分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
---|---|---|---|---|
URL | win7-sp1-x64-shaapp03-1 | 2021-12-05 01:30:48 | 2021-12-05 01:32:55 | 127 秒 |
URL |
---|
URL专业沙箱检测 -> https://livr.jp/contents/P159006119 |
直接 | IP | 安全评级 | 地理位置 |
---|---|---|---|
否 | 104.16.19.94 | 未知 | 美国 |
否 | 113.108.239.233 | 未知 | 中国 |
否 | 13.225.174.78 | 未知 | 美国 |
否 | 13.226.235.29 | 未知 | 美国 |
否 | 13.226.237.116 | 未知 | 美国 |
否 | 13.32.54.49 | 未知 | 美国 |
否 | 180.163.150.161 | 未知 | 中国 |
否 | 203.208.40.66 | 未知 | 中国 |
否 | 61.114.177.151 | 未知 | 日本 |
否 | 61.164.119.121 | 未知 | 中国 |
Name: None Country: None State: None City: None ZIP Code: None Address: None Orginization: None Domain Name(s): None Creation Date: None Updated Date: None Expiration Date: None Email(s): None Registrar(s): None Name Server(s): None Referral URL(s): None
直接 | IP | 安全评级 | 地理位置 |
---|---|---|---|
否 | 104.16.19.94 | 未知 | 美国 |
否 | 113.108.239.233 | 未知 | 中国 |
否 | 13.225.174.78 | 未知 | 美国 |
否 | 13.226.235.29 | 未知 | 美国 |
否 | 13.226.237.116 | 未知 | 美国 |
否 | 13.32.54.49 | 未知 | 美国 |
否 | 180.163.150.161 | 未知 | 中国 |
否 | 203.208.40.66 | 未知 | 中国 |
否 | 61.114.177.151 | 未知 | 日本 |
否 | 61.164.119.121 | 未知 | 中国 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49162 | 104.16.19.94 cdnjs.cloudflare.com | 443 |
192.168.122.201 | 49161 | 113.108.239.233 www.googletagmanager.com | 443 |
192.168.122.201 | 49159 | 13.225.174.78 livr.jp | 443 |
192.168.122.201 | 49165 | 13.225.174.78 livr.jp | 443 |
192.168.122.201 | 49166 | 13.225.174.78 livr.jp | 443 |
192.168.122.201 | 49167 | 13.225.174.78 livr.jp | 443 |
192.168.122.201 | 49168 | 13.225.174.78 livr.jp | 443 |
192.168.122.201 | 49169 | 13.225.174.78 livr.jp | 443 |
192.168.122.201 | 49176 | 13.225.174.78 livr.jp | 443 |
192.168.122.201 | 49173 | 13.226.235.29 x.ss2.us | 80 |
192.168.122.201 | 49174 | 13.226.235.29 x.ss2.us | 80 |
192.168.122.201 | 49177 | 13.226.237.116 s.yjtag.jp | 443 |
192.168.122.201 | 49170 | 13.32.54.49 media.livr.jp | 443 |
192.168.122.201 | 49171 | 13.32.54.49 media.livr.jp | 443 |
192.168.122.201 | 49175 | 13.32.54.49 media.livr.jp | 443 |
192.168.122.201 | 49160 | 180.163.150.161 fonts.googleapis.com | 443 |
192.168.122.201 | 49164 | 203.208.40.66 fonts.gstatic.com | 443 |
192.168.122.201 | 49172 | 23.218.94.155 | 80 |
192.168.122.201 | 49178 | 61.114.177.151 repository.secomtrust.net | 80 |
192.168.122.201 | 49163 | 61.164.119.121 cdn.jsdelivr.net | 443 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49532 | 192.168.122.1 | 53 |
192.168.122.201 | 52179 | 192.168.122.1 | 53 |
192.168.122.201 | 52207 | 192.168.122.1 | 53 |
192.168.122.201 | 53125 | 192.168.122.1 | 53 |
192.168.122.201 | 56270 | 192.168.122.1 | 53 |
