分析任务
| 分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
|---|---|---|---|---|
| URL | win7-sp1-x64-shaapp03-1 | 2021-12-05 22:18:12 | 2021-12-05 22:20:18 | 126 秒 |
魔盾分数
0.325
正常的
URL详细信息
| URL |
|---|
| URL专业沙箱检测 -> https://www.dyg5.com/ |
登录查看威胁特征
运行截图
访问主机纪录 (可点击查询WPING实时安全评级)
| 直接 | IP | 安全评级 | 地理位置 |
|---|---|---|---|
| 否 | 104.16.121.183 | 未知 | 美国 |
| 否 | 104.208.16.94 | 未知 | 美国 |
| 否 | 106.11.43.154 | 未知 | 中国 |
| 否 | 117.21.230.243 | 未知 | 中国 |
| 否 | 119.96.89.121 | 未知 | 中国 |
| 否 | 183.61.166.4 | 未知 | 中国 |
| 否 | 220.181.33.11 | 中国 | |
| 否 | 59.63.235.44 | 中国 | |
| 否 | 59.82.33.227 | 未知 | 中国 |
域名解析 (可点击查询WPING实时安全评级)
| 域名 | 安全评级 | 响应 |
|---|---|---|
| www.dyg5.com | 未知 |
A 104.16.121.183 CNAME www.haochi6.com |
| cdn.staticfile.org |
CNAME iduwdjf.qiniudns.com A 117.21.230.240 A 117.21.230.241 A 117.21.230.243 A 117.21.230.239 A 117.21.230.238 A 117.21.230.244 CNAME importantglobalcdnweb.qiniu.com.w.cdngslb.com A 117.21.230.248 A 117.21.230.242 |
|
| hm.baidu.com |
CNAME hm.e.shifen.com A 220.181.33.11 |
|
| img.dyg5.com | 未知 | |
| pc.stgowan.com | 未知 |
A 58.49.224.12 A 122.228.0.169 CNAME aojxxqus.slt.sched.tdnsv8.com CNAME pc.stgowan.com.cdn.dnsv1.com A 115.238.197.14 A 59.63.235.44 A 122.228.0.157 A 114.106.160.20 |
| s9.cnzz.com |
CNAME all.cnzz.com.danuoyi.tbcache.com CNAME c.cnzz.com A 119.96.89.121 |
|
| p.51gowan.com | 未知 |
A 183.61.166.4 A 183.61.244.138 A 121.12.118.131 |
| c.cnzz.com | ||
| z12.cnzz.com |
A 106.11.43.154 CNAME z.cnzz.com CNAME z.gds.cnzz.com |
|
| cnzz.mmstat.com |
A 59.82.33.227 CNAME gm.gds.mmstat.com CNAME gm.mmstat.com |
|
| watson.microsoft.com |
CNAME blobcollector.events.data.trafficmanager.net CNAME onedsblobprdcus16.centralus.cloudapp.azure.com A 104.208.16.94 |
摘要
登录查看详细行为信息WHOIS 信息
Name: Domain Administrator
Country: US
State: AZ
City: Phoenix
ZIP Code: 85016
Address: 1928 E. Highland Ave. Ste F104 PMB# 255
Orginization: See PrivacyGuardian.org
Domain Name(s):
DYG5.COM
dyg5.com
Creation Date:
2018-03-12 19:18:42
2018-03-12 07:00:00
Updated Date:
2021-11-02 21:49:14
2021-11-14 07:00:00
Expiration Date:
2022-03-12 19:18:42
2022-03-12 07:00:00
Email(s):
abuse@namesilo.com
pw-68a314015ca380778eea7f2248d4f83b@privacyguardian.org
Registrar(s):
NameSilo, LLC
Name Server(s):
NS1.ALIDNS.COM
NS2.ALIDNS.COM
ns1.alidns.com
ns2.alidns.com
Referral URL(s):
None
访问主机纪录 (可点击查询WPING实时安全评级)
| 直接 | IP | 安全评级 | 地理位置 |
|---|---|---|---|
| 否 | 104.16.121.183 | 未知 | 美国 |
| 否 | 104.208.16.94 | 未知 | 美国 |
| 否 | 106.11.43.154 | 未知 | 中国 |
| 否 | 117.21.230.243 | 未知 | 中国 |
| 否 | 119.96.89.121 | 未知 | 中国 |
| 否 | 183.61.166.4 | 未知 | 中国 |
| 否 | 220.181.33.11 | 中国 | |
| 否 | 59.63.235.44 | 中国 | |
| 否 | 59.82.33.227 | 未知 | 中国 |
