分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
---|---|---|---|---|
文件 (Windows) | win7-sp1-x64-shaapp03-1 | 2023-06-07 16:07:39 | 2023-06-07 16:08:26 | 47 秒 |
文件名 | 多类支持向量机的DDoS攻击检测的方法.pdf |
---|---|
文件大小 | 1162549 字节 |
文件类型 | PDF document, version 1.3 |
MD5 | 3215093b0dc75311992042ff94f100e7 |
SHA1 | 6f798ca7b6f98b068e27ef3582e9713a3886c887 |
SHA256 | 2eb9298e7f67cb7f6f1e36ef3486a88496ddab507bc7a4c9a7a741fb31819785 |
SHA512 | 058a8915a6f824a64c6cbad2c0d8d0022c905113c1f765c8ab7a88cec1835a8033d6a926254f9df7ef01dc8d6f03ca5df2ce78129fb813c24065b628fa249fd4 |
CRC32 | F60EA404 |
Ssdeep | 24576:+CpGADAWcdNjDwL7osP3tTQLvTB0mTekG1l/DzI:+LtdNHwL8YhA+mf68 |
Yara | 登录查看Yara规则 |
找不到该样本 提交漏报 |
直接 | IP | 安全评级 | 地理位置 |
---|---|---|---|
否 | 13.107.213.50 | 美国 | |
否 | 13.107.246.50 | 美国 | |
否 | 23.197.245.164 | 美国 | |
否 | 23.204.146.162 | 美国 | |
否 | 23.33.16.112 | 美国 | |
否 | 23.33.17.164 | 美国 | |
否 | 52.109.124.150 | 美国 | |
否 | 61.147.219.124 | 中国 |
创建工具 | ReaderEx_DIS 2.0.0 Build 3946 |
---|---|
制作者 | TTKN |
作者 | CNKI |
熵(Entropy)总量 | 7.985307 |
进入数据流的熵 | 7.997470 |
流出数据流的熵 | 5.127304 |
"%% EOF" 数量 | 2 |
PDF头数据 | %PDF-1.3 |
EOF 后的数据 | 0 bytes |
文件大小 | 1162549 字节 |
文件页数 | 8 |
名称 | 值 |
---|---|
/CreationDate | 2017/12/15 13:37:23 GMT-08 |
/CreationDate | 2017/12/15 13:37:23 GMT-08 |
/ModDate | 2017/12/19 10:15:52 GMT+08 |
数据流名称 | 数据流数量 |
---|---|
/ObjStm | 0 |
/AcroForm | 0 |
xref | 2 |
obj | 285 |
/JS | 0 |
stream | 179 |
endobj | 284 |
/OpenAction | 0 |
/JavaScript | 0 |
endstream | 179 |
/Page | 8 |
/RichMedia | 0 |
startxref | 2 |
/JBIG2Decode | 0 |
/EmbeddedFile | 0 |
/Encrypt | 0 |
/AA | 0 |
/XFA | 0 |
/Colors > 2^24 | 0 |
/Launch | 0 |
trailer | 2 |
直接 | IP | 安全评级 | 地理位置 |
---|---|---|---|
否 | 13.107.213.50 | 美国 | |
否 | 13.107.246.50 | 美国 | |
否 | 23.197.245.164 | 美国 | |
否 | 23.204.146.162 | 美国 | |
否 | 23.33.16.112 | 美国 | |
否 | 23.33.17.164 | 美国 | |
否 | 52.109.124.150 | 美国 | |
否 | 61.147.219.124 | 中国 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49191 | 13.107.213.50 wcpstatic.microsoft.com | 443 |
192.168.122.201 | 49194 | 13.107.213.50 wcpstatic.microsoft.com | 443 |
192.168.122.201 | 49202 | 13.107.213.50 wcpstatic.microsoft.com | 443 |
192.168.122.201 | 49179 | 13.107.246.50 wcpstatic.microsoft.com | 443 |
192.168.122.201 | 49184 | 13.107.246.50 wcpstatic.microsoft.com | 443 |
192.168.122.201 | 49195 | 13.107.246.50 wcpstatic.microsoft.com | 443 |
192.168.122.201 | 49162 | 23.197.245.164 support.office.com | 443 |
192.168.122.201 | 49164 | 23.197.245.164 support.office.com | 443 |
192.168.122.201 | 49171 | 23.197.245.164 support.office.com | 443 |
192.168.122.201 | 49185 | 23.204.146.162 img-prod-cms-rt-microsoft-com.akamaized.net | 443 |
192.168.122.201 | 49186 | 23.204.146.162 img-prod-cms-rt-microsoft-com.akamaized.net | 443 |
192.168.122.201 | 49192 | 23.204.146.162 img-prod-cms-rt-microsoft-com.akamaized.net | 443 |
