |
A 180.101.49.203
CNAME wn.pos.e.shifen.com |
| als.baidu.com | CNAME als.e.shifen.com |
| eclick.baidu.com |
A 220.181.107.131
CNAME eclick.e.shifen.com |
| show-3.mediav.com | |
| t11.baidu.com |
CNAME opencdnbdsimage.jomodns.com
A 114.80.30.36 CNAME t11.baidu.com.a.bdydns.com |
| t12.baidu.com | CNAME t12.baidu.com.a.bdydns.com |
| f11.baidu.com | CNAME f11.baidu.com.a.bdydns.com |
| t10.baidu.com | CNAME t10.baidu.com.a.bdydns.com |
| f12.baidu.com | CNAME f12.baidu.com.a.bdydns.com |
| f10.baidu.com | CNAME f10.baidu.com.a.bdydns.com |
| pcunionreportlog.shaqm.com | A 106.75.108.118 |
| lupic.cdn.bcebos.com |
CNAME lupic.cdn.bcebos.com.a.bdydns.com
A 122.228.115.35 CNAME opencdnssl.jomodns.com A 183.131.118.35 |
TCP连接
| IP地址 | 端口 |
|---|---|
| 101.227.98.71 | 80 |
| 101.227.98.71 | 443 |
| 101.227.98.71 | 443 |
| 101.227.98.71 | 443 |
| 101.227.98.71 | 443 |
| 101.227.98.71 | 443 |
| 101.227.98.71 | 443 |
| 101.227.98.71 | 443 |
| 101.227.98.71 | 443 |
| 101.227.98.71 | 443 |
| 101.227.98.71 | 443 |
| 106.120.159.126 | 443 |
| 106.120.159.126 | 443 |
| 106.75.100.126 | 443 |
| 106.75.108.118 | 443 |
| 106.75.108.118 | 443 |
| 106.75.108.118 | 443 |
| 106.75.57.236 | 443 |
| 106.75.97.110 | 443 |
| 106.75.97.110 | 443 |
| 106.75.97.110 | 443 |
| 114.80.30.35 | 443 |
| 114.80.30.35 | 443 |
| 114.80.30.35 | 443 |
| 114.80.30.35 | 443 |
| 114.80.30.35 | 443 |
| 114.80.30.36 | 443 |
| 114.80.30.36 | 443 |
| 114.80.30.36 | 443 |
| 114.80.30.36 | 443 |
| 114.80.30.36 | 443 |
| 114.80.30.36 | 443 |
| 114.80.30.36 | 443 |
| 114.80.30.36 | 443 |
| 114.80.30.36 | 443 |
| 114.80.30.36 | 443 |
| 114.80.30.36 | 443 |
| 117.50.0.67 | 443 |
| 122.228.115.35 | 443 |
| 122.228.115.35 | 443 |
| 122.228.115.35 | 443 |
| 122.246.3.114 | 443 |
| 122.246.3.114 | 443 |
| 122.246.3.114 | 443 |
| 122.246.3.114 | 443 |
| 122.246.3.114 | 443 |
| 122.246.3.114 | 443 |
| 123.206.5.93 | 80 |
| 123.59.74.13 | 443 |
| 125.78.252.115 | 443 |
| 125.78.252.115 | 443 |
| 125.78.252.115 | 443 |
| 125.78.252.115 | 443 |
| 125.78.252.115 | 443 |
| 125.78.252.115 | 443 |
| 140.143.135.97 | 80 |
| 140.143.135.97 | 80 |
| 140.143.135.97 | 80 |
| 140.143.135.97 | 80 |
| 140.143.135.97 | 80 |
| 140.143.135.97 | 80 |
| 180.101.49.203 | 443 |
| 180.101.49.203 | 443 |
| 180.101.49.206 | 443 |
| 180.101.49.206 | 443 |
| 180.101.49.206 | 443 |
| 180.163.198.49 | 443 |
| 180.163.198.49 | 443 |
| 180.163.198.49 | 443 |
| 180.163.247.134 | 80 |
| 180.163.247.134 | 80 |
| 180.163.247.134 | 443 |
| 180.163.247.134 | 443 |
| 180.163.247.134 | 443 |
| 180.96.32.89 | 80 |
| 220.181.107.131 | 443 |
| 220.181.107.131 | 443 |
| 220.181.107.131 | 443 |
| 222.186.49.111 | 80 |
| 222.186.49.111 | 80 |
| 23.218.94.163 | 80 |
| 49.233.239.251 | 443 |
| 49.233.239.251 | 443 |
| 58.216.107.214 | 80 |
| 58.220.28.104 | 80 |
| 58.220.28.104 | 80 |
| 58.220.28.104 | 80 |
| 59.63.235.194 | 80 |
| 59.63.235.194 | 80 |
| 59.63.235.194 | 80 |
| 59.63.235.194 | 80 |
| 59.63.235.194 | 80 |
| 59.63.235.194 | 80 |
| 59.63.235.236 | 443 |
| 59.63.235.236 | 443 |
| 59.63.235.236 | 443 |
| 59.63.235.236 | 443 |
| 59.63.235.236 | 443 |
| 59.63.235.236 | 443 |
| 59.63.235.236 | 443 |
| 59.63.235.236 | 443 |
| 59.63.235.236 | 443 |
| 59.63.235.236 | 443 |
| 59.63.235.236 | 443 |
| 59.63.235.236 | 443 |
UDP连接
| IP地址 | 端口 |
|---|---|
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
HTTP请求
| URL | HTTP数据 |
|---|---|
| http://ad.twoshadow.cn/ | GET / HTTP/1.1 Accept: */* Accept-Language: zh-cn User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: ad.twoshadow.cn Connection: Keep-Alive |
| http://www.bsrkt.com/html/mini/index.html | GET /html/mini/index.html HTTP/1.1 Accept: */* Accept-Language: zh-cn User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bsrkt.com Connection: Keep-Alive |