TCP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 49159 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49160 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49161 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49162 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49165 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49166 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49167 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49168 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49169 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49170 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49171 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49172 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49176 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49177 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49178 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49179 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49180 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49182 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49183 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49184 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49185 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49188 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49190 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49191 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49198 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49199 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49200 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49205 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49195 | 106.11.43.154 z12.cnzz.com | 443 |
| 192.168.122.201 | 49213 | 106.11.43.154 z12.cnzz.com | 443 |
| 192.168.122.201 | 49163 | 117.21.230.243 cdn.staticfile.org | 443 |
| 192.168.122.201 | 49201 | 117.21.230.243 cdn.staticfile.org | 443 |
| 192.168.122.201 | 49202 | 117.21.230.243 cdn.staticfile.org | 443 |
| 192.168.122.201 | 49203 | 117.21.230.243 cdn.staticfile.org | 443 |
| 192.168.122.201 | 49189 | 119.96.89.121 s9.cnzz.com | 443 |
| 192.168.122.201 | 49194 | 119.96.89.121 s9.cnzz.com | 443 |
| 192.168.122.201 | 49211 | 119.96.89.121 s9.cnzz.com | 443 |
| 192.168.122.201 | 49212 | 119.96.89.121 s9.cnzz.com | 443 |
| 192.168.122.201 | 49192 | 183.61.166.4 p.51gowan.com | 443 |
| 192.168.122.201 | 49193 | 183.61.166.4 p.51gowan.com | 443 |
| 192.168.122.201 | 49209 | 183.61.166.4 p.51gowan.com | 443 |
| 192.168.122.201 | 49210 | 183.61.166.4 p.51gowan.com | 443 |
| 192.168.122.201 | 49164 | 220.181.33.11 hm.baidu.com | 443 |
| 192.168.122.201 | 49181 | 220.181.33.11 hm.baidu.com | 443 |
| 192.168.122.201 | 49204 | 220.181.33.11 hm.baidu.com | 443 |
| 192.168.122.201 | 49175 | 23.218.94.155 | 80 |
| 192.168.122.201 | 49173 | 59.63.235.44 pc.stgowan.com | 443 |
| 192.168.122.201 | 49174 | 59.63.235.44 pc.stgowan.com | 443 |
| 192.168.122.201 | 49186 | 59.63.235.44 pc.stgowan.com | 443 |
| 192.168.122.201 | 49187 | 59.63.235.44 pc.stgowan.com | 443 |
| 192.168.122.201 | 49206 | 59.63.235.44 pc.stgowan.com | 443 |
| 192.168.122.201 | 49207 | 59.63.235.44 pc.stgowan.com | 443 |
| 192.168.122.201 | 49197 | 59.82.33.227 cnzz.mmstat.com | 443 |
| 192.168.122.201 | 49214 | 59.82.33.227 cnzz.mmstat.com | 443 |
UDP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 49532 | 192.168.122.1 | 53 |
| 192.168.122.201 | 52179 | 192.168.122.1 | 53 |
| 192.168.122.201 | 52207 | 192.168.122.1 | 53 |
| 192.168.122.201 | 53125 | 192.168.122.1 | 53 |
