分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
---|---|---|---|---|
URL | win7-sp1-x64-shaapp03-1 | 2021-04-17 19:14:13 | 2021-04-17 19:16:16 | 123 秒 |
URL |
---|
URL专业沙箱检测 -> https://play.54647.site/age.html |
无主机纪录.
Name: None Country: None State: None City: None ZIP Code: None Address: None Orginization: None Domain Name(s): None Creation Date: None Updated Date: None Expiration Date: None Email(s): None Registrar(s): None Name Server(s): None Referral URL(s): None
无主机纪录.
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49159 | 104.18.21.179 play.54647.site | 443 |
192.168.122.201 | 49160 | 104.18.21.179 play.54647.site | 443 |
192.168.122.201 | 49161 | 104.18.21.179 play.54647.site | 443 |
192.168.122.201 | 49162 | 104.18.21.179 play.54647.site | 443 |
192.168.122.201 | 49163 | 104.18.21.179 play.54647.site | 443 |
192.168.122.201 | 49164 | 104.18.21.179 play.54647.site | 443 |
192.168.122.201 | 49169 | 104.18.21.179 play.54647.site | 443 |
192.168.122.201 | 49170 | 104.18.21.179 play.54647.site | 443 |
192.168.122.201 | 49171 | 104.18.21.179 play.54647.site | 443 |
192.168.122.201 | 49172 | 104.18.21.179 play.54647.site | 443 |
192.168.122.201 | 49166 | 180.163.151.169 www.googletagmanager.com | 443 |
192.168.122.201 | 49167 | 23.218.94.155 acroipm.adobe.com | 80 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 56270 | 192.168.122.1 | 53 |
192.168.122.201 | 59401 | 192.168.122.1 | 53 |
192.168.122.201 | 59906 | 192.168.122.1 | 53 |
192.168.122.201 | 65178 | 192.168.122.1 | 53 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49159 | 104.18.21.179 play.54647.site | 443 |
192.168.122.201 | 49160 | 104.18.21.179 play.54647.site | 443 |
192.168.122.201 | 49161 | 104.18.21.179 play.54647.site | 443 |
192.168.122.201 | 49162 | 104.18.21.179 play.54647.site | 443 |
192.168.122.201 | 49163 | 104.18.21.179 play.54647.site | 443 |
192.168.122.201 | 49164 | 104.18.21.179 play.54647.site | 443 |
192.168.122.201 | 49169 | 104.18.21.179 play.54647.site | 443 |
192.168.122.201 | 49170 | 104.18.21.179 play.54647.site | 443 |
192.168.122.201 | 49171 | 104.18.21.179 play.54647.site | 443 |
192.168.122.201 | 49172 | 104.18.21.179 play.54647.site | 443 |
192.168.122.201 | 49166 | 180.163.151.169 www.googletagmanager.com | 443 |
192.168.122.201 | 49167 | 23.218.94.155 acroipm.adobe.com | 80 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 56270 | 192.168.122.1 | 53 |
192.168.122.201 | 59401 | 192.168.122.1 | 53 |
192.168.122.201 | 59906 | 192.168.122.1 | 53 |
192.168.122.201 | 65178 | 192.168.122.1 | 53 |
URI | HTTP数据 |
---|---|
URL专业沙箱检测 -> http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip | GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1 Accept: */* If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT User-Agent: IPM Host: acroipm.adobe.com Connection: Keep-Alive Cache-Control: no-cache |
无SMTP流量.
无IRC请求.
无ICMP流量.
无 CIF 结果
无警报
Timestamp | Source IP | Source Port | Destination IP | Destination Port | Version | Issuer | Subject | Fingerprint |
---|---|---|---|---|---|---|---|---|
2021-04-17 19:14:34.997087+0800 | 192.168.122.201 | 49166 | 180.163.151.169 | 443 | TLS 1.2 | C=US, O=Google Trust Services, CN=GTS CA 1O1 | C=US, ST=California, L=Mountain View, O=Google LLC, CN=*.google-analytics.com | 89:50:23:ba:60:4a:63:86:5b:f0:29:b0:34:26:70:1d:84:e2:99:da |
2021-04-17 19:14:33.845913+0800 | 192.168.122.201 | 49159 | 104.18.21.179 | 443 | TLS 1.2 | C=US, O=Cloudflare, Inc., CN=Cloudflare Inc ECC CA-3 | C=US, ST=California, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com | 46:9b:eb:dc:9c:2b:0d:e4:c1:43:ef:ba:6c:8d:44:36:74:81:80:91 |
No Suricata HTTP
HTML 总结报告 (需15-60分钟同步) |
下载 |
---|
Task ID | 630994 |
---|---|
Mongo ID | 607ac3977e769a5b9f0d737e |
Cuckoo release | 1.4-Maldun |