| http://www.bsrkt.com/html/mini/jquery.js | GET /html/mini/jquery.js HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bsrkt.com Connection: Keep-Alive |
| http://www.bsrkt.com/html/mini/jquery.cookie.js | GET /html/mini/jquery.cookie.js HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bsrkt.com Connection: Keep-Alive |
| http://www.bsrkt.com/html/mini/jquery.SuperSlide.js | GET /html/mini/jquery.SuperSlide.js HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bsrkt.com Connection: Keep-Alive |
| http://www.bsrkt.com/html/mini/scroll.css?v070323 | GET /html/mini/scroll.css?v070323 HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bsrkt.com Connection: Keep-Alive |
| http://www.bsrkt.com/html/mini/jquery.lazyload.js | GET /html/mini/jquery.lazyload.js HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bsrkt.com Connection: Keep-Alive |
| http://www.bsrkt.com/html/mini/mini.js?v070327 | GET /html/mini/mini.js?v070327 HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bsrkt.com Connection: Keep-Alive |
| http://www.bsrkt.com/html/mini/mini.css?v070323 | GET /html/mini/mini.css?v070323 HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bsrkt.com Connection: Keep-Alive |
| http://test.doumaibiji.cn/c/js?id=doumainote_mini | GET /c/js?id=doumainote_mini HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: test.doumaibiji.cn Connection: Keep-Alive |
| http://bsrkt.com/data/news/3.jsonp?callback=top50data | GET /data/news/3.jsonp?callback=top50data HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: bsrkt.com Connection: Keep-Alive |
| http://mini.eastday.com/apidata/top20shehuijsonp.json?callback=shehui | GET /apidata/top20shehuijsonp.json?callback=shehui HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: mini.eastday.com Connection: Keep-Alive |
| http://tt-img.7654.com/image/bcc96eb29933b885c9b71e0a7e563e15?imageMogr2/crop/320x240/cgif/30 | GET /image/bcc96eb29933b885c9b71e0a7e563e15?imageMogr2/crop/320x240/cgif/30 HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: tt-img.7654.com Connection: Keep-Alive |
| http://tt-img.7654.com/image/b50975e056ddf3393ec97e64bfa6ce61?imageMogr2/crop/320x240/cgif/30 | GET /image/b50975e056ddf3393ec97e64bfa6ce61?imageMogr2/crop/320x240/cgif/30 HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: tt-img.7654.com Connection: Keep-Alive |
| http://tt-img.7654.com/image/9fdb51dcad389aa378f1d0f85c1bf2d5?imageMogr2/crop/320x240/cgif/30 | GET /image/9fdb51dcad389aa378f1d0f85c1bf2d5?imageMogr2/crop/320x240/cgif/30 HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: tt-img.7654.com Connection: Keep-Alive |
| http://tt-img.7654.com/image/e9faddaceabcdcf21217ced6d7b7d4ed?imageMogr2/crop/320x240/cgif/30 | GET /image/e9faddaceabcdcf21217ced6d7b7d4ed?imageMogr2/crop/320x240/cgif/30 HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: tt-img.7654.com Connection: Keep-Alive |
| http://tt-img.7654.com/image/5f763d6098409c22614e94bbfff27714?imageMogr2/crop/320x240/cgif/30 | GET /image/5f763d6098409c22614e94bbfff27714?imageMogr2/crop/320x240/cgif/30 HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: tt-img.7654.com Connection: Keep-Alive |
| http://show.g.mediav.com/s?jsonp=jQuery18306475686093587466_1606356891364&type=1&of=4&newf=1&showid=YJ8QNh&uid=b1644b5a-1a7e-4dea-8376-aa8340e5c2dc&reqtimes=1&impct=13&scheme=http&_=1606356892160 | GET /s?jsonp=jQuery18306475686093587466_1606356891364&type=1&of=4&newf=1&showid=YJ8QNh&uid=b1644b5a-1a7e-4dea-8376-aa8340e5c2dc&reqtimes=1&impct=13&scheme=http&_=1606356892160 HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: show.g.mediav.com Connection: Keep-Alive |
