分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
URL win7-sp1-x64-shaapp01-1 2020-01-16 16:02:43 2020-01-16 16:04:43 120 秒

魔盾分数

0.325

正常的

URL详细信息

URL
URL专业沙箱检测 -> https://www.80s.tw/
登录查看威胁特征

运行截图

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
www.80s.tw A 59.124.229.137
CNAME gslb-v2-twn.netinfi.com
CNAME fc9548a72c616c5a6d7f3c4525d3f0ea.momentcdn.com
CNAME gslb.cname.neptune.netinfi.com
A 211.20.20.89
t.dyxz.la A 183.131.150.226
A 150.138.216.235
CNAME static.verycdn.net
A 58.223.209.12
A 183.131.150.228
CNAME t.dyxz.la.verycdn.net
dup.baidustatic.com CNAME ecomcbjs.jomodns.com
A 180.163.198.49
crt.comodoca.com A 91.199.212.52
pos.baidu.com A 180.101.49.206
CNAME cb.e.shifen.com
hm.baidu.com CNAME hm.e.shifen.com
A 106.120.159.126
eclick.baidu.com A 220.181.107.131
CNAME eclick.e.shifen.com

摘要

登录查看详细行为信息

WHOIS 信息

Name: None
Country: None
State: None
City: None
ZIP Code: None
Address: None

Orginization: None
Domain Name(s):
    80s.tw
Creation Date:
    None
Updated Date:
    None
Expiration Date:
    None
Email(s):
    80s.tw@protecteddomainservices.com

Registrar(s):
    None
Name Server(s):
    None
Referral URL(s):
    None
没有防病毒引擎扫描信息!

