魔盾安全分析报告
| 分析类型 | 开始时间 | 结束时间 | 持续时间 | 分析引擎版本 |
|---|---|---|---|---|
| URL | 2018-09-15 19:49:38 | 2018-09-15 19:52:00 | 142 秒 | 1.4-Maldun |
| 虚拟机机器名 | 标签 | 虚拟机管理 | 开机时间 | 关机时间 |
|---|---|---|---|---|
| win7-sp1-x64-shaapp01-3 | win7-sp1-x64-shaapp01-3 | KVM | 2018-09-15 19:49:38 | 2018-09-15 19:51:59 |
| 魔盾分数 |
|---|
1.6正常的 |
URL信息
| URL | http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html |
|---|---|
| VirusTotal | VirusTotal无域名信息 |
特征
魔盾wping.org 域名信誉系统
Neutral: www.bandaoyy.com
Greylist: www.bestore.cc
Greylist: union.maccms.com
Greylist: cdp1.public-trust.com
魔盾wping.org IP地址信誉系统
Greylist: 107.150.10.233
Greylist: 119.23.113.97
Greylist: 43.241.48.155
Greylist: 58.222.18.29
运行截图
网络分析
访问主机记录
| 直接访问 | IP地址 | 国家名 |
|---|---|---|
| 是 | 101.110.118.67 | China |
| 否 | 107.150.10.233 | United States |
| 否 | 117.18.237.29 | Asia/Pacific Region |
| 否 | 119.23.113.97 | China |
| 否 | 128.1.223.162 | United States |
| 否 | 192.35.177.64 | United States |
| 否 | 220.181.7.190 | China |
| 否 | 43.241.48.155 | China |
| 否 | 58.222.18.29 | China |
域名解析
| 域名 | 响应 |
|---|---|
| www.bandaoyy.com |
A 107.150.10.226
A 107.150.10.233 |
| www.bestore.cc | A 43.241.48.155 |
| staticjs.cn | A 119.23.113.97 |
| apps.identrust.com |
A 192.35.177.64
CNAME apps.digsigtrust.com |
| cdn.letv-cdn.com |
A 37.220.37.21
A 46.182.110.95 A 128.1.223.162 CNAME video.512wx.com A 128.14.79.202 A 37.220.37.26 A 145.14.132.130 A 185.173.225.139 |
| union.maccms.com |
A 58.222.18.29
CNAME union3010.b0.aicdn.com CNAME nm.ctn.aicdn.com |
| hm.baidu.com |
CNAME hm.e.shifen.com
A 220.181.7.190 |
| ocsp.globalsign.com |
A 122.246.10.30
CNAME globalsign.com.cdn.dnsv1.com A 122.228.251.33 CNAME globalsign.com.s2.cdntip.com A 122.228.251.32 CNAME global.prd.cdn.globalsign.com A 180.153.100.147 |
| cdp1.public-trust.com |
CNAME crl3.digicert.com
CNAME cs9.wac.phicdn.net A 117.18.237.29 |
| ocsp.digicert.com |
TCP连接
| IP地址 | 端口 |
|---|---|
| 101.110.118.67 | 80 |
| 107.150.10.233 | 80 |
| 107.150.10.233 | 80 |
| 107.150.10.233 | 80 |
| 107.150.10.233 | 80 |
| 107.150.10.233 | 80 |
| 107.150.10.233 | 80 |
| 107.150.10.233 | 80 |
| 107.150.10.233 | 80 |
| 107.150.10.233 | 80 |
| 117.18.237.29 | 80 |
| 117.18.237.29 | 80 |
| 119.23.113.97 | 443 |
| 119.23.113.97 | 443 |
| 122.228.251.33 | 80 |
| 122.246.10.30 | 80 |
| 128.1.223.162 | 443 |
| 128.1.223.162 | 443 |
| 128.1.223.162 | 443 |
| 192.35.177.64 | 80 |
| 220.181.7.190 | 443 |
| 23.32.241.24 | 80 |
| 23.32.241.25 | 80 |
| 23.57.66.49 | 80 |
| 43.241.48.155 | 80 |
| 58.222.18.29 | 80 |
UDP连接
| IP地址 | 端口 |
|---|---|
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
HTTP请求
| URL | HTTP数据 |
|---|---|
| http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html | GET /vod-play-id-13556-src-1-num-1.html HTTP/1.1 Accept: */* Accept-Language: zh-cn User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bandaoyy.com Connection: Keep-Alive |
| http://www.bandaoyy.com/template/97zy/css/style.css | GET /template/97zy/css/style.css HTTP/1.1 Accept: */* Referer: http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bandaoyy.com Connection: Keep-Alive Cookie: PHPSESSID=30jo9s6sr8mjovdu0or3bjg6g6 |