| 192.168.122.201 | 56270 | 192.168.122.1 | 53 |
| 192.168.122.201 | 59401 | 192.168.122.1 | 53 |
| 192.168.122.201 | 59906 | 192.168.122.1 | 53 |
| 192.168.122.201 | 60465 | 192.168.122.1 | 53 |
| 192.168.122.201 | 60919 | 192.168.122.1 | 53 |
| 192.168.122.201 | 61329 | 192.168.122.1 | 53 |
| 192.168.122.201 | 65178 | 192.168.122.1 | 53 |
| 192.168.122.201 | 65179 | 192.168.122.1 | 53 |
域名解析 (可点击查询WPING实时安全评级)
| 域名 | 安全评级 | 响应 |
|---|---|---|
| www.dyg5.com | 未知 |
A 104.16.121.183 CNAME www.haochi6.com |
| cdn.staticfile.org |
CNAME iduwdjf.qiniudns.com A 117.21.230.240 A 117.21.230.241 A 117.21.230.243 A 117.21.230.239 A 117.21.230.238 A 117.21.230.244 CNAME importantglobalcdnweb.qiniu.com.w.cdngslb.com A 117.21.230.248 A 117.21.230.242 |
|
| hm.baidu.com |
CNAME hm.e.shifen.com A 220.181.33.11 |
|
| img.dyg5.com | 未知 | |
| pc.stgowan.com | 未知 |
A 58.49.224.12 A 122.228.0.169 CNAME aojxxqus.slt.sched.tdnsv8.com CNAME pc.stgowan.com.cdn.dnsv1.com A 115.238.197.14 A 59.63.235.44 A 122.228.0.157 A 114.106.160.20 |
| s9.cnzz.com |
CNAME all.cnzz.com.danuoyi.tbcache.com CNAME c.cnzz.com A 119.96.89.121 |
|
| p.51gowan.com | 未知 |
A 183.61.166.4 A 183.61.244.138 A 121.12.118.131 |
| c.cnzz.com | ||
| z12.cnzz.com |
A 106.11.43.154 CNAME z.cnzz.com CNAME z.gds.cnzz.com |
|
| cnzz.mmstat.com |
A 59.82.33.227 CNAME gm.gds.mmstat.com CNAME gm.mmstat.com |
|
| watson.microsoft.com |
CNAME blobcollector.events.data.trafficmanager.net CNAME onedsblobprdcus16.centralus.cloudapp.azure.com A 104.208.16.94 |
TCP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 49159 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49160 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49161 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49162 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49165 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49166 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49167 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49168 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49169 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49170 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49171 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49172 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49176 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49177 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49178 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49179 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49180 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49182 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49183 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49184 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49185 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49188 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49190 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49191 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49198 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49199 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49200 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49205 | 104.16.121.183 www.dyg5.com | 443 |
