分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
---|---|---|---|---|
URL | win7-sp1-x64-hpdapp01-2 | 2019-11-16 08:59:05 | 2019-11-16 09:01:46 | 161 秒 |
URL |
---|
URL专业沙箱检测 -> https://keywordtool.io/instagram |
无主机纪录.
Name: None Country: None State: None City: None ZIP Code: None Address: None Orginization: None Domain Name(s): None Creation Date: None Updated Date: None Expiration Date: None Email(s): None Registrar(s): None Name Server(s): None Referral URL(s): None
无主机纪录.
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.202 | 49160 | 104.26.8.177 keywordtool.io | 443 |
192.168.122.202 | 49165 | 104.26.8.177 keywordtool.io | 443 |
192.168.122.202 | 49166 | 104.26.8.177 keywordtool.io | 443 |
192.168.122.202 | 49167 | 104.26.8.177 keywordtool.io | 443 |
192.168.122.202 | 49168 | 13.33.174.82 js.datadome.co | 443 |
192.168.122.202 | 49162 | 151.101.130.217 browser.sentry-cdn.com | 443 |
192.168.122.202 | 49171 | 52.66.38.193 api-js.datadome.co | 443 |
192.168.122.202 | 49169 | 91.199.212.52 crt.usertrust.com | 80 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.202 | 53154 | 192.168.122.1 | 53 |
192.168.122.202 | 54949 | 192.168.122.1 | 53 |
192.168.122.202 | 55264 | 192.168.122.1 | 53 |
192.168.122.202 | 55957 | 192.168.122.1 | 53 |
192.168.122.202 | 60873 | 192.168.122.1 | 53 |
192.168.122.202 | 61249 | 192.168.122.1 | 53 |
192.168.122.202 | 61636 | 192.168.122.1 | 53 |
192.168.122.202 | 62154 | 192.168.122.1 | 53 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.202 | 49160 | 104.26.8.177 keywordtool.io | 443 |
192.168.122.202 | 49165 | 104.26.8.177 keywordtool.io | 443 |
192.168.122.202 | 49166 | 104.26.8.177 keywordtool.io | 443 |
192.168.122.202 | 49167 | 104.26.8.177 keywordtool.io | 443 |
192.168.122.202 | 49168 | 13.33.174.82 js.datadome.co | 443 |
192.168.122.202 | 49162 | 151.101.130.217 browser.sentry-cdn.com | 443 |
192.168.122.202 | 49171 | 52.66.38.193 api-js.datadome.co | 443 |
192.168.122.202 | 49169 | 91.199.212.52 crt.usertrust.com | 80 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.202 | 53154 | 192.168.122.1 | 53 |
192.168.122.202 | 54949 | 192.168.122.1 | 53 |
192.168.122.202 | 55264 | 192.168.122.1 | 53 |
192.168.122.202 | 55957 | 192.168.122.1 | 53 |
192.168.122.202 | 60873 | 192.168.122.1 | 53 |
192.168.122.202 | 61249 | 192.168.122.1 | 53 |
192.168.122.202 | 61636 | 192.168.122.1 | 53 |
192.168.122.202 | 62154 | 192.168.122.1 | 53 |
URI | HTTP数据 |
---|---|
URL专业沙箱检测 -> http://crt.usertrust.com/USERTrustRSAAddTrustCA.crt | GET /USERTrustRSAAddTrustCA.crt HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: crt.usertrust.com |
无SMTP流量.
无IRC请求.
源地址 | 目标地址 | ICMP类型 | 数据 |
---|---|---|---|
192.168.1.1 | 192.168.122.202 | 3 |
无 CIF 结果
无警报
Timestamp | Source IP | Source Port | Destination IP | Destination Port | Version | Issuer | Subject | Fingerprint |
---|---|---|---|---|---|---|---|---|
2019-11-16 09:00:02.208950+0800 | 192.168.122.202 | 49160 | 104.26.8.177 | 443 | TLS 1.2 | C=US, ST=CA, L=San Francisco, O=CloudFlare, Inc., CN=CloudFlare Inc ECC CA-2 | C=US, ST=CA, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com | 52:d5:93:c7:ea:53:9a:36:62:12:3d:6b:0c:4c:52:a0:87:a1:b1:b6 |
2019-11-16 09:00:04.573075+0800 | 192.168.122.202 | 49162 | 151.101.130.217 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign CloudSSL CA - SHA256 - G3 | C=US, ST=California, L=San Francisco, O=Fastly, Inc., CN=v2.shared.global.fastly.net | 5e:b7:42:2a:be:0d:52:97:09:b4:da:3c:0c:e7:0c:d6:82:1b:e7:5d |
2019-11-16 09:00:11.489803+0800 | 192.168.122.202 | 49168 | 13.33.174.82 | 443 | TLS 1.2 | C=FR, ST=Paris, L=Paris, O=Gandi, CN=Gandi Standard SSL CA 2 | OU=Domain Control Validated, OU=Gandi Standard Wildcard SSL, CN=*.datadome.co | f5:6d:17:e7:d7:76:1c:05:5c:a2:2d:92:d5:97:9c:d0:1c:3f:78:85 |
2019-11-16 09:00:14.926902+0800 | 192.168.122.202 | 49171 | 52.66.38.193 | 443 | TLS 1.2 | C=FR, ST=Paris, L=Paris, O=Gandi, CN=Gandi Standard SSL CA 2 | OU=Domain Control Validated, OU=Gandi Standard Wildcard SSL, CN=*.datadome.co | f5:6d:17:e7:d7:76:1c:05:5c:a2:2d:92:d5:97:9c:d0:1c:3f:78:85 |
No Suricata HTTP
HTML 总结报告 (需15-60分钟同步) |
下载 |
---|
Task ID | 460029 |
---|---|
Mongo ID | 5dcf4a9f2f8f2e58b8836995 |
Cuckoo release | 1.4-Maldun |