| http://www.bandaoyy.com/template/paody/ads/sydh.js | GET /template/paody/ads/sydh.js HTTP/1.1 Accept: */* Referer: http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bandaoyy.com Connection: Keep-Alive Cookie: PHPSESSID=30jo9s6sr8mjovdu0or3bjg6g6 |
| http://www.bandaoyy.com/template/97zy/js/function.js | GET /template/97zy/js/function.js HTTP/1.1 Accept: */* Referer: http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bandaoyy.com Connection: Keep-Alive Cookie: PHPSESSID=30jo9s6sr8mjovdu0or3bjg6g6 |
| http://www.bandaoyy.com/template/97zy/js/common.js | GET /template/97zy/js/common.js HTTP/1.1 Accept: */* Referer: http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bandaoyy.com Connection: Keep-Alive Cookie: PHPSESSID=30jo9s6sr8mjovdu0or3bjg6g6 |
| http://www.bandaoyy.com/template/97zy/js/jquery-1.4.4.min.js | GET /template/97zy/js/jquery-1.4.4.min.js HTTP/1.1 Accept: */* Referer: http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bandaoyy.com Connection: Keep-Alive Cookie: PHPSESSID=30jo9s6sr8mjovdu0or3bjg6g6 |
| http://www.bandaoyy.com/template/97zy/js/jquery.lazyload.js | GET /template/97zy/js/jquery.lazyload.js HTTP/1.1 Accept: */* Referer: http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bandaoyy.com Connection: Keep-Alive Cookie: PHPSESSID=30jo9s6sr8mjovdu0or3bjg6g6 |
| http://www.bandaoyy.com/template/97zy/js/html5shiv.min.js | GET /template/97zy/js/html5shiv.min.js HTTP/1.1 Accept: */* Referer: http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bandaoyy.com Connection: Keep-Alive Cookie: PHPSESSID=30jo9s6sr8mjovdu0or3bjg6g6 |
| http://www.bandaoyy.com/js/playerconfig.js | GET /js/playerconfig.js HTTP/1.1 Accept: */* Referer: http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bandaoyy.com Connection: Keep-Alive Cookie: PHPSESSID=30jo9s6sr8mjovdu0or3bjg6g6 |
| http://www.bandaoyy.com/template/97zy/js/respond.min.js | GET /template/97zy/js/respond.min.js HTTP/1.1 Accept: */* Referer: http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bandaoyy.com Connection: Keep-Alive Cookie: PHPSESSID=30jo9s6sr8mjovdu0or3bjg6g6 |
| http://www.bandaoyy.com/js/player.js | GET /js/player.js HTTP/1.1 Accept: */* Referer: http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bandaoyy.com Connection: Keep-Alive Cookie: PHPSESSID=30jo9s6sr8mjovdu0or3bjg6g6 |
| http://www.bandaoyy.com/template/paody/ads/bfq.js | GET /template/paody/ads/bfq.js HTTP/1.1 Accept: */* Referer: http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bandaoyy.com Connection: Keep-Alive Cookie: PHPSESSID=30jo9s6sr8mjovdu0or3bjg6g6 |
| http://www.bandaoyy.com/template/97zy/ads/960.js | GET /template/97zy/ads/960.js HTTP/1.1 Accept: */* Referer: http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bandaoyy.com Connection: Keep-Alive Cookie: PHPSESSID=30jo9s6sr8mjovdu0or3bjg6g6 |
| http://www.bandaoyy.com/template/97zy/Images/search.png | GET /template/97zy/Images/search.png HTTP/1.1 Accept: */* Referer: http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bandaoyy.com Connection: Keep-Alive Cookie: PHPSESSID=30jo9s6sr8mjovdu0or3bjg6g6 |