| 192.168.122.201 | 49195 | 106.11.43.154 z12.cnzz.com | 443 |
| 192.168.122.201 | 49213 | 106.11.43.154 z12.cnzz.com | 443 |
| 192.168.122.201 | 49163 | 117.21.230.243 cdn.staticfile.org | 443 |
| 192.168.122.201 | 49201 | 117.21.230.243 cdn.staticfile.org | 443 |
| 192.168.122.201 | 49202 | 117.21.230.243 cdn.staticfile.org | 443 |
| 192.168.122.201 | 49203 | 117.21.230.243 cdn.staticfile.org | 443 |
| 192.168.122.201 | 49189 | 119.96.89.121 s9.cnzz.com | 443 |
| 192.168.122.201 | 49194 | 119.96.89.121 s9.cnzz.com | 443 |
| 192.168.122.201 | 49211 | 119.96.89.121 s9.cnzz.com | 443 |
| 192.168.122.201 | 49212 | 119.96.89.121 s9.cnzz.com | 443 |
| 192.168.122.201 | 49192 | 183.61.166.4 p.51gowan.com | 443 |
| 192.168.122.201 | 49193 | 183.61.166.4 p.51gowan.com | 443 |
| 192.168.122.201 | 49209 | 183.61.166.4 p.51gowan.com | 443 |
| 192.168.122.201 | 49210 | 183.61.166.4 p.51gowan.com | 443 |
| 192.168.122.201 | 49164 | 220.181.33.11 hm.baidu.com | 443 |
| 192.168.122.201 | 49181 | 220.181.33.11 hm.baidu.com | 443 |
| 192.168.122.201 | 49204 | 220.181.33.11 hm.baidu.com | 443 |
| 192.168.122.201 | 49175 | 23.218.94.155 | 80 |
| 192.168.122.201 | 49173 | 59.63.235.44 pc.stgowan.com | 443 |
| 192.168.122.201 | 49174 | 59.63.235.44 pc.stgowan.com | 443 |
| 192.168.122.201 | 49186 | 59.63.235.44 pc.stgowan.com | 443 |
| 192.168.122.201 | 49187 | 59.63.235.44 pc.stgowan.com | 443 |
| 192.168.122.201 | 49206 | 59.63.235.44 pc.stgowan.com | 443 |
| 192.168.122.201 | 49207 | 59.63.235.44 pc.stgowan.com | 443 |
| 192.168.122.201 | 49197 | 59.82.33.227 cnzz.mmstat.com | 443 |
| 192.168.122.201 | 49214 | 59.82.33.227 cnzz.mmstat.com | 443 |
UDP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 49532 | 192.168.122.1 | 53 |
| 192.168.122.201 | 52179 | 192.168.122.1 | 53 |
| 192.168.122.201 | 52207 | 192.168.122.1 | 53 |
| 192.168.122.201 | 53125 | 192.168.122.1 | 53 |
| 192.168.122.201 | 56270 | 192.168.122.1 | 53 |
| 192.168.122.201 | 59401 | 192.168.122.1 | 53 |
| 192.168.122.201 | 59906 | 192.168.122.1 | 53 |
| 192.168.122.201 | 60465 | 192.168.122.1 | 53 |
| 192.168.122.201 | 60919 | 192.168.122.1 | 53 |
| 192.168.122.201 | 61329 | 192.168.122.1 | 53 |
| 192.168.122.201 | 65178 | 192.168.122.1 | 53 |
| 192.168.122.201 | 65179 | 192.168.122.1 | 53 |
HTTP 请求
| URI | HTTP数据 |
|---|---|
| URL专业沙箱检测 -> http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip | GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1 Accept: */* If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT User-Agent: IPM Host: acroipm.adobe.com Connection: Keep-Alive Cache-Control: no-cache |
SMTP 流量
无SMTP流量.
IRC 流量
无IRC请求.
ICMP 流量
无ICMP流量.
CIF 报告
无 CIF 结果
网络警报
无警报
TLS
| Timestamp | Source IP | Source Port | Destination IP | Destination Port | Version | Issuer | Subject | Fingerprint |
|---|---|---|---|---|---|---|---|---|
| 2021-12-05 22:18:33.860922+0800 | 192.168.122.201 | 49159 | 104.16.121.183 | 443 | TLS 1.2 | C=US, O=Cloudflare, Inc., CN=Cloudflare Inc ECC CA-3 | C=US, ST=California, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com | 1e:64:a4:26:c6:65:c4:2f:c2:47:60:1b:9e:6d:5a:a0:27:17:f3:f7 |
