分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
URL win7-sp1-x64-shaapp02-1 2022-09-14 17:10:52 2022-09-14 17:12:57 125 秒

魔盾分数

正常的

URL详细信息

URL
URL专业沙箱检测 -> https://www.amazon.com

登录查看威胁特征

运行截图


访问主机纪录 (可点击查询WPING实时安全评级)

直接 IP 安全评级 地理位置
151.101.109.16 未知 美国
23.45.61.93 未知 美国
35.171.112.57 未知 美国
52.46.130.91 未知 美国
52.46.141.85 美国
54.192.248.203 未知 美国
54.230.169.107 未知 美国
59.63.81.183 未知 中国

摘要

登录查看详细行为信息

WHOIS 信息

Name: Hostmaster, Amazon Legal Dept.
Country: US
State: NV
City: Reno
ZIP Code: 89507
Address: P.O. Box 8102

Orginization: Amazon Technologies, Inc.
Domain Name(s):
    AMAZON.COM
    amazon.com
Creation Date:
    1994-11-01 05:00:00
    1994-11-01 05:00:00+0000
Updated Date:
    2019-05-07 20:09:37
    2019-08-26 19:19:56+0000
Expiration Date:
    2024-10-31 04:00:00
    2024-10-30 07:00:00+0000
Email(s):
    abusecomplaints@markmonitor.com
    hostmaster@amazon.com
    whoisrequest@markmonitor.com

Registrar(s):
    MarkMonitor, Inc.
Name Server(s):
    NS1.P31.DYNECT.NET
    NS2.P31.DYNECT.NET
    NS3.P31.DYNECT.NET
    NS4.P31.DYNECT.NET
    PDNS1.ULTRADNS.NET
    PDNS6.ULTRADNS.CO.UK
    ns2.p31.dynect.net
    ns3.p31.dynect.net
    pdns6.ultradns.co.uk
    ns1.p31.dynect.net
    pdns1.ultradns.net
    ns4.p31.dynect.net
Referral URL(s):
    None
没有防病毒引擎扫描信息!

进程树


iexplore.exe, PID: 2432, 上一级进程 PID: 2176

访问主机纪录 (可点击查询WPING实时安全评级)

直接 IP 安全评级 地理位置
151.101.109.16 未知 美国
23.45.61.93 未知 美国
35.171.112.57 未知 美国
52.46.130.91 未知 美国
52.46.141.85 美国
54.192.248.203 未知 美国
54.230.169.107 未知 美国
59.63.81.183 未知 中国

TCP

源地址 源端口 目标地址 目标端口
192.168.122.201 49160 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49162 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49163 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49164 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49165 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49166 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49167 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49168 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49169 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49171 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49172 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49173 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49174 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49175 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49176 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49185 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49186 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49187 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49188 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49189 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49190 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49191 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49192 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49193 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49194 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49159 23.45.61.93 www.amazon.com 443
192.168.122.201 49181 23.45.61.93 www.amazon.com 443
192.168.122.201 49182 23.45.61.93 www.amazon.com 443
192.168.122.201 49205 23.45.61.93 www.amazon.com 443
192.168.122.201 49170 35.171.112.57 fls-na.amazon.com 443
192.168.122.201 49183 35.171.112.57 fls-na.amazon.com 443
192.168.122.201 49184 35.171.112.57 fls-na.amazon.com 443
192.168.122.201 49196 35.171.112.57 fls-na.amazon.com 443
192.168.122.201 49197 35.171.112.57 fls-na.amazon.com 443
192.168.122.201 49198 35.171.112.57 fls-na.amazon.com 443
192.168.122.201 49199 35.171.112.57 fls-na.amazon.com 443
192.168.122.201 49203 35.171.112.57 fls-na.amazon.com 443
192.168.122.201 49206 35.171.112.57 fls-na.amazon.com 443
192.168.122.201 49195 52.46.130.91 s.amazon-adsystem.com 443
192.168.122.201 49201 52.46.130.91 s.amazon-adsystem.com 443
192.168.122.201 49179 52.46.141.85 assoc-na.associates-amazon.com 443
192.168.122.201 49200 54.192.248.203 d2lo25i6d3q8zm.cloudfront.net 443
192.168.122.201 49180 54.230.169.107 x.ss2.us 80
192.168.122.201 49177 59.63.81.183 images-cn.ssl-images-amazon.cn 443
192.168.122.201 49178 59.63.81.183 images-cn.ssl-images-amazon.cn 443
192.168.122.201 49161 96.16.55.100 80