进程树

iexplore.exe, PID: 2640, 上一级进程 PID: 2320
下载PCAP包

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

TCP

源地址 源端口 目标地址 目标端口
102.176.160.75 30615 192.168.122.201 57844
103.111.219.183 8118 192.168.122.201 56562
103.194.90.30 42915 192.168.122.201 57041
103.194.90.30 42915 192.168.122.201 57596
103.68.18.118 8080 192.168.122.201 57467
103.83.205.57 38992 192.168.122.201 58091
107.190.148.202 50854 192.168.122.201 57317
109.198.110.234 8080 192.168.122.201 57139
110.243.12.143 9999 192.168.122.201 58069
110.243.12.143 9999 192.168.122.201 58070
110.243.16.37 9999 192.168.122.201 58084
110.243.17.68 9999 192.168.122.201 57918
110.36.228.168 8080 192.168.122.201 57824
110.74.209.202 51491 192.168.122.201 57749
112.84.52.247 9999 192.168.122.201 57461
112.85.170.24 9999 192.168.122.201 56905
112.85.170.24 9999 192.168.122.201 56906
113.194.30.255 9999 192.168.122.201 56586
115.127.23.165 31066 192.168.122.201 57501
115.127.23.165 31066 192.168.122.201 57502
115.171.85.225 9000 192.168.122.201 57407
115.221.242.109 9999 192.168.122.201 57919
115.221.245.119 9999 192.168.122.201 57928
115.221.246.246 9999 192.168.122.201 57236
115.221.246.246 9999 192.168.122.201 57237
117.88.176.180 3000 192.168.122.201 57318
118.174.234.21 36493 192.168.122.201 57770
118.175.207.129 48139 192.168.122.201 57823
118.179.119.218 8080 192.168.122.201 57275
118.99.103.211 8080 192.168.122.201 57016
118.99.103.211 8080 192.168.122.201 57017
118.99.74.15 8080 192.168.122.201 57821
118.99.74.15 8080 192.168.122.201 57822
119.148.40.86 8080 192.168.122.201 56934
119.2.51.150 8080 192.168.122.201 57197
119.39.68.26 808 192.168.122.201 57421
121.33.220.158 808 192.168.122.201 57260
121.40.90.189 8001 192.168.122.201 57577
122.138.144.251 9999 192.168.122.201 57908
122.154.103.68 8080 192.168.122.201 56959
122.154.103.68 8080 192.168.122.201 57704
123.149.136.117 9999 192.168.122.201 57368
123.163.27.157 9999 192.168.122.201 57442
123.57.235.56 3128 192.168.122.201 57313
124.248.190.162 8080 192.168.122.201 57167
125.26.6.61 60121 192.168.122.201 57786
145.14.172.222 8080 192.168.122.201 56868
152.169.106.145 80 192.168.122.201 57345
154.126.79.14 8080 192.168.122.201 57890
154.72.70.130 8080 192.168.122.201 56995
155.0.181.254 36620 192.168.122.201 57751
157.119.207.35 8080 192.168.122.201 57453
163.172.148.62 8811 192.168.122.201 57642
163.172.219.130 443 192.168.122.201 57934
163.204.242.82 9999 192.168.122.201 56785
163.204.242.82 9999 192.168.122.201 57610
170.79.171.110 8080 192.168.122.201 57635
171.11.179.216 9999 192.168.122.201 58066
171.35.160.130 9999 192.168.122.201 58104
171.35.160.130 9999 192.168.122.201 58105
177.4.173.13 8080 192.168.122.201 57857
178.20.137.178 43980 192.168.122.201 56121
178.213.130.101 52658 192.168.122.201 57690
178.213.130.101 52658 192.168.122.201 57692
179.61.98.35 53281 192.168.122.201 57053