| 2021-12-05 22:18:35.583532+0800 | 192.168.122.201 | 49173 | 59.63.235.44 | 443 | TLS 1.2 | C=CN, O=TrustAsia Technologies, Inc., OU=Domain Validated SSL, CN=TrustAsia TLS RSA CA | CN=pc.stgowan.com | ec:c2:de:ec:a2:84:b6:01:53:c9:f1:c5:65:c5:d9:19:ec:6d:fd:cc |
| 2021-12-05 22:18:35.806775+0800 | 192.168.122.201 | 49166 | 104.16.121.183 | 443 | TLS 1.2 | C=US, O=Cloudflare, Inc., CN=Cloudflare Inc ECC CA-3 | C=US, ST=California, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com | fd:93:8f:21:b3:d9:4a:03:b3:d2:65:f8:67:e7:e1:90:32:6f:29:7b |
| 2021-12-05 22:18:35.810334+0800 | 192.168.122.201 | 49168 | 104.16.121.183 | 443 | TLS 1.2 | C=US, O=Cloudflare, Inc., CN=Cloudflare Inc ECC CA-3 | C=US, ST=California, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com | fd:93:8f:21:b3:d9:4a:03:b3:d2:65:f8:67:e7:e1:90:32:6f:29:7b |
| 2021-12-05 22:18:35.836597+0800 | 192.168.122.201 | 49171 | 104.16.121.183 | 443 | TLS 1.2 | C=US, O=Cloudflare, Inc., CN=Cloudflare Inc ECC CA-3 | C=US, ST=California, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com | fd:93:8f:21:b3:d9:4a:03:b3:d2:65:f8:67:e7:e1:90:32:6f:29:7b |
| 2021-12-05 22:18:34.702334+0800 | 192.168.122.201 | 49163 | 117.21.230.243 | 443 | TLS 1.2 | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=GeoTrust CN RSA CA G1 | C=CN, ST=上海市, O=上海七牛信息技术有限公司, OU=技术部, CN=*.staticfile.org | ce:11:f9:4c:4f:a8:9a:0d:bc:fa:34:bb:5f:64:6a:b9:7f:9f:2f:1a |
| 2021-12-05 22:18:35.804170+0800 | 192.168.122.201 | 49170 | 104.16.121.183 | 443 | TLS 1.2 | C=US, O=Cloudflare, Inc., CN=Cloudflare Inc ECC CA-3 | C=US, ST=California, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com | fd:93:8f:21:b3:d9:4a:03:b3:d2:65:f8:67:e7:e1:90:32:6f:29:7b |
| 2021-12-05 22:18:36.108011+0800 | 192.168.122.201 | 49169 | 104.16.121.183 | 443 | TLS 1.2 | C=US, O=Cloudflare, Inc., CN=Cloudflare Inc ECC CA-3 | C=US, ST=California, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com | fd:93:8f:21:b3:d9:4a:03:b3:d2:65:f8:67:e7:e1:90:32:6f:29:7b |
| 2021-12-05 22:18:35.567407+0800 | 192.168.122.201 | 49164 | 220.181.33.11 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=beijing, L=beijing, OU=service operation department, O=Beijing Baidu Netcom Science Technology Co., Ltd, CN=baidu.com | be:76:05:a3:b7:2b:60:fc:aa:6c:58:b6:89:6b:9e:2e:74:42:ec:50 |
| 2021-12-05 22:18:35.595596+0800 | 192.168.122.201 | 49174 | 59.63.235.44 | 443 | TLS 1.2 | C=CN, O=TrustAsia Technologies, Inc., OU=Domain Validated SSL, CN=TrustAsia TLS RSA CA | CN=pc.stgowan.com | ec:c2:de:ec:a2:84:b6:01:53:c9:f1:c5:65:c5:d9:19:ec:6d:fd:cc |
| 2021-12-05 22:18:35.809186+0800 | 192.168.122.201 | 49167 | 104.16.121.183 | 443 | TLS 1.2 | C=US, O=Cloudflare, Inc., CN=Cloudflare Inc ECC CA-3 | C=US, ST=California, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com | fd:93:8f:21:b3:d9:4a:03:b3:d2:65:f8:67:e7:e1:90:32:6f:29:7b |
| 2021-12-05 22:18:37.273841+0800 | 192.168.122.201 | 49193 | 183.61.166.4 | 443 | TLS 1.2 | C=CN, O=TrustAsia Technologies, Inc., OU=Domain Validated SSL, CN=TrustAsia TLS RSA CA | CN=p.51gowan.com | 73:e8:df:42:97:44:5b:a0:93:a3:66:9d:f2:4c:9b:a3:76:1e:0c:21 |