UDP

源地址 源端口 目标地址 目标端口
192.168.122.201 51304 192.168.122.1 53
192.168.122.201 53118 192.168.122.1 53
192.168.122.201 53947 192.168.122.1 53
192.168.122.201 57526 192.168.122.1 53
192.168.122.201 59277 192.168.122.1 53
192.168.122.201 60155 192.168.122.1 53
192.168.122.201 61447 192.168.122.1 53
192.168.122.201 63246 192.168.122.1 53
192.168.122.201 63472 192.168.122.1 53
192.168.122.201 63902 192.168.122.1 53

TCP

源地址 源端口 目标地址 目标端口
192.168.122.201 49160 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49162 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49163 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49164 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49165 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49166 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49167 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49168 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49169 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49171 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49172 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49173 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49174 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49175 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49176 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49185 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49186 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49187 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49188 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49189 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49190 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49191 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49192 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49193 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49194 151.101.109.16 images-na.ssl-images-amazon.com 443
192.168.122.201 49159 23.45.61.93 www.amazon.com 443
192.168.122.201 49181 23.45.61.93 www.amazon.com 443
192.168.122.201 49182 23.45.61.93 www.amazon.com 443
192.168.122.201 49205 23.45.61.93 www.amazon.com 443
192.168.122.201 49170 35.171.112.57 fls-na.amazon.com 443
192.168.122.201 49183 35.171.112.57 fls-na.amazon.com 443
192.168.122.201 49184 35.171.112.57 fls-na.amazon.com 443
192.168.122.201 49196 35.171.112.57 fls-na.amazon.com 443
192.168.122.201 49197 35.171.112.57 fls-na.amazon.com 443
192.168.122.201 49198 35.171.112.57 fls-na.amazon.com 443
192.168.122.201 49199 35.171.112.57 fls-na.amazon.com 443
192.168.122.201 49203 35.171.112.57 fls-na.amazon.com 443
192.168.122.201 49206 35.171.112.57 fls-na.amazon.com 443
192.168.122.201 49195 52.46.130.91 s.amazon-adsystem.com 443
192.168.122.201 49201 52.46.130.91 s.amazon-adsystem.com 443
192.168.122.201 49179 52.46.141.85 assoc-na.associates-amazon.com 443
192.168.122.201 49200 54.192.248.203 d2lo25i6d3q8zm.cloudfront.net 443
192.168.122.201 49180 54.230.169.107 x.ss2.us 80
192.168.122.201 49177 59.63.81.183 images-cn.ssl-images-amazon.cn 443
192.168.122.201 49178 59.63.81.183 images-cn.ssl-images-amazon.cn 443
192.168.122.201 49161 96.16.55.100 80

UDP

源地址 源端口 目标地址 目标端口
192.168.122.201 51304 192.168.122.1 53
192.168.122.201 53118 192.168.122.1 53
192.168.122.201 53947 192.168.122.1 53
192.168.122.201 57526 192.168.122.1 53
192.168.122.201 59277 192.168.122.1 53
192.168.122.201 60155 192.168.122.1 53
192.168.122.201 61447 192.168.122.1 53
192.168.122.201 63246 192.168.122.1 53
192.168.122.201 63472 192.168.122.1 53
192.168.122.201 63902 192.168.122.1 53

HTTP 请求

URI HTTP数据
URL专业沙箱检测 -> http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip
GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1
Accept: */*
If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT
User-Agent: IPM
Host: acroipm.adobe.com
Connection: Keep-Alive
Cache-Control: no-cache

URL专业沙箱检测 -> http://x.ss2.us/x.cer
GET /x.cer HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: x.ss2.us