179.95.232.131 3128 192.168.122.201 57949
179.95.232.131 3128 192.168.122.201 57950
180.183.154.170 8080 192.168.122.201 57913
181.129.140.226 36733 192.168.122.201 57600
181.57.151.214 8080 192.168.122.201 57195
182.253.6.3 8080 192.168.122.201 56889
183.154.54.207 9999 192.168.122.201 57151
185.108.141.19 8080 192.168.122.201 56947
185.108.141.19 8080 192.168.122.201 57487
185.49.248.44 8000 192.168.122.201 57618
186.216.174.119 3128 192.168.122.201 57525
186.46.6.233 46849 192.168.122.201 57177
187.109.181.77 8080 192.168.122.201 57309
187.63.82.55 51769 192.168.122.201 57186
188.187.0.158 8080 192.168.122.201 57791
189.89.248.40 3128 192.168.122.201 56898
190.104.47.18 8081 192.168.122.201 56918
190.152.71.230 54354 192.168.122.201 56551
190.217.1.115 999 192.168.122.201 57853
191.102.106.1 8181 192.168.122.201 56903
191.102.86.166 8080 192.168.122.201 57975
191.102.86.166 8080 192.168.122.201 57976
191.241.167.248 41288 192.168.122.201 57496
192.168.122.201 49175 106.120.159.126 hm.baidu.com 443
192.168.122.201 49176 180.101.49.206 pos.baidu.com 443
192.168.122.201 49179 180.101.49.206 pos.baidu.com 443
192.168.122.201 49167 180.163.198.49 dup.baidustatic.com 443
192.168.122.201 49178 180.163.198.49 dup.baidustatic.com 443
192.168.122.201 49161 183.131.150.228 t.dyxz.la 443
192.168.122.201 49162 183.131.150.228 t.dyxz.la 443
192.168.122.201 49163 183.131.150.228 t.dyxz.la 443
192.168.122.201 49164 183.131.150.228 t.dyxz.la 443
192.168.122.201 49165 183.131.150.228 t.dyxz.la 443
192.168.122.201 49166 183.131.150.228 t.dyxz.la 443
192.168.122.201 49174 183.131.150.228 t.dyxz.la 443
192.168.122.201 49160 211.20.20.89 www.80s.tw 443
192.168.122.201 49177 211.20.20.89 www.80s.tw 443
192.168.122.201 49180 220.181.107.131 eclick.baidu.com 443
192.168.122.201 49168 91.199.212.52 crt.comodoca.com 80
192.168.122.201 49169 91.199.212.52 crt.comodoca.com 80
192.168.122.201 49170 91.199.212.52 crt.comodoca.com 80
192.168.122.201 49171 91.199.212.52 crt.comodoca.com 80
192.168.122.201 49172 91.199.212.52 crt.comodoca.com 80
192.168.122.201 49173 91.199.212.52 crt.comodoca.com 80
193.106.130.249 8080 192.168.122.201 57135
193.68.135.123 59278 192.168.122.201 57880
195.138.73.54 44610 192.168.122.201 56895
197.159.23.174 39150 192.168.122.201 56973
199.116.170.132 8080 192.168.122.201 57320
200.149.214.6 33701 192.168.122.201 58014
200.199.114.226 33932 192.168.122.201 56865
200.33.152.207 45226 192.168.122.201 57250
200.58.171.242 8080 192.168.122.201 57050
200.69.70.134 999 192.168.122.201 57347
202.129.184.227 80 192.168.122.201 57582
202.154.190.234 8080 192.168.122.201 57804
202.179.7.158 23500 192.168.122.201 57806
202.3.72.17 56242 192.168.122.201 56720
202.62.60.35 8080 192.168.122.201 56987
202.62.60.35 8080 192.168.122.201 56988
203.174.13.158 8082 192.168.122.201 57592
