分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
---|---|---|---|---|
URL | win7-sp1-x64-shaapp03-1 | 2021-06-18 22:12:00 | 2021-06-18 22:14:04 | 124 秒 |
URL |
---|
URL专业沙箱检测 -> https://wwa.lanzoui.com/iBahgqdgkqb |
无主机纪录.
域名 | 安全评级 | 响应 |
---|---|---|
wwa.lanzoui.com |
CNAME all.lanzoui.com.w.kunlungr.com A 114.80.187.102 |
|
s95.cnzz.com | ||
v1.cnzz.com |
CNAME all.cnzz.com.danuoyi.tbcache.com A 222.188.8.250 CNAME c.cnzz.com |
|
statics.woozooo.com |
A 183.6.231.204 CNAME statics.woozooo.com.w.cdngslb.com |
|
z4.cnzz.com |
CNAME z.cnzz.com CNAME z.gds.cnzz.com A 203.119.216.75 |
|
c.cnzz.com | ||
cnzz.mmstat.com |
A 140.205.33.11 CNAME gm.gds.mmstat.com CNAME gm.mmstat.com |
|
hzs2.cnzz.com | CNAME z6.cnzz.com | |
hm.woozooo.com | A 120.27.232.100 | |
acroipm.adobe.com |
CNAME acroipm.adobe.com.edgesuite.net CNAME a1983.dscd.akamai.net A 104.75.169.10 A 104.75.169.8 |
Name: None Country: CN State: shan dong City: None ZIP Code: None Address: None Orginization: None Domain Name(s): LANZOUI.COM lanzoui.com Creation Date: 2018-03-28 19:25:37 Updated Date: 2021-02-26 05:11:02 Expiration Date: 2022-03-28 19:25:37 Email(s): DomainAbuse@service.aliyun.com Registrar(s): Alibaba Cloud Computing (Beijing) Co., Ltd. Name Server(s): F1G1NS1.DNSPOD.NET F1G1NS2.DNSPOD.NET Referral URL(s): None
无主机纪录.
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49170 | 104.75.169.10 acroipm.adobe.com | 80 |
192.168.122.201 | 49159 | 114.80.187.102 wwa.lanzoui.com | 443 |
192.168.122.201 | 49165 | 114.80.187.102 wwa.lanzoui.com | 443 |
192.168.122.201 | 49169 | 120.27.232.100 hm.woozooo.com | 443 |
192.168.122.201 | 49166 | 140.205.33.11 cnzz.mmstat.com | 443 |
192.168.122.201 | 49168 | 140.205.33.11 cnzz.mmstat.com | 443 |
192.168.122.201 | 49160 | 183.6.231.204 statics.woozooo.com | 443 |
192.168.122.201 | 49164 | 203.119.216.75 z4.cnzz.com | 443 |
192.168.122.201 | 49167 | 203.119.216.75 z4.cnzz.com | 443 |
192.168.122.201 | 49161 | 222.188.8.250 v1.cnzz.com | 443 |
192.168.122.201 | 49162 | 222.188.8.250 v1.cnzz.com | 443 |
192.168.122.201 | 49163 | 222.188.8.250 v1.cnzz.com | 443 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49532 | 192.168.122.1 | 53 |
192.168.122.201 | 52179 | 192.168.122.1 | 53 |
192.168.122.201 | 52207 | 192.168.122.1 | 53 |
192.168.122.201 | 53125 | 192.168.122.1 | 53 |
192.168.122.201 | 56270 | 192.168.122.1 | 53 |
192.168.122.201 | 59401 | 192.168.122.1 | 53 |
192.168.122.201 | 59906 | 192.168.122.1 | 53 |
192.168.122.201 | 60465 | 192.168.122.1 | 53 |
192.168.122.201 | 65178 | 192.168.122.1 | 53 |
192.168.122.201 | 65179 | 192.168.122.1 | 53 |
域名 | 安全评级 | 响应 |
---|---|---|
wwa.lanzoui.com |
CNAME all.lanzoui.com.w.kunlungr.com A 114.80.187.102 |
|
s95.cnzz.com | ||
v1.cnzz.com |
CNAME all.cnzz.com.danuoyi.tbcache.com A 222.188.8.250 CNAME c.cnzz.com |
|
statics.woozooo.com |
A 183.6.231.204 CNAME statics.woozooo.com.w.cdngslb.com |
|
z4.cnzz.com |
CNAME z.cnzz.com CNAME z.gds.cnzz.com A 203.119.216.75 |
|
c.cnzz.com | ||
cnzz.mmstat.com |
A 140.205.33.11 CNAME gm.gds.mmstat.com CNAME gm.mmstat.com |
|
hzs2.cnzz.com | CNAME z6.cnzz.com | |
hm.woozooo.com | A 120.27.232.100 | |
acroipm.adobe.com |
CNAME acroipm.adobe.com.edgesuite.net CNAME a1983.dscd.akamai.net A 104.75.169.10 A 104.75.169.8 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49170 | 104.75.169.10 acroipm.adobe.com | 80 |
192.168.122.201 | 49159 | 114.80.187.102 wwa.lanzoui.com | 443 |
192.168.122.201 | 49165 | 114.80.187.102 wwa.lanzoui.com | 443 |
192.168.122.201 | 49169 | 120.27.232.100 hm.woozooo.com | 443 |
192.168.122.201 | 49166 | 140.205.33.11 cnzz.mmstat.com | 443 |