192.168.122.201 | 59401 | 192.168.122.1 | 53 |
192.168.122.201 | 59906 | 192.168.122.1 | 53 |
192.168.122.201 | 60465 | 192.168.122.1 | 53 |
192.168.122.201 | 61329 | 192.168.122.1 | 53 |
192.168.122.201 | 65178 | 192.168.122.1 | 53 |
192.168.122.201 | 65179 | 192.168.122.1 | 53 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49162 | 104.16.19.94 cdnjs.cloudflare.com | 443 |
192.168.122.201 | 49161 | 113.108.239.233 www.googletagmanager.com | 443 |
192.168.122.201 | 49159 | 13.225.174.78 livr.jp | 443 |
192.168.122.201 | 49165 | 13.225.174.78 livr.jp | 443 |
192.168.122.201 | 49166 | 13.225.174.78 livr.jp | 443 |
192.168.122.201 | 49167 | 13.225.174.78 livr.jp | 443 |
192.168.122.201 | 49168 | 13.225.174.78 livr.jp | 443 |
192.168.122.201 | 49169 | 13.225.174.78 livr.jp | 443 |
192.168.122.201 | 49176 | 13.225.174.78 livr.jp | 443 |
192.168.122.201 | 49173 | 13.226.235.29 x.ss2.us | 80 |
192.168.122.201 | 49174 | 13.226.235.29 x.ss2.us | 80 |
192.168.122.201 | 49177 | 13.226.237.116 s.yjtag.jp | 443 |
192.168.122.201 | 49170 | 13.32.54.49 media.livr.jp | 443 |
192.168.122.201 | 49171 | 13.32.54.49 media.livr.jp | 443 |
192.168.122.201 | 49175 | 13.32.54.49 media.livr.jp | 443 |
192.168.122.201 | 49160 | 180.163.150.161 fonts.googleapis.com | 443 |
192.168.122.201 | 49164 | 203.208.40.66 fonts.gstatic.com | 443 |
192.168.122.201 | 49172 | 23.218.94.155 | 80 |
192.168.122.201 | 49178 | 61.114.177.151 repository.secomtrust.net | 80 |
192.168.122.201 | 49163 | 61.164.119.121 cdn.jsdelivr.net | 443 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49532 | 192.168.122.1 | 53 |
192.168.122.201 | 52179 | 192.168.122.1 | 53 |
192.168.122.201 | 52207 | 192.168.122.1 | 53 |
192.168.122.201 | 53125 | 192.168.122.1 | 53 |
192.168.122.201 | 56270 | 192.168.122.1 | 53 |
192.168.122.201 | 59401 | 192.168.122.1 | 53 |
192.168.122.201 | 59906 | 192.168.122.1 | 53 |
192.168.122.201 | 60465 | 192.168.122.1 | 53 |
192.168.122.201 | 61329 | 192.168.122.1 | 53 |
192.168.122.201 | 65178 | 192.168.122.1 | 53 |
192.168.122.201 | 65179 | 192.168.122.1 | 53 |
URI | HTTP数据 |
---|---|
URL专业沙箱检测 -> http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip | GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1 Accept: */* If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT User-Agent: IPM Host: acroipm.adobe.com Connection: Keep-Alive Cache-Control: no-cache |
URL专业沙箱检测 -> http://x.ss2.us/x.cer | GET /x.cer HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: x.ss2.us |
URL专业沙箱检测 -> http://repository.secomtrust.net/SC-Root2/SCRoot2ca.cer | GET /SC-Root2/SCRoot2ca.cer HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: repository.secomtrust.net |
无SMTP流量.
无IRC请求.
无ICMP流量.