204.15.243.234 40860 192.168.122.201 57102
207.148.119.101 8080 192.168.122.201 57943
210.5.106.202 37020 192.168.122.201 57117
212.164.216.128 8040 192.168.122.201 57443
217.19.209.253 8080 192.168.122.201 57939
222.128.9.235 33428 192.168.122.201 57080
223.199.19.185 9999 192.168.122.201 57743
223.199.19.195 9999 192.168.122.201 57373
223.199.19.195 9999 192.168.122.201 57374
223.199.23.145 9999 192.168.122.201 57204
223.199.25.30 9999 192.168.122.201 58040
223.199.28.55 9999 192.168.122.201 57425
223.199.28.85 9999 192.168.122.201 58064
223.199.31.43 9999 192.168.122.201 57399
27.43.187.229 9999 192.168.122.201 57816
31.133.57.134 41258 192.168.122.201 57324
36.66.127.99 8080 192.168.122.201 57369
36.82.252.134 8080 192.168.122.201 57147
36.82.252.134 8080 192.168.122.201 57914
36.89.105.58 8080 192.168.122.201 57537
36.89.182.85 31009 192.168.122.201 57612
36.89.227.34 55177 192.168.122.201 57253
36.89.227.34 55177 192.168.122.201 57991
36.90.123.156 8181 192.168.122.201 57222
36.90.17.42 8181 192.168.122.201 57493
36.91.30.81 8080 192.168.122.201 57111
36.92.93.107 8080 192.168.122.201 57119
36.92.93.107 8080 192.168.122.201 57341
39.100.66.200 8080 192.168.122.201 57484
39.100.66.200 8080 192.168.122.201 57485
39.108.123.4 3128 192.168.122.201 57056
41.194.224.13 8080 192.168.122.201 56710
41.194.224.13 8080 192.168.122.201 56711
43.241.135.177 8080 192.168.122.201 57723
43.241.135.177 8080 192.168.122.201 57724
43.246.139.82 8080 192.168.122.201 57393
45.115.60.7 44096 192.168.122.201 56546
45.120.116.144 49505 192.168.122.201 58015
45.123.25.77 37761 192.168.122.201 56907
45.6.136.247 53281 192.168.122.201 56368
45.7.134.178 999 192.168.122.201 56919
46.172.76.104 8080 192.168.122.201 57529
46.172.76.104 8080 192.168.122.201 57530
46.8.28.17 8080 192.168.122.201 56952
51.158.123.35 8811 192.168.122.201 57124
51.91.56.24 80 192.168.122.201 57164
60.167.132.247 9999 192.168.122.201 57693
60.167.132.74 9999 192.168.122.201 57221
61.164.39.66 53281 192.168.122.201 56927
61.238.82.202 8080 192.168.122.201 57446
62.122.201.170 40714 192.168.122.201 57474
74.84.255.88 53281 192.168.122.201 56142
74.84.255.88 53281 192.168.122.201 57118
77.82.15.159 8080 192.168.122.201 57771
77.82.15.159 8080 192.168.122.201 57772
79.175.57.77 55477 192.168.122.201 57088
85.198.250.240 8080 192.168.122.201 56739
85.222.191.222 36337 192.168.122.201 57261
85.222.191.222 36337 192.168.122.201 57262
85.31.57.184 8080 192.168.122.201 57988
88.248.23.216 36426 192.168.122.201 57782
94.153.224.194 58713 192.168.122.201 57652
94.158.165.19 45915 192.168.122.201 57619
95.104.54.227 42119 192.168.122.201 56970
95.47.234.1 8080 192.168.122.201 57394
95.47.234.1 8080 192.168.122.201 57396
95.68.115.202 53281 192.168.122.201 57128
96.9.69.164 53281 192.168.122.201 56992
96.9.87.2 8080 192.168.122.201 57767
96.9.87.2 8080 192.168.122.201 57768