| 2021-12-05 22:18:37.354965+0800 | 192.168.122.201 | 49194 | 119.96.89.121 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.cnzz.com | 79:58:35:0e:31:d2:98:03:51:0c:9b:c1:52:dc:09:26:c7:fd:40:0f |
| 2021-12-05 22:18:37.404439+0800 | 192.168.122.201 | 49195 | 106.11.43.154 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.cnzz.com | 79:58:35:0e:31:d2:98:03:51:0c:9b:c1:52:dc:09:26:c7:fd:40:0f |
| 2021-12-05 22:18:37.122265+0800 | 192.168.122.201 | 49189 | 119.96.89.121 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.cnzz.com | 79:58:35:0e:31:d2:98:03:51:0c:9b:c1:52:dc:09:26:c7:fd:40:0f |
| 2021-12-05 22:18:37.272336+0800 | 192.168.122.201 | 49192 | 183.61.166.4 | 443 | TLS 1.2 | C=CN, O=TrustAsia Technologies, Inc., OU=Domain Validated SSL, CN=TrustAsia TLS RSA CA | CN=p.51gowan.com | 73:e8:df:42:97:44:5b:a0:93:a3:66:9d:f2:4c:9b:a3:76:1e:0c:21 |
| 2021-12-05 22:18:41.929443+0800 | 192.168.122.201 | 49202 | 117.21.230.243 | 443 | TLS 1.2 | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=GeoTrust CN RSA CA G1 | C=CN, ST=上海市, O=上海七牛信息技术有限公司, OU=技术部, CN=*.staticfile.org | ce:11:f9:4c:4f:a8:9a:0d:bc:fa:34:bb:5f:64:6a:b9:7f:9f:2f:1a |
| 2021-12-05 22:18:41.947384+0800 | 192.168.122.201 | 49201 | 117.21.230.243 | 443 | TLS 1.2 | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=GeoTrust CN RSA CA G1 | C=CN, ST=上海市, O=上海七牛信息技术有限公司, OU=技术部, CN=*.staticfile.org | ce:11:f9:4c:4f:a8:9a:0d:bc:fa:34:bb:5f:64:6a:b9:7f:9f:2f:1a |
| 2021-12-05 22:18:42.077265+0800 | 192.168.122.201 | 49203 | 117.21.230.243 | 443 | TLS 1.2 | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=GeoTrust CN RSA CA G1 | C=CN, ST=上海市, O=上海七牛信息技术有限公司, OU=技术部, CN=*.staticfile.org | ce:11:f9:4c:4f:a8:9a:0d:bc:fa:34:bb:5f:64:6a:b9:7f:9f:2f:1a |
| 2021-12-05 22:18:37.628796+0800 | 192.168.122.201 | 49197 | 59.82.33.227 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.mmstat.com | 07:23:83:52:48:6f:6b:23:e1:b6:ed:e2:b8:73:a5:81:65:97:0d:3e |
| 2021-12-05 22:18:40.552344+0800 | 192.168.122.201 | 49199 | 104.16.121.183 | 443 | TLS 1.2 | C=US, O=Cloudflare, Inc., CN=Cloudflare Inc ECC CA-3 | C=US, ST=California, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com | 1e:64:a4:26:c6:65:c4:2f:c2:47:60:1b:9e:6d:5a:a0:27:17:f3:f7 |
| 2021-12-05 22:18:37.919927+0800 | 192.168.122.201 | 49198 | 104.16.121.183 | 443 | TLS 1.2 | C=US, O=Cloudflare, Inc., CN=Cloudflare Inc ECC CA-3 | C=US, ST=California, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com | fd:93:8f:21:b3:d9:4a:03:b3:d2:65:f8:67:e7:e1:90:32:6f:29:7b |
| 2021-12-05 22:18:47.452532+0800 | 192.168.122.201 | 49213 | 106.11.43.154 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.cnzz.com | 79:58:35:0e:31:d2:98:03:51:0c:9b:c1:52:dc:09:26:c7:fd:40:0f |
| 2021-12-05 22:18:47.282759+0800 | 192.168.122.201 | 49211 | 119.96.89.121 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.cnzz.com | 79:58:35:0e:31:d2:98:03:51:0c:9b:c1:52:dc:09:26:c7:fd:40:0f |