无 CIF 结果
无警报
Timestamp | Source IP | Source Port | Destination IP | Destination Port | Version | Issuer | Subject | Fingerprint |
---|---|---|---|---|---|---|---|---|
2021-12-05 01:31:11.316302+0800 | 192.168.122.201 | 49164 | 203.208.40.66 | 443 | TLS 1.2 | C=US, O=Google Trust Services LLC, CN=GTS CA 1C3 | CN=*.gstatic.com | e9:ec:b0:5c:f1:88:78:5d:9d:24:04:de:04:a7:f3:5e:33:a0:8b:0c |
2021-12-05 01:31:10.953135+0800 | 192.168.122.201 | 49162 | 104.16.19.94 | 443 | TLS 1.2 | C=US, O=Cloudflare, Inc., CN=Cloudflare Inc ECC CA-3 | C=US, ST=California, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com | 5d:cd:ff:cf:d5:e1:23:21:56:30:e7:79:d0:2c:e0:5b:7d:4e:34:ce |
2021-12-05 01:31:10.724046+0800 | 192.168.122.201 | 49160 | 180.163.150.161 | 443 | TLS 1.2 | C=US, O=Google Trust Services LLC, CN=GTS CA 1C3 | CN=upload.video.google.com | 68:db:23:67:82:7a:3d:3a:3d:68:e1:7b:dd:8e:49:36:fb:46:8b:b8 |
2021-12-05 01:31:10.779591+0800 | 192.168.122.201 | 49161 | 113.108.239.233 | 443 | TLS 1.2 | C=US, O=Google Trust Services LLC, CN=GTS CA 1C3 | CN=*.google-analytics.com | 46:9f:a6:8f:d4:0c:51:2c:3d:40:b7:40:b5:fe:3d:5f:cc:4c:2c:98 |
2021-12-05 01:31:12.755430+0800 | 192.168.122.201 | 49175 | 13.32.54.49 | 443 | TLS 1.2 | C=US, O=Amazon, OU=Server CA 1B, CN=Amazon | CN=livr.jp | 20:d9:24:40:2d:b6:d1:86:2a:67:7b:41:f3:5d:18:50:8b:33:36:31 |
2021-12-05 01:31:09.360149+0800 | 192.168.122.201 | 49159 | 13.225.174.78 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Extended Validation CA - SHA256 - G3 | unknown=Private Organization, serialNumber=010401052465, unknown=JP, C=JP, ST=Tokyo, L=Minato-ku, unknown=1-9-1 Higashi-shimbashi, OU=Business Development Office, O=SoftBank Corp., CN=livr.jp | 0d:2c:b7:68:47:ba:c9:b1:bb:ca:6e:a9:d8:47:18:94:8a:2f:3a:3e |
2021-12-05 01:31:11.590407+0800 | 192.168.122.201 | 49170 | 13.32.54.49 | 443 | TLS 1.2 | C=US, O=Amazon, OU=Server CA 1B, CN=Amazon | CN=livr.jp | 20:d9:24:40:2d:b6:d1:86:2a:67:7b:41:f3:5d:18:50:8b:33:36:31 |
2021-12-05 01:31:12.790864+0800 | 192.168.122.201 | 49176 | 13.225.174.78 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Extended Validation CA - SHA256 - G3 | unknown=Private Organization, serialNumber=010401052465, unknown=JP, C=JP, ST=Tokyo, L=Minato-ku, unknown=1-9-1 Higashi-shimbashi, OU=Business Development Office, O=SoftBank Corp., CN=livr.jp | 0d:2c:b7:68:47:ba:c9:b1:bb:ca:6e:a9:d8:47:18:94:8a:2f:3a:3e |
2021-12-05 01:31:11.445807+0800 | 192.168.122.201 | 49169 | 13.225.174.78 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Extended Validation CA - SHA256 - G3 | unknown=Private Organization, serialNumber=010401052465, unknown=JP, C=JP, ST=Tokyo, L=Minato-ku, unknown=1-9-1 Higashi-shimbashi, OU=Business Development Office, O=SoftBank Corp., CN=livr.jp | 0d:2c:b7:68:47:ba:c9:b1:bb:ca:6e:a9:d8:47:18:94:8a:2f:3a:3e |