192.168.122.201 | 49193 | 23.204.146.162 img-prod-cms-rt-microsoft-com.akamaized.net | 443 |
192.168.122.201 | 49196 | 23.204.146.162 img-prod-cms-rt-microsoft-com.akamaized.net | 443 |
192.168.122.201 | 49197 | 23.204.146.162 img-prod-cms-rt-microsoft-com.akamaized.net | 443 |
192.168.122.201 | 49203 | 23.204.146.162 img-prod-cms-rt-microsoft-com.akamaized.net | 443 |
192.168.122.201 | 49204 | 23.204.146.162 img-prod-cms-rt-microsoft-com.akamaized.net | 443 |
192.168.122.201 | 49165 | 23.33.16.112 support.microsoft.com | 443 |
192.168.122.201 | 49166 | 23.33.16.112 support.microsoft.com | 443 |
192.168.122.201 | 49167 | 23.33.16.112 support.microsoft.com | 443 |
192.168.122.201 | 49172 | 23.33.16.112 support.microsoft.com | 443 |
192.168.122.201 | 49173 | 23.33.16.112 support.microsoft.com | 443 |
192.168.122.201 | 49174 | 23.33.16.112 support.microsoft.com | 443 |
192.168.122.201 | 49175 | 23.33.16.112 support.microsoft.com | 443 |
192.168.122.201 | 49187 | 23.33.17.164 c.s-microsoft.com | 443 |
192.168.122.201 | 49163 | 23.45.112.74 | 80 |
192.168.122.201 | 49160 | 52.109.124.150 officeredir.microsoft.com | 80 |
192.168.122.201 | 49161 | 52.109.124.150 officeredir.microsoft.com | 80 |
192.168.122.201 | 49169 | 52.109.124.150 officeredir.microsoft.com | 80 |
192.168.122.201 | 49170 | 52.109.124.150 officeredir.microsoft.com | 80 |
192.168.122.201 | 49176 | 61.147.219.124 www.microsoft.com | 443 |
192.168.122.201 | 49177 | 61.147.219.124 www.microsoft.com | 443 |
192.168.122.201 | 49178 | 61.147.219.124 www.microsoft.com | 443 |
192.168.122.201 | 49182 | 61.147.219.124 www.microsoft.com | 443 |
192.168.122.201 | 49183 | 61.147.219.124 www.microsoft.com | 443 |
192.168.122.201 | 49188 | 61.147.219.124 www.microsoft.com | 443 |
192.168.122.201 | 49189 | 61.147.219.124 www.microsoft.com | 443 |
192.168.122.201 | 49190 | 61.147.219.124 www.microsoft.com | 443 |
192.168.122.201 | 49198 | 61.147.219.124 www.microsoft.com | 443 |
192.168.122.201 | 49199 | 61.147.219.124 www.microsoft.com | 443 |
192.168.122.201 | 49200 | 61.147.219.124 www.microsoft.com | 443 |
192.168.122.201 | 49201 | 61.147.219.124 www.microsoft.com | 443 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49532 | 192.168.122.1 | 53 |
192.168.122.201 | 52179 | 192.168.122.1 | 53 |
192.168.122.201 | 52207 | 192.168.122.1 | 53 |
192.168.122.201 | 53125 | 192.168.122.1 | 53 |
192.168.122.201 | 54135 | 192.168.122.1 | 53 |
192.168.122.201 | 56270 | 192.168.122.1 | 53 |
192.168.122.201 | 59401 | 192.168.122.1 | 53 |
192.168.122.201 | 59906 | 192.168.122.1 | 53 |
192.168.122.201 | 60465 | 192.168.122.1 | 53 |
192.168.122.201 | 60919 | 192.168.122.1 | 53 |
192.168.122.201 | 61329 | 192.168.122.1 | 53 |
192.168.122.201 | 65178 | 192.168.122.1 | 53 |
192.168.122.201 | 65179 | 192.168.122.1 | 53 |