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

Timestamp Source IP Source Port Destination IP Destination Port Version Issuer Subject Fingerprint
2022-09-14 17:11:12.800260+0800 192.168.122.201 49159 23.45.61.93 443 TLS 1.2 C=US, O=DigiCert Inc, CN=DigiCert Global CA G2 CN=www.amazon.com 70:44:64:e1:a0:82:da:86:f2:f8:4a:08:99:6c:05:7c:4e:fc:16:37
2022-09-14 17:11:14.183515+0800 192.168.122.201 49160 151.101.109.16 443 TLS 1.2 C=US, O=DigiCert Inc, CN=DigiCert Global CA G2 CN=images-na.ssl-images-amazon.com 85:33:f2:5c:64:58:1f:81:e6:2e:97:bc:2c:54:2f:db:24:20:a6:6b
2022-09-14 17:11:14.392313+0800 192.168.122.201 49162 151.101.109.16 443 TLS 1.2 C=US, O=DigiCert Inc, CN=DigiCert Global CA G2 CN=images-na.ssl-images-amazon.com 85:33:f2:5c:64:58:1f:81:e6:2e:97:bc:2c:54:2f:db:24:20:a6:6b
2022-09-14 17:11:15.160820+0800 192.168.122.201 49166 151.101.109.16 443 TLS 1.2 C=US, O=DigiCert Inc, CN=DigiCert Global CA G2 CN=images-na.ssl-images-amazon.com 85:33:f2:5c:64:58:1f:81:e6:2e:97:bc:2c:54:2f:db:24:20:a6:6b
2022-09-14 17:11:15.158384+0800 192.168.122.201 49164 151.101.109.16 443 TLS 1.2 C=US, O=DigiCert Inc, CN=DigiCert Global CA G2 CN=images-na.ssl-images-amazon.com 85:33:f2:5c:64:58:1f:81:e6:2e:97:bc:2c:54:2f:db:24:20:a6:6b
2022-09-14 17:11:15.153010+0800 192.168.122.201 49167 151.101.109.16 443 TLS 1.2 C=US, O=DigiCert Inc, CN=DigiCert Global CA G2 CN=images-na.ssl-images-amazon.com 85:33:f2:5c:64:58:1f:81:e6:2e:97:bc:2c:54:2f:db:24:20:a6:6b
2022-09-14 17:11:15.144099+0800 192.168.122.201 49169 151.101.109.16 443 TLS 1.2 C=US, O=DigiCert Inc, CN=DigiCert Global CA G2 CN=images-na.ssl-images-amazon.com 85:33:f2:5c:64:58:1f:81:e6:2e:97:bc:2c:54:2f:db:24:20:a6:6b
2022-09-14 17:11:15.970084+0800 192.168.122.201 49178 59.63.81.183 443 TLS 1.2 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=t.ssl-images-amazon.cn a9:6e:b9:e8:fc:14:5b:0c:55:14:c1:dc:b7:b8:33:85:8c:f8:f9:d6
2022-09-14 17:11:15.160591+0800 192.168.122.201 49168 151.101.109.16 443 TLS 1.2 C=US, O=DigiCert Inc, CN=DigiCert Global CA G2 CN=images-na.ssl-images-amazon.com 85:33:f2:5c:64:58:1f:81:e6:2e:97:bc:2c:54:2f:db:24:20:a6:6b
2022-09-14 17:11:15.149843+0800 192.168.122.201 49165 151.101.109.16 443 TLS 1.2 C=US, O=DigiCert Inc, CN=DigiCert Global CA G2 CN=images-na.ssl-images-amazon.com 85:33:f2:5c:64:58:1f:81:e6:2e:97:bc:2c:54:2f:db:24:20:a6:6b
2022-09-14 17:11:15.670205+0800 192.168.122.201 49170 35.171.112.57 443 TLS 1.2 C=US, O=Amazon, OU=Server CA 1B, CN=Amazon CN=fls-na.amazon.com 7f:66:9d:7f:1b:a5:e9:d4:77:57:3c:f9:8f:7d:9b:3d:05:8d:c5:ef
2022-09-14 17:11:16.322607+0800 192.168.122.201 49179 52.46.141.85 443 TLS 1.2 C=US, O=Amazon, OU=Server CA 1B, CN=Amazon CN=assoc-na.associates-amazon.com 25:a2:8c:00:a9:b0:de:1c:3e:bc:ef:26:05:cc:57:34:38:98:fa:74
2022-09-14 17:11:15.967870+0800 192.168.122.201 49177 59.63.81.183 443 TLS 1.2 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=t.ssl-images-amazon.cn a9:6e:b9:e8:fc:14:5b:0c:55:14:c1:dc:b7:b8:33:85:8c:f8:f9:d6
2022-09-14 17:11:18.431680+0800 192.168.122.201 49195 52.46.130.91 443 TLS 1.2 C=US, O=Amazon, OU=Server CA 1B, CN=Amazon CN=s.amazon-adsystem.com 43:7a:bf:ca:40:89:59:b7:c7:aa:b2:f4:87:3b:04:2d:2c:af:bb:49
2022-09-14 17:11:19.515552+0800 192.168.122.201 49200 54.192.248.203 443 TLS 1.2 C=US, O=Amazon, OU=Server CA 1B, CN=Amazon CN=*.cloudfront.net ac:04:98:6a:55:86:02:b5:0a:d6:73:25:b2:cc:33:80:97:16:7c:28

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
抱歉! 没有任何文件投放。
HTML 总结报告
(需15-60分钟同步)
下载

Processing ( 39.217 seconds )

  • 21.753 NetworkAnalysis
  • 13.425 Suricata
  • 2.015 VirusTotal
  • 2.007 Static
  • 0.011 AnalysisInfo
  • 0.004 BehaviorAnalysis
  • 0.002 Memory

Signatures ( 0.0 seconds )

Reporting ( 0.0 seconds )

Task ID 708463
Mongo ID 63219b49dc327b88d8d66edf
Cuckoo release 1.4-Maldun