| http://show.g.mediav.com/s?jsonp=jQuery18306475686093587466_1606356891365&type=1&of=4&newf=1&showid=xNxqJa&uid=b1644b5a-1a7e-4dea-8376-aa8340e5c2dc&reqtimes=1&impct=4&scheme=http&_=1606356892176 | GET /s?jsonp=jQuery18306475686093587466_1606356891365&type=1&of=4&newf=1&showid=xNxqJa&uid=b1644b5a-1a7e-4dea-8376-aa8340e5c2dc&reqtimes=1&impct=4&scheme=http&_=1606356892176 HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: show.g.mediav.com Connection: Keep-Alive |
| http://tt-img.7654.com/image/ecc396a44d6b4e00e1f4c42ddab4ce08?imageMogr2/crop/320x240/cgif/30 | GET /image/ecc396a44d6b4e00e1f4c42ddab4ce08?imageMogr2/crop/320x240/cgif/30 HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: tt-img.7654.com Connection: Keep-Alive |
| http://show.g.mediav.com/s?jsonp=jQuery18306475686093587466_1606356891366&type=1&of=4&newf=1&showid=YJ8QNh&uid=b1644b5a-1a7e-4dea-8376-aa8340e5c2dc&reqtimes=1&impct=13&scheme=http&_=1606356892425 | GET /s?jsonp=jQuery18306475686093587466_1606356891366&type=1&of=4&newf=1&showid=YJ8QNh&uid=b1644b5a-1a7e-4dea-8376-aa8340e5c2dc&reqtimes=1&impct=13&scheme=http&_=1606356892425 HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: show.g.mediav.com Connection: Keep-Alive Cookie: v=e[1q?([!K+9'w@A8RS`S |
| http://www.bsrkt.com/favicon.ico | GET /favicon.ico HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Host: www.bsrkt.com Connection: Keep-Alive |
| http://02imgmini.eastday.com/mobile/20201126/20201126052821_32c18419a7cd19d35933534c3fc042e3_1_mwpm_03200403.jpg | GET /mobile/20201126/20201126052821_32c18419a7cd19d35933534c3fc042e3_1_mwpm_03200403.jpg HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: 02imgmini.eastday.com Connection: Keep-Alive |
| http://02imgmini.eastday.com/mobile/20201126/20201126071201_0f9ab9303f212aa948a4d3e99ce73b60_1_mwpm_03200403.jpg | GET /mobile/20201126/20201126071201_0f9ab9303f212aa948a4d3e99ce73b60_1_mwpm_03200403.jpg HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: 02imgmini.eastday.com Connection: Keep-Alive |
| http://07imgmini.eastday.com/mobile/20201125/20201125062408_d733011b33e091c9c65a44c615f13d02_2_mwpm_03200403.jpg | GET /mobile/20201125/20201125062408_d733011b33e091c9c65a44c615f13d02_2_mwpm_03200403.jpg HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: 07imgmini.eastday.com Connection: Keep-Alive |
| http://07imgmini.eastday.com/mobile/20201125/20201125213541_3eb5c7fcf097ed9196c91247ba0f50ad_1_mwpm_03200403.jpg | GET /mobile/20201125/20201125213541_3eb5c7fcf097ed9196c91247ba0f50ad_1_mwpm_03200403.jpg HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: 07imgmini.eastday.com Connection: Keep-Alive |
| http://05imgmini.eastday.com/mobile/20201126/20201126074900_faead016667a6ad2d42a5b143b4f3774_5_mwpm_03200403.jpg | GET /mobile/20201126/20201126074900_faead016667a6ad2d42a5b143b4f3774_5_mwpm_03200403.jpg HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: 05imgmini.eastday.com Connection: Keep-Alive |
| http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip | GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1 Accept: */* If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT User-Agent: IPM Host: acroipm.adobe.com Connection: Keep-Alive Cache-Control: no-cache |
| http://09imgmini.eastday.com/mobile/20201126/20201126053407_0e5cedb19b279ba816599b8760fb395a_1_mwpm_03200403.jpg | GET /mobile/20201126/20201126053407_0e5cedb19b279ba816599b8760fb395a_1_mwpm_03200403.jpg HTTP/1.1 Accept: */* Referer: http://www.bsrkt.com/html/mini/index.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: 09imgmini.eastday.com Connection: Keep-Alive |
投放文件
行为分析
互斥量(Mutexes)
无信息
执行的命令
无信息
创建的服务
无信息
启动的服务
无信息
进程
iexplore.exe PID: 2404, 上一级进程 PID: 2164
访问的文件
无信息
读取的文件
无信息
修改的文件
无信息
删除的文件
无信息
注册表键
无信息
读取的注册表键
无信息
修改的注册表键
无信息
删除的注册表键
无信息
API解析
无信息