UDP

源地址 源端口 目标地址 目标端口
192.168.122.201 49157 192.168.122.1 53
192.168.122.201 49484 192.168.122.1 53
192.168.122.201 50112 192.168.122.1 53
192.168.122.201 51384 192.168.122.1 53
192.168.122.201 51466 192.168.122.1 53
192.168.122.201 51896 192.168.122.1 53
192.168.122.201 56842 192.168.122.1 53
192.168.122.201 58646 192.168.122.1 53
192.168.122.201 59968 192.168.122.1 53
192.168.122.201 59995 192.168.122.1 53
192.168.122.201 62882 192.168.122.1 53
192.168.122.201 63974 192.168.122.1 53

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
www.80s.tw A 59.124.229.137
CNAME gslb-v2-twn.netinfi.com
CNAME fc9548a72c616c5a6d7f3c4525d3f0ea.momentcdn.com
CNAME gslb.cname.neptune.netinfi.com
A 211.20.20.89
t.dyxz.la A 183.131.150.226
A 150.138.216.235
CNAME static.verycdn.net
A 58.223.209.12
A 183.131.150.228
CNAME t.dyxz.la.verycdn.net
dup.baidustatic.com CNAME ecomcbjs.jomodns.com
A 180.163.198.49
crt.comodoca.com A 91.199.212.52
pos.baidu.com A 180.101.49.206
CNAME cb.e.shifen.com
hm.baidu.com CNAME hm.e.shifen.com
A 106.120.159.126
eclick.baidu.com A 220.181.107.131
CNAME eclick.e.shifen.com