2021-12-05 01:31:10.745306+0800 | 192.168.122.201 | 49163 | 61.164.119.121 | 443 | TLS 1.2 | C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA | CN=cdn.jsdelivr.net | 9f:25:8c:50:0f:02:f0:ed:7f:66:29:e4:eb:90:e6:b0:24:18:2f:80 |
2021-12-05 01:31:11.433463+0800 | 192.168.122.201 | 49168 | 13.225.174.78 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Extended Validation CA - SHA256 - G3 | unknown=Private Organization, serialNumber=010401052465, unknown=JP, C=JP, ST=Tokyo, L=Minato-ku, unknown=1-9-1 Higashi-shimbashi, OU=Business Development Office, O=SoftBank Corp., CN=livr.jp | 0d:2c:b7:68:47:ba:c9:b1:bb:ca:6e:a9:d8:47:18:94:8a:2f:3a:3e |
2021-12-05 01:31:11.605012+0800 | 192.168.122.201 | 49171 | 13.32.54.49 | 443 | TLS 1.2 | C=US, O=Amazon, OU=Server CA 1B, CN=Amazon | CN=livr.jp | 20:d9:24:40:2d:b6:d1:86:2a:67:7b:41:f3:5d:18:50:8b:33:36:31 |
2021-12-05 01:31:11.422138+0800 | 192.168.122.201 | 49166 | 13.225.174.78 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Extended Validation CA - SHA256 - G3 | unknown=Private Organization, serialNumber=010401052465, unknown=JP, C=JP, ST=Tokyo, L=Minato-ku, unknown=1-9-1 Higashi-shimbashi, OU=Business Development Office, O=SoftBank Corp., CN=livr.jp | 0d:2c:b7:68:47:ba:c9:b1:bb:ca:6e:a9:d8:47:18:94:8a:2f:3a:3e |
2021-12-05 01:31:11.449416+0800 | 192.168.122.201 | 49167 | 13.225.174.78 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Extended Validation CA - SHA256 - G3 | unknown=Private Organization, serialNumber=010401052465, unknown=JP, C=JP, ST=Tokyo, L=Minato-ku, unknown=1-9-1 Higashi-shimbashi, OU=Business Development Office, O=SoftBank Corp., CN=livr.jp | 0d:2c:b7:68:47:ba:c9:b1:bb:ca:6e:a9:d8:47:18:94:8a:2f:3a:3e |
2021-12-05 01:31:13.305613+0800 | 192.168.122.201 | 49177 | 13.226.237.116 | 443 | TLS 1.2 | C=JP, O=Cybertrust Japan Co., Ltd., CN=Cybertrust Japan SureServer CA G4 | C=JP, ST=Tokyo, L=Chiyoda-ku, O=Yahoo Japan Corporation, CN=*.tgm.yahoo-net.jp | 1a:6b:4b:e6:ae:bf:f7:e7:9e:21:19:02:90:37:ac:17:96:b2:b5:41 |
2021-12-05 01:31:11.456857+0800 | 192.168.122.201 | 49165 | 13.225.174.78 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Extended Validation CA - SHA256 - G3 | unknown=Private Organization, serialNumber=010401052465, unknown=JP, C=JP, ST=Tokyo, L=Minato-ku, unknown=1-9-1 Higashi-shimbashi, OU=Business Development Office, O=SoftBank Corp., CN=livr.jp | 0d:2c:b7:68:47:ba:c9:b1:bb:ca:6e:a9:d8:47:18:94:8a:2f:3a:3e |
No Suricata HTTP
HTML 总结报告 (需15-60分钟同步) |
下载 |
---|
Task ID | 667897 |
---|---|
Mongo ID | 61aba66c7e769a79ac101079 |
Cuckoo release | 1.4-Maldun |