192.168.122.201 | 65259 | 192.168.122.1 | 53 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49191 | 13.107.213.50 wcpstatic.microsoft.com | 443 |
192.168.122.201 | 49194 | 13.107.213.50 wcpstatic.microsoft.com | 443 |
192.168.122.201 | 49202 | 13.107.213.50 wcpstatic.microsoft.com | 443 |
192.168.122.201 | 49179 | 13.107.246.50 wcpstatic.microsoft.com | 443 |
192.168.122.201 | 49184 | 13.107.246.50 wcpstatic.microsoft.com | 443 |
192.168.122.201 | 49195 | 13.107.246.50 wcpstatic.microsoft.com | 443 |
192.168.122.201 | 49162 | 23.197.245.164 support.office.com | 443 |
192.168.122.201 | 49164 | 23.197.245.164 support.office.com | 443 |
192.168.122.201 | 49171 | 23.197.245.164 support.office.com | 443 |
192.168.122.201 | 49185 | 23.204.146.162 img-prod-cms-rt-microsoft-com.akamaized.net | 443 |
192.168.122.201 | 49186 | 23.204.146.162 img-prod-cms-rt-microsoft-com.akamaized.net | 443 |
192.168.122.201 | 49192 | 23.204.146.162 img-prod-cms-rt-microsoft-com.akamaized.net | 443 |
192.168.122.201 | 49193 | 23.204.146.162 img-prod-cms-rt-microsoft-com.akamaized.net | 443 |
192.168.122.201 | 49196 | 23.204.146.162 img-prod-cms-rt-microsoft-com.akamaized.net | 443 |
192.168.122.201 | 49197 | 23.204.146.162 img-prod-cms-rt-microsoft-com.akamaized.net | 443 |
192.168.122.201 | 49203 | 23.204.146.162 img-prod-cms-rt-microsoft-com.akamaized.net | 443 |
192.168.122.201 | 49204 | 23.204.146.162 img-prod-cms-rt-microsoft-com.akamaized.net | 443 |
192.168.122.201 | 49165 | 23.33.16.112 support.microsoft.com | 443 |
192.168.122.201 | 49166 | 23.33.16.112 support.microsoft.com | 443 |
192.168.122.201 | 49167 | 23.33.16.112 support.microsoft.com | 443 |
192.168.122.201 | 49172 | 23.33.16.112 support.microsoft.com | 443 |
192.168.122.201 | 49173 | 23.33.16.112 support.microsoft.com | 443 |
192.168.122.201 | 49174 | 23.33.16.112 support.microsoft.com | 443 |
192.168.122.201 | 49175 | 23.33.16.112 support.microsoft.com | 443 |
192.168.122.201 | 49187 | 23.33.17.164 c.s-microsoft.com | 443 |
192.168.122.201 | 49163 | 23.45.112.74 | 80 |
192.168.122.201 | 49160 | 52.109.124.150 officeredir.microsoft.com | 80 |
192.168.122.201 | 49161 | 52.109.124.150 officeredir.microsoft.com | 80 |
192.168.122.201 | 49169 | 52.109.124.150 officeredir.microsoft.com | 80 |
192.168.122.201 | 49170 | 52.109.124.150 officeredir.microsoft.com | 80 |
192.168.122.201 | 49176 | 61.147.219.124 www.microsoft.com | 443 |
192.168.122.201 | 49177 | 61.147.219.124 www.microsoft.com | 443 |
192.168.122.201 | 49178 | 61.147.219.124 www.microsoft.com | 443 |
192.168.122.201 | 49182 | 61.147.219.124 www.microsoft.com | 443 |
192.168.122.201 | 49183 | 61.147.219.124 www.microsoft.com | 443 |
192.168.122.201 | 49188 | 61.147.219.124 www.microsoft.com | 443 |
192.168.122.201 | 49189 | 61.147.219.124 www.microsoft.com | 443 |