192.168.122.201 | 49168 | 140.205.33.11 cnzz.mmstat.com | 443 |
192.168.122.201 | 49160 | 183.6.231.204 statics.woozooo.com | 443 |
192.168.122.201 | 49164 | 203.119.216.75 z4.cnzz.com | 443 |
192.168.122.201 | 49167 | 203.119.216.75 z4.cnzz.com | 443 |
192.168.122.201 | 49161 | 222.188.8.250 v1.cnzz.com | 443 |
192.168.122.201 | 49162 | 222.188.8.250 v1.cnzz.com | 443 |
192.168.122.201 | 49163 | 222.188.8.250 v1.cnzz.com | 443 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49532 | 192.168.122.1 | 53 |
192.168.122.201 | 52179 | 192.168.122.1 | 53 |
192.168.122.201 | 52207 | 192.168.122.1 | 53 |
192.168.122.201 | 53125 | 192.168.122.1 | 53 |
192.168.122.201 | 56270 | 192.168.122.1 | 53 |
192.168.122.201 | 59401 | 192.168.122.1 | 53 |
192.168.122.201 | 59906 | 192.168.122.1 | 53 |
192.168.122.201 | 60465 | 192.168.122.1 | 53 |
192.168.122.201 | 65178 | 192.168.122.1 | 53 |
192.168.122.201 | 65179 | 192.168.122.1 | 53 |
URI | HTTP数据 |
---|---|
URL专业沙箱检测 -> http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip | GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1 Accept: */* If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT User-Agent: IPM Host: acroipm.adobe.com Connection: Keep-Alive Cache-Control: no-cache |
无SMTP流量.
无IRC请求.
无ICMP流量.
无 CIF 结果
无警报
Timestamp | Source IP | Source Port | Destination IP | Destination Port | Version | Issuer | Subject | Fingerprint |
---|---|---|---|---|---|---|---|---|
2021-06-18 22:12:19.033376+0800 | 192.168.122.201 | 49159 | 114.80.187.102 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G2 | CN=*.lanzoui.com | d1:7a:6f:b5:77:df:e3:2b:dd:d9:0d:7b:e3:d4:63:2c:e6:c6:44:09 |
2021-06-18 22:12:19.569898+0800 | 192.168.122.201 | 49162 | 222.188.8.250 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.cnzz.com | 79:58:35:0e:31:d2:98:03:51:0c:9b:c1:52:dc:09:26:c7:fd:40:0f |
2021-06-18 22:12:19.569522+0800 | 192.168.122.201 | 49161 | 222.188.8.250 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.cnzz.com | 79:58:35:0e:31:d2:98:03:51:0c:9b:c1:52:dc:09:26:c7:fd:40:0f |
2021-06-18 22:12:19.736207+0800 | 192.168.122.201 | 49163 | 222.188.8.250 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.cnzz.com | 79:58:35:0e:31:d2:98:03:51:0c:9b:c1:52:dc:09:26:c7:fd:40:0f |
2021-06-18 22:12:19.627341+0800 | 192.168.122.201 | 49160 | 183.6.231.204 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G2 | CN=*.woozooo.com | b0:b2:01:02:3b:96:a0:01:b7:ba:5d:44:21:48:1a:35:fa:87:81:36 |
2021-06-18 22:12:19.790198+0800 | 192.168.122.201 | 49164 | 203.119.216.75 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.cnzz.com | 79:58:35:0e:31:d2:98:03:51:0c:9b:c1:52:dc:09:26:c7:fd:40:0f |
2021-06-18 22:12:20.136407+0800 | 192.168.122.201 | 49166 | 140.205.33.11 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.mmstat.com | 1c:32:2c:16:1b:08:b7:c6:0a:0e:fd:4e:76:f6:1a:cf:d3:05:e6:d1 |
2021-06-18 22:12:20.248102+0800 | 192.168.122.201 | 49168 | 140.205.33.11 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.mmstat.com | 1c:32:2c:16:1b:08:b7:c6:0a:0e:fd:4e:76:f6:1a:cf:d3:05:e6:d1 |
2021-06-18 22:12:20.212785+0800 | 192.168.122.201 | 49167 | 203.119.216.75 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.cnzz.com | 79:58:35:0e:31:d2:98:03:51:0c:9b:c1:52:dc:09:26:c7:fd:40:0f |
2021-06-18 22:12:20.306030+0800 | 192.168.122.201 | 49169 | 120.27.232.100 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G2 | CN=*.woozooo.com | b0:b2:01:02:3b:96:a0:01:b7:ba:5d:44:21:48:1a:35:fa:87:81:36 |
No Suricata HTTP
HTML 总结报告 (需15-60分钟同步) |
下载 |
---|
Task ID | 641029 |
---|---|
Mongo ID | 60ccaa447e769a1c5970fac3 |
Cuckoo release | 1.4-Maldun |