| 2021-12-05 22:18:47.556113+0800 | 192.168.122.201 | 49214 | 59.82.33.227 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.mmstat.com | 07:23:83:52:48:6f:6b:23:e1:b6:ed:e2:b8:73:a5:81:65:97:0d:3e |
| 2021-12-05 22:18:47.426965+0800 | 192.168.122.201 | 49212 | 119.96.89.121 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.cnzz.com | 79:58:35:0e:31:d2:98:03:51:0c:9b:c1:52:dc:09:26:c7:fd:40:0f |
| 2021-12-05 22:18:42.939366+0800 | 192.168.122.201 | 49204 | 220.181.33.11 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=beijing, L=beijing, OU=service operation department, O=Beijing Baidu Netcom Science Technology Co., Ltd, CN=baidu.com | be:76:05:a3:b7:2b:60:fc:aa:6c:58:b6:89:6b:9e:2e:74:42:ec:50 |
| 2021-12-05 22:18:47.047428+0800 | 192.168.122.201 | 49205 | 104.16.121.183 | 443 | TLS 1.2 | C=US, O=Cloudflare, Inc., CN=Cloudflare Inc ECC CA-3 | C=US, ST=California, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com | fd:93:8f:21:b3:d9:4a:03:b3:d2:65:f8:67:e7:e1:90:32:6f:29:7b |
| 2021-12-05 22:18:46.920594+0800 | 192.168.122.201 | 49206 | 59.63.235.44 | 443 | TLS 1.2 | C=CN, O=TrustAsia Technologies, Inc., OU=Domain Validated SSL, CN=TrustAsia TLS RSA CA | CN=pc.stgowan.com | ec:c2:de:ec:a2:84:b6:01:53:c9:f1:c5:65:c5:d9:19:ec:6d:fd:cc |
| 2021-12-05 22:18:46.916882+0800 | 192.168.122.201 | 49207 | 59.63.235.44 | 443 | TLS 1.2 | C=CN, O=TrustAsia Technologies, Inc., OU=Domain Validated SSL, CN=TrustAsia TLS RSA CA | CN=pc.stgowan.com | ec:c2:de:ec:a2:84:b6:01:53:c9:f1:c5:65:c5:d9:19:ec:6d:fd:cc |
| 2021-12-05 22:18:47.297146+0800 | 192.168.122.201 | 49209 | 183.61.166.4 | 443 | TLS 1.2 | C=CN, O=TrustAsia Technologies, Inc., OU=Domain Validated SSL, CN=TrustAsia TLS RSA CA | CN=p.51gowan.com | 73:e8:df:42:97:44:5b:a0:93:a3:66:9d:f2:4c:9b:a3:76:1e:0c:21 |
| 2021-12-05 22:18:47.299431+0800 | 192.168.122.201 | 49210 | 183.61.166.4 | 443 | TLS 1.2 | C=CN, O=TrustAsia Technologies, Inc., OU=Domain Validated SSL, CN=TrustAsia TLS RSA CA | CN=p.51gowan.com | 73:e8:df:42:97:44:5b:a0:93:a3:66:9d:f2:4c:9b:a3:76:1e:0c:21 |
Suricata HTTP
No Suricata HTTP
未发现网络提取文件
抱歉! 没有任何文件投放。
| HTML 总结报告 (需15-60分钟同步) |
下载 |
|---|
Processing ( 32.989 seconds )
- 21.21 NetworkAnalysis
- 10.892 Suricata
- 0.868 Static
- 0.013 AnalysisInfo
- 0.004 BehaviorAnalysis
- 0.002 Memory
Signatures ( 1.403 seconds )
- 1.313 md_url_bl
- 0.027 md_domain_bl
- 0.011 antiav_detectreg
- 0.005 anomaly_persistence_autorun
- 0.005 infostealer_ftp
- 0.004 antiav_detectfile
- 0.004 geodo_banking_trojan
- 0.004 ransomware_files
- 0.003 infostealer_bitcoin
- 0.003 infostealer_im
- 0.003 network_torgateway
- 0.003 ransomware_extensions
- 0.002 tinba_behavior
- 0.002 antianalysis_detectreg
- 0.002 antivm_vbox_files
- 0.002 disables_browser_warn
- 0.002 infostealer_mail
- 0.001 rat_nanocore
- 0.001 cerber_behavior
- 0.001 bot_drive
- 0.001 bot_drive2
- 0.001 browser_security
- 0.001 maldun_malicious_drop_executable_file_to_temp_folder
- 0.001 ie_martian_children
- 0.001 md_bad_drop
Reporting ( 0.487 seconds )
- 0.487 ReportHTMLSummary
| Task ID | 667955 |
|---|---|
| Mongo ID | 61accacf7e769a79ad100549 |
| Cuckoo release | 1.4-Maldun |
沪公网安备 31011502009736号