192.168.122.201 | 49190 | 61.147.219.124 www.microsoft.com | 443 |
192.168.122.201 | 49198 | 61.147.219.124 www.microsoft.com | 443 |
192.168.122.201 | 49199 | 61.147.219.124 www.microsoft.com | 443 |
192.168.122.201 | 49200 | 61.147.219.124 www.microsoft.com | 443 |
192.168.122.201 | 49201 | 61.147.219.124 www.microsoft.com | 443 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49532 | 192.168.122.1 | 53 |
192.168.122.201 | 52179 | 192.168.122.1 | 53 |
192.168.122.201 | 52207 | 192.168.122.1 | 53 |
192.168.122.201 | 53125 | 192.168.122.1 | 53 |
192.168.122.201 | 54135 | 192.168.122.1 | 53 |
192.168.122.201 | 56270 | 192.168.122.1 | 53 |
192.168.122.201 | 59401 | 192.168.122.1 | 53 |
192.168.122.201 | 59906 | 192.168.122.1 | 53 |
192.168.122.201 | 60465 | 192.168.122.1 | 53 |
192.168.122.201 | 60919 | 192.168.122.1 | 53 |
192.168.122.201 | 61329 | 192.168.122.1 | 53 |
192.168.122.201 | 65178 | 192.168.122.1 | 53 |
192.168.122.201 | 65179 | 192.168.122.1 | 53 |
192.168.122.201 | 65259 | 192.168.122.1 | 53 |
URI | HTTP数据 |
---|---|
URL专业沙箱检测 -> http://officeredir.microsoft.com/r/rlidUNLGenuine?LCID=2052&MSG=1&PID=02260-018-0000106-48620 | GET /r/rlidUNLGenuine?LCID=2052&MSG=1&PID=02260-018-0000106-48620 HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; ms-office) Accept-Encoding: gzip, deflate Host: officeredir.microsoft.com Connection: Keep-Alive Cookie: WT_FPC=id=2ea84d10a1187b93d1f1504351520961:lv=1504351536858:ss=1504351520961 |
URL专业沙箱检测 -> http://o15.officeredir.microsoft.com/r/rlidUNLGenuineRedir?p1=1&clid=2052&LCID=2052&MSG=1&PID=02260-018-0000106-48620 | GET /r/rlidUNLGenuineRedir?p1=1&clid=2052&LCID=2052&MSG=1&PID=02260-018-0000106-48620 HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; ms-office) Accept-Encoding: gzip, deflate Host: o15.officeredir.microsoft.com Connection: Keep-Alive Cookie: WT_FPC=id=2ea84d10a1187b93d1f1504351520961:lv=1504351536858:ss=1504351520961 |
URL专业沙箱检测 -> http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip | GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1 Accept: */* If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT User-Agent: IPM Host: acroipm.adobe.com Connection: Keep-Alive Cache-Control: no-cache |
URL专业沙箱检测 -> http://officeredir.microsoft.com/r/rlidUNLGenuine?LCID=2052&MSG=2&PID=02260-018-0000106-48620 | GET /r/rlidUNLGenuine?LCID=2052&MSG=2&PID=02260-018-0000106-48620 HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; ms-office) Accept-Encoding: gzip, deflate Host: officeredir.microsoft.com Connection: Keep-Alive Cookie: WT_FPC=id=2ea84d10a1187b93d1f1504351520961:lv=1504351536858:ss=1504351520961 |
URL专业沙箱检测 -> http://o15.officeredir.microsoft.com/r/rlidUNLGenuineRedir?p1=2&clid=2052&LCID=2052&MSG=2&PID=02260-018-0000106-48620 | GET /r/rlidUNLGenuineRedir?p1=2&clid=2052&LCID=2052&MSG=2&PID=02260-018-0000106-48620 HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; ms-office) Accept-Encoding: gzip, deflate Host: o15.officeredir.microsoft.com Connection: Keep-Alive Cookie: WT_FPC=id=2ea84d10a1187b93d1f1504351520961:lv=1504351536858:ss=1504351520961 |