TCP

源地址 源端口 目标地址 目标端口
102.176.160.75 30615 192.168.122.201 57844
103.111.219.183 8118 192.168.122.201 56562
103.194.90.30 42915 192.168.122.201 57041
103.194.90.30 42915 192.168.122.201 57596
103.68.18.118 8080 192.168.122.201 57467
103.83.205.57 38992 192.168.122.201 58091
107.190.148.202 50854 192.168.122.201 57317
109.198.110.234 8080 192.168.122.201 57139
110.243.12.143 9999 192.168.122.201 58069
110.243.12.143 9999 192.168.122.201 58070
110.243.16.37 9999 192.168.122.201 58084
110.243.17.68 9999 192.168.122.201 57918
110.36.228.168 8080 192.168.122.201 57824
110.74.209.202 51491 192.168.122.201 57749
112.84.52.247 9999 192.168.122.201 57461
112.85.170.24 9999 192.168.122.201 56905
112.85.170.24 9999 192.168.122.201 56906
113.194.30.255 9999 192.168.122.201 56586
115.127.23.165 31066 192.168.122.201 57501
115.127.23.165 31066 192.168.122.201 57502
115.171.85.225 9000 192.168.122.201 57407
115.221.242.109 9999 192.168.122.201 57919
115.221.245.119 9999 192.168.122.201 57928
115.221.246.246 9999 192.168.122.201 57236
115.221.246.246 9999 192.168.122.201 57237
117.88.176.180 3000 192.168.122.201 57318
118.174.234.21 36493 192.168.122.201 57770
118.175.207.129 48139 192.168.122.201 57823
118.179.119.218 8080 192.168.122.201 57275
118.99.103.211 8080 192.168.122.201 57016
118.99.103.211 8080 192.168.122.201 57017
118.99.74.15 8080 192.168.122.201 57821
118.99.74.15 8080 192.168.122.201 57822
119.148.40.86 8080 192.168.122.201 56934
119.2.51.150 8080 192.168.122.201 57197
119.39.68.26 808 192.168.122.201 57421
121.33.220.158 808 192.168.122.201 57260
121.40.90.189 8001 192.168.122.201 57577
122.138.144.251 9999 192.168.122.201 57908
122.154.103.68 8080 192.168.122.201 56959
122.154.103.68 8080 192.168.122.201 57704
123.149.136.117 9999 192.168.122.201 57368
123.163.27.157 9999 192.168.122.201 57442
123.57.235.56 3128 192.168.122.201 57313
124.248.190.162 8080 192.168.122.201 57167
125.26.6.61 60121 192.168.122.201 57786
145.14.172.222 8080 192.168.122.201 56868
152.169.106.145 80 192.168.122.201 57345
154.126.79.14 8080 192.168.122.201 57890
154.72.70.130 8080 192.168.122.201 56995
155.0.181.254 36620 192.168.122.201 57751
157.119.207.35 8080 192.168.122.201 57453
163.172.148.62 8811 192.168.122.201 57642
163.172.219.130 443 192.168.122.201 57934
163.204.242.82 9999 192.168.122.201 56785
163.204.242.82 9999 192.168.122.201 57610
170.79.171.110 8080 192.168.122.201 57635
171.11.179.216 9999 192.168.122.201 58066
171.35.160.130 9999 192.168.122.201 58104
171.35.160.130 9999 192.168.122.201 58105
177.4.173.13 8080 192.168.122.201 57857
178.20.137.178 43980 192.168.122.201 56121
178.213.130.101 52658 192.168.122.201 57690
178.213.130.101 52658 192.168.122.201 57692
179.61.98.35 53281 192.168.122.201 57053
179.95.232.131 3128 192.168.122.201 57949
179.95.232.131 3128 192.168.122.201 57950
180.183.154.170 8080 192.168.122.201 57913
181.129.140.226 36733 192.168.122.201 57600
181.57.151.214 8080 192.168.122.201 57195
182.253.6.3 8080 192.168.122.201 56889
183.154.54.207 9999 192.168.122.201 57151
185.108.141.19 8080 192.168.122.201 56947
185.108.141.19 8080 192.168.122.201 57487
185.49.248.44 8000 192.168.122.201 57618
186.216.174.119 3128 192.168.122.201 57525
186.46.6.233 46849 192.168.122.201 57177
187.109.181.77 8080 192.168.122.201 57309
187.63.82.55 51769 192.168.122.201 57186
188.187.0.158 8080 192.168.122.201 57791
189.89.248.40 3128 192.168.122.201 56898
190.104.47.18 8081 192.168.122.201 56918
190.152.71.230 54354 192.168.122.201 56551
190.217.1.115 999 192.168.122.201 57853
191.102.106.1 8181 192.168.122.201 56903
191.102.86.166 8080 192.168.122.201 57975
191.102.86.166 8080 192.168.122.201 57976
191.241.167.248 41288 192.168.122.201 57496
192.168.122.201 49175 106.120.159.126 hm.baidu.com 443
192.168.122.201 49176 180.101.49.206 pos.baidu.com 443
192.168.122.201 49179 180.101.49.206 pos.baidu.com 443
192.168.122.201 49167 180.163.198.49 dup.baidustatic.com 443
192.168.122.201 49178 180.163.198.49 dup.baidustatic.com 443
192.168.122.201 49161 183.131.150.228 t.dyxz.la 443
192.168.122.201 49162 183.131.150.228 t.dyxz.la 443
192.168.122.201 49163 183.131.150.228 t.dyxz.la 443
192.168.122.201 49164 183.131.150.228 t.dyxz.la 443