| http://www.bestore.cc/bandaoyy.js | GET /bandaoyy.js HTTP/1.1 Accept: */* Referer: http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bestore.cc Connection: Keep-Alive |
| http://www.bandaoyy.com/template/97zy/Images/logo.png | GET /template/97zy/Images/logo.png HTTP/1.1 Accept: */* Referer: http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bandaoyy.com Connection: Keep-Alive Cookie: PHPSESSID=30jo9s6sr8mjovdu0or3bjg6g6 |
| http://apps.identrust.com/roots/dstrootcax3.p7c | GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com |
| http://www.bandaoyy.com/template/97zy/Images/pload.gif | GET /template/97zy/Images/pload.gif HTTP/1.1 Accept: */* Referer: http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bandaoyy.com Connection: Keep-Alive Cookie: PHPSESSID=30jo9s6sr8mjovdu0or3bjg6g6 |
| http://www.bandaoyy.com/player/33uu.js | GET /player/33uu.js HTTP/1.1 Accept: */* Referer: http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bandaoyy.com Connection: Keep-Alive Cookie: PHPSESSID=30jo9s6sr8mjovdu0or3bjg6g6 |
| http://www.bandaoyy.com/gg/loading.html | GET /gg/loading.html HTTP/1.1 Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */* Referer: http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bandaoyy.com Connection: Keep-Alive Cookie: PHPSESSID=30jo9s6sr8mjovdu0or3bjg6g6 |
| http://union.maccms.com/html/top.js | GET /html/top.js HTTP/1.1 Accept: */* Referer: http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: union.maccms.com Connection: Keep-Alive |
| http://www.bandaoyy.com/template/97zy/Images/load.gif | GET /template/97zy/Images/load.gif HTTP/1.1 Accept: */* Referer: http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bandaoyy.com Connection: Keep-Alive Cookie: PHPSESSID=30jo9s6sr8mjovdu0or3bjg6g6 |
| http://www.bandaoyy.com/template/97zy/Images/duomi-bg.png | GET /template/97zy/Images/duomi-bg.png HTTP/1.1 Accept: */* Referer: http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bandaoyy.com Connection: Keep-Alive Cookie: PHPSESSID=30jo9s6sr8mjovdu0or3bjg6g6 |
| http://www.bandaoyy.com/template/97zy/Images/p.png | GET /template/97zy/Images/p.png HTTP/1.1 Accept: */* Referer: http://www.bandaoyy.com/vod-play-id-13556-src-1-num-1.html Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.bandaoyy.com Connection: Keep-Alive Cookie: PHPSESSID=30jo9s6sr8mjovdu0or3bjg6g6 |
| http://ocsp.globalsign.com/rootr1/MEwwSjBIMEYwRDAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCCwQAAAAAAURO8EJH | GET /rootr1/MEwwSjBIMEYwRDAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCCwQAAAAAAURO8EJH HTTP/1.1 Connection: Keep-Alive Accept: */* If-Modified-Since: Sat, 01 Sep 2018 00:29:03 GMT If-None-Match: "1480bfa43edc451651e279ba0f6dc69348c58eec" User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp.globalsign.com |
| http://ocsp.usertrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBR8sWZUnKvbRO5iJhat9GV793rVlAQUrb2YejS0Jvf6xCZU7wO94CTLVBoCECdm7lbrSfOOq9dwovyE3iI%3D | GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBR8sWZUnKvbRO5iJhat9GV793rVlAQUrb2YejS0Jvf6xCZU7wO94CTLVBoCECdm7lbrSfOOq9dwovyE3iI%3D HTTP/1.1 Cache-Control: max-age = 163163 Connection: Keep-Alive Accept: */* If-Modified-Since: Sun, 26 Aug 2018 23:00:19 GMT User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp.usertrust.com |