192.168.122.201 49165 183.131.150.228 t.dyxz.la 443
192.168.122.201 49166 183.131.150.228 t.dyxz.la 443
192.168.122.201 49174 183.131.150.228 t.dyxz.la 443
192.168.122.201 49160 211.20.20.89 www.80s.tw 443
192.168.122.201 49177 211.20.20.89 www.80s.tw 443
192.168.122.201 49180 220.181.107.131 eclick.baidu.com 443
192.168.122.201 49168 91.199.212.52 crt.comodoca.com 80
192.168.122.201 49169 91.199.212.52 crt.comodoca.com 80
192.168.122.201 49170 91.199.212.52 crt.comodoca.com 80
192.168.122.201 49171 91.199.212.52 crt.comodoca.com 80
192.168.122.201 49172 91.199.212.52 crt.comodoca.com 80
192.168.122.201 49173 91.199.212.52 crt.comodoca.com 80
193.106.130.249 8080 192.168.122.201 57135
193.68.135.123 59278 192.168.122.201 57880
195.138.73.54 44610 192.168.122.201 56895
197.159.23.174 39150 192.168.122.201 56973
199.116.170.132 8080 192.168.122.201 57320
200.149.214.6 33701 192.168.122.201 58014
200.199.114.226 33932 192.168.122.201 56865
200.33.152.207 45226 192.168.122.201 57250
200.58.171.242 8080 192.168.122.201 57050
200.69.70.134 999 192.168.122.201 57347
202.129.184.227 80 192.168.122.201 57582
202.154.190.234 8080 192.168.122.201 57804
202.179.7.158 23500 192.168.122.201 57806
202.3.72.17 56242 192.168.122.201 56720
202.62.60.35 8080 192.168.122.201 56987
202.62.60.35 8080 192.168.122.201 56988
203.174.13.158 8082 192.168.122.201 57592
204.15.243.234 40860 192.168.122.201 57102
207.148.119.101 8080 192.168.122.201 57943
210.5.106.202 37020 192.168.122.201 57117
212.164.216.128 8040 192.168.122.201 57443
217.19.209.253 8080 192.168.122.201 57939
222.128.9.235 33428 192.168.122.201 57080
223.199.19.185 9999 192.168.122.201 57743
223.199.19.195 9999 192.168.122.201 57373
223.199.19.195 9999 192.168.122.201 57374
223.199.23.145 9999 192.168.122.201 57204
223.199.25.30 9999 192.168.122.201 58040
223.199.28.55 9999 192.168.122.201 57425
223.199.28.85 9999 192.168.122.201 58064
223.199.31.43 9999 192.168.122.201 57399
27.43.187.229 9999 192.168.122.201 57816
31.133.57.134 41258 192.168.122.201 57324
36.66.127.99 8080 192.168.122.201 57369
36.82.252.134 8080 192.168.122.201 57147
36.82.252.134 8080 192.168.122.201 57914
36.89.105.58 8080 192.168.122.201 57537
36.89.182.85 31009 192.168.122.201 57612
36.89.227.34 55177 192.168.122.201 57253
36.89.227.34 55177 192.168.122.201 57991
36.90.123.156 8181 192.168.122.201 57222
36.90.17.42 8181 192.168.122.201 57493
36.91.30.81 8080 192.168.122.201 57111
36.92.93.107 8080 192.168.122.201 57119
36.92.93.107 8080 192.168.122.201 57341
39.100.66.200 8080 192.168.122.201 57484
39.100.66.200 8080 192.168.122.201 57485
39.108.123.4 3128 192.168.122.201 57056
41.194.224.13 8080 192.168.122.201 56710
41.194.224.13 8080 192.168.122.201 56711
43.241.135.177 8080 192.168.122.201 57723
43.241.135.177 8080 192.168.122.201 57724
43.246.139.82 8080 192.168.122.201 57393
45.115.60.7 44096 192.168.122.201 56546
45.120.116.144 49505 192.168.122.201 58015
45.123.25.77 37761 192.168.122.201 56907
45.6.136.247 53281 192.168.122.201 56368
45.7.134.178 999 192.168.122.201 56919
46.172.76.104 8080 192.168.122.201 57529
46.172.76.104 8080 192.168.122.201 57530
46.8.28.17 8080 192.168.122.201 56952
51.158.123.35 8811 192.168.122.201 57124
51.91.56.24 80 192.168.122.201 57164
60.167.132.247 9999 192.168.122.201 57693
60.167.132.74 9999 192.168.122.201 57221
61.164.39.66 53281 192.168.122.201 56927
61.238.82.202 8080 192.168.122.201 57446
62.122.201.170 40714 192.168.122.201 57474
74.84.255.88 53281 192.168.122.201 56142
74.84.255.88 53281 192.168.122.201 57118
77.82.15.159 8080 192.168.122.201 57771
77.82.15.159 8080 192.168.122.201 57772
79.175.57.77 55477 192.168.122.201 57088
85.198.250.240 8080 192.168.122.201 56739
85.222.191.222 36337 192.168.122.201 57261
85.222.191.222 36337 192.168.122.201 57262
85.31.57.184 8080 192.168.122.201 57988
88.248.23.216 36426 192.168.122.201 57782
94.153.224.194 58713 192.168.122.201 57652
94.158.165.19 45915 192.168.122.201 57619
95.104.54.227 42119 192.168.122.201 56970
95.47.234.1 8080 192.168.122.201 57394
95.47.234.1 8080 192.168.122.201 57396
95.68.115.202 53281 192.168.122.201 57128
96.9.69.164 53281 192.168.122.201 56992
96.9.87.2 8080 192.168.122.201 57767
96.9.87.2 8080 192.168.122.201 57768

UDP

源地址 源端口 目标地址 目标端口
192.168.122.201 49157 192.168.122.1 53
192.168.122.201 49484 192.168.122.1 53
192.168.122.201 50112 192.168.122.1 53
192.168.122.201 51384 192.168.122.1 53
192.168.122.201 51466 192.168.122.1 53
192.168.122.201 51896 192.168.122.1 53
192.168.122.201 56842 192.168.122.1 53
192.168.122.201 58646 192.168.122.1 53
192.168.122.201 59968 192.168.122.1 53
192.168.122.201 59995 192.168.122.1 53
192.168.122.201 62882 192.168.122.1 53
192.168.122.201 63974 192.168.122.1 53

HTTP 请求

URI HTTP数据
URL专业沙箱检测 -> http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt 
GET /COMODORSADomainValidationSecureServerCA.crt HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: crt.comodoca.com

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

Timestamp Source IP Source Port Destination IP Destination Port Version Issuer Subject Fingerprint
2020-01-16 16:03:01.656002+0800 192.168.122.201 49161 183.131.150.228 443 TLS 1.2 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA OU=Domain Control Validated, OU=PositiveSSL, CN=t.dyxz.la 4b:b0:3a:72:56:12:42:82:80:45:1b:9b:73:4e:2d:4f:6c:50:6e:ac
2020-01-16 16:03:01.654315+0800 192.168.122.201 49163 183.131.150.228 443 TLS 1.2 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA OU=Domain Control Validated, OU=PositiveSSL, CN=t.dyxz.la 4b:b0:3a:72:56:12:42:82:80:45:1b:9b:73:4e:2d:4f:6c:50:6e:ac
2020-01-16 16:03:01.033278+0800 192.168.122.201 49160 211.20.20.89 443 TLS 1.2 C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA CN=ssl0001.cachemoment.com 4a:d7:06:08:a8:0e:89:27:bc:41:7d:d6:bd:d1:4f:2a:1c:2a:c4:71
2020-01-16 16:03:01.666672+0800 192.168.122.201 49164 183.131.150.228 443 TLS 1.2 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA OU=Domain Control Validated, OU=PositiveSSL, CN=t.dyxz.la 4b:b0:3a:72:56:12:42:82:80:45:1b:9b:73:4e:2d:4f:6c:50:6e:ac
2020-01-16 16:03:01.667362+0800 192.168.122.201 49165 183.131.150.228 443 TLS 1.2 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA OU=Domain Control Validated, OU=PositiveSSL, CN=t.dyxz.la 4b:b0:3a:72:56:12:42:82:80:45:1b:9b:73:4e:2d:4f:6c:50:6e:ac
2020-01-16 16:03:01.657515+0800 192.168.122.201 49162 183.131.150.228 443 TLS 1.2 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA OU=Domain Control Validated, OU=PositiveSSL, CN=t.dyxz.la 4b:b0:3a:72:56:12:42:82:80:45:1b:9b:73:4e:2d:4f:6c:50:6e:ac
2020-01-16 16:03:01.662693+0800 192.168.122.201 49166 183.131.150.228 443 TLS 1.2 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA OU=Domain Control Validated, OU=PositiveSSL, CN=t.dyxz.la 4b:b0:3a:72:56:12:42:82:80:45:1b:9b:73:4e:2d:4f:6c:50:6e:ac
2020-01-16 16:03:01.716044+0800 192.168.122.201 49167 180.163.198.49 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=beijing, L=beijing, OU=service operation department, O=Beijing Baidu Netcom Science Technology Co., Ltd, CN=baidu.com d1:f6:32:3d:b6:f2:ec:81:e7:02:36:90:f4:9b:2d:91:e0:c3:99:3a
2020-01-16 16:03:02.933495+0800 192.168.122.201 49176 180.101.49.206 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=beijing, L=beijing, OU=service operation department, O=Beijing Baidu Netcom Science Technology Co., Ltd, CN=baidu.com 37:57:a8:9f:48:3b:df:ce:76:f5:42:7c:db:c6:5f:5a:40:bf:7a:1f
2020-01-16 16:03:02.974296+0800 192.168.122.201 49175 106.120.159.126 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=beijing, L=beijing, OU=service operation department, O=Beijing Baidu Netcom Science Technology Co., Ltd, CN=baidu.com b1:6c:be:97:2a:fe:99:e4:26:e4:00:7d:16:2e:f7:88:87:59:be:25
2020-01-16 16:03:04.017556+0800 192.168.122.201 49178 180.163.198.49 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=beijing, L=beijing, OU=service operation department, O=Beijing Baidu Netcom Science Technology Co., Ltd, CN=baidu.com d1:f6:32:3d:b6:f2:ec:81:e7:02:36:90:f4:9b:2d:91:e0:c3:99:3a
2020-01-16 16:03:04.744437+0800 192.168.122.201 49180 220.181.107.131 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=beijing, L=beijing, OU=service operation department, O=Beijing Baidu Netcom Science Technology Co., Ltd, CN=baidu.com 37:57:a8:9f:48:3b:df:ce:76:f5:42:7c:db:c6:5f:5a:40:bf:7a:1f

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
抱歉! 没有任何文件投放。
HTML 总结报告
(需15-60分钟同步)		 下载

Processing ( 14.976 seconds )

  • 9.559 Suricata
  • 4.98 NetworkAnalysis
  • 0.424 Static
  • 0.008 AnalysisInfo
  • 0.003 BehaviorAnalysis
  • 0.002 Memory

Signatures ( 1.269 seconds )

  • 1.174 md_url_bl
  • 0.038 md_domain_bl
  • 0.01 antiav_detectreg
  • 0.004 anomaly_persistence_autorun
  • 0.004 antiav_detectfile
  • 0.004 infostealer_ftp
  • 0.003 geodo_banking_trojan
  • 0.003 infostealer_bitcoin
  • 0.003 infostealer_im
  • 0.003 ransomware_extensions
  • 0.003 ransomware_files
  • 0.002 tinba_behavior
  • 0.002 antianalysis_detectreg
  • 0.002 antivm_vbox_files
  • 0.002 disables_browser_warn
  • 0.002 infostealer_mail
  • 0.002 network_torgateway
  • 0.001 rat_nanocore
  • 0.001 cerber_behavior
  • 0.001 bot_drive
  • 0.001 bot_drive2
  • 0.001 browser_security
  • 0.001 maldun_malicious_drop_executable_file_to_temp_folder
  • 0.001 ie_martian_children
  • 0.001 md_bad_drop

Reporting ( 0.373 seconds )

  • 0.373 ReportHTMLSummary
Task ID 487801
Mongo ID 5e201931bb7d575f4a3a952c
Cuckoo release 1.4-Maldun