| http://ocsp2.globalsign.com/gsorganizationvalsha2g2/ME0wSzBJMEcwRTAJBgUrDgMCGgUABBQMnk2cPe3vhNiR6XLHz4QGvBl7BwQUlt5h8b0cFilTHMDMfTuDAEDmGnwCDHFB6lHS315kGvj29g%3D%3D | GET /gsorganizationvalsha2g2/ME0wSzBJMEcwRTAJBgUrDgMCGgUABBQMnk2cPe3vhNiR6XLHz4QGvBl7BwQUlt5h8b0cFilTHMDMfTuDAEDmGnwCDHFB6lHS315kGvj29g%3D%3D HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp2.globalsign.com |
| http://ocsp.comodoca.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBReAhtobFzTvhaRmVeJ38QUchY9AwQUu69%2BAj36pvE8hI6t7jiY7NkyMtQCECsuburZdTZsFIpu26N8jAc%3D | GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBReAhtobFzTvhaRmVeJ38QUchY9AwQUu69%2BAj36pvE8hI6t7jiY7NkyMtQCECsuburZdTZsFIpu26N8jAc%3D HTTP/1.1 Cache-Control: max-age = 163216 Connection: Keep-Alive Accept: */* If-Modified-Since: Sun, 26 Aug 2018 23:00:19 GMT User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp.comodoca.com |
| http://ocsp.comodoca.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBR64T7ooMQqLLQoy%2BemBUYZQOKh6QQUkK9qOpRaC9iQ6hJWc99DtDoo2ucCEB9alMnGmN%2FUAy%2FQG%2F3Xll0%3D | GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBR64T7ooMQqLLQoy%2BemBUYZQOKh6QQUkK9qOpRaC9iQ6hJWc99DtDoo2ucCEB9alMnGmN%2FUAy%2FQG%2F3Xll0%3D HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp.comodoca.com |
| http://www.bandaoyy.com/favicon.ico | GET /favicon.ico HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Host: www.bandaoyy.com Connection: Keep-Alive Cookie: PHPSESSID=30jo9s6sr8mjovdu0or3bjg6g6; Hm_lvt_264512ff0768529472d1674335d295cb=1537012189; Hm_lpvt_264512ff0768529472d1674335d295cb=1537012189 |
| http://cdp1.public-trust.com/CRL/Omniroot2025.crl | GET /CRL/Omniroot2025.crl HTTP/1.1 Cache-Control: max-age = 172800 Connection: Keep-Alive Accept: */* If-Modified-Since: Tue, 21 Aug 2018 20:59:15 GMT If-None-Match: "2057461361" User-Agent: Microsoft-CryptoAPI/6.1 Host: cdp1.public-trust.com |
| http://crl.microsoft.com/pki/crl/products/tspca.crl | GET /pki/crl/products/tspca.crl HTTP/1.1 Cache-Control: max-age = 900 Connection: Keep-Alive Accept: */* If-Modified-Since: Sat, 24 May 2014 05:04:54 GMT If-None-Match: "8ab194b3d77cf1:0" User-Agent: Microsoft-CryptoAPI/6.1 Host: crl.microsoft.com |
| http://101.110.118.67/crl.microsoft.com/pki/crl/products/tspca.crl | GET /crl.microsoft.com/pki/crl/products/tspca.crl HTTP/1.1 Cache-Control: max-age = 900 Connection: Keep-Alive Accept: */* If-Modified-Since: Sat, 24 May 2014 05:04:54 GMT If-None-Match: "8ab194b3d77cf1:0" User-Agent: Microsoft-CryptoAPI/6.1 Host: 101.110.118.67 |
| http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAiIzVJfGSRETRSlgpHeuVI%3D | GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAiIzVJfGSRETRSlgpHeuVI%3D HTTP/1.1 Cache-Control: max-age = 172072 Connection: Keep-Alive Accept: */* If-Modified-Since: Fri, 31 Aug 2018 21:45:22 GMT If-None-Match: "5b89b6f2-1d7" User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp.digicert.com |
投放文件
行为分析
互斥量(Mutexes)
无信息
执行的命令
无信息
创建的服务
无信息
启动的服务
无信息
进程
iexplore.exe PID: 2664, 上一级进程 PID: 2392
访问的文件
无信息
读取的文件
无信息
修改的文件
无信息
删除的文件
无信息
注册表键
无信息
读取的注册表键
无信息
修改的注册表键
无信息
删除的注册表键
无信息
API解析
无信息