URL专业沙箱检测 -> http://officeredir.microsoft.com/r/rlidUNLGenuine?LCID=2052&MSG=2&PID=02260-018-0000106-48620 | GET /r/rlidUNLGenuine?LCID=2052&MSG=2&PID=02260-018-0000106-48620 HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; ms-office) Accept-Encoding: gzip, deflate Host: officeredir.microsoft.com Connection: Keep-Alive Cookie: WT_FPC=id=2ea84d10a1187b93d1f1504351520961:lv=1504351536858:ss=1504351520961; ak_bmsc=E2D58E780D9A71A73242CDF7A6155BAC~000000000000000000000000000000~YAAQj+Bb2sF9cmyIAQAAeD7mlBTzjZ3kZRnorszub77o/dn/n2weock57vZegYBHdMPG2+Cq707evWlAJms+p0g5Y3V4Qff97BLXBWXOAkMY+AiNZy1Qgljbi5Vqd2BEjmuk/uYZExkheXnGUey9gK8ChMAn59j1Lc6DrlVvFWwsJKZwS0Vis4IQlgU7uZ+Zp2x41nZM/jlZZ/oBaTwKjS/MNSg5byc4bmlSp+aKIqeTfvvDn9Xt5IV1Ixe4d3kumkkMQm58mDeKKqtewerBJtZbcXLLQ3VJ9MiYm1prCYntRcPnPUtxj8HXJttCNNkSfFMWwBOdssbCRNsT+ygPPvNSud8oEzSaK86UN8UgHQG0Uq3VVBSuRq1YRv7H0iY= |
URL专业沙箱检测 -> http://o15.officeredir.microsoft.com/r/rlidUNLGenuineRedir?p1=2&clid=2052&LCID=2052&MSG=2&PID=02260-018-0000106-48620 | GET /r/rlidUNLGenuineRedir?p1=2&clid=2052&LCID=2052&MSG=2&PID=02260-018-0000106-48620 HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; ms-office) Accept-Encoding: gzip, deflate Host: o15.officeredir.microsoft.com Connection: Keep-Alive Cookie: WT_FPC=id=2ea84d10a1187b93d1f1504351520961:lv=1504351536858:ss=1504351520961; ak_bmsc=E2D58E780D9A71A73242CDF7A6155BAC~000000000000000000000000000000~YAAQj+Bb2sF9cmyIAQAAeD7mlBTzjZ3kZRnorszub77o/dn/n2weock57vZegYBHdMPG2+Cq707evWlAJms+p0g5Y3V4Qff97BLXBWXOAkMY+AiNZy1Qgljbi5Vqd2BEjmuk/uYZExkheXnGUey9gK8ChMAn59j1Lc6DrlVvFWwsJKZwS0Vis4IQlgU7uZ+Zp2x41nZM/jlZZ/oBaTwKjS/MNSg5byc4bmlSp+aKIqeTfvvDn9Xt5IV1Ixe4d3kumkkMQm58mDeKKqtewerBJtZbcXLLQ3VJ9MiYm1prCYntRcPnPUtxj8HXJttCNNkSfFMWwBOdssbCRNsT+ygPPvNSud8oEzSaK86UN8UgHQG0Uq3VVBSuRq1YRv7H0iY= |
无SMTP流量.
无IRC请求.
无ICMP流量.
无 CIF 结果
无警报
Timestamp | Source IP | Source Port | Destination IP | Destination Port | Version | Issuer | Subject | Fingerprint |
---|---|---|---|---|---|---|---|---|
2023-06-07 16:08:03.460134+0800 | 192.168.122.201 | 49162 | 23.197.245.164 | 443 | TLS 1.2 | C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 02 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=support.office.com | f8:2b:56:b9:35:29:e8:68:3a:d2:55:70:fe:52:67:76:4a:2c:0c:ec |
2023-06-07 16:08:13.962571+0800 | 192.168.122.201 | 49177 | 61.147.219.124 | 443 | TLS 1.2 | C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 06 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=www.microsoft.com | 2d:6e:2a:e5:b3:6f:22:07:6a:19:7d:50:00:9d:ee:66:39:6a:a9:9c |
2023-06-07 16:08:14.867841+0800 | 192.168.122.201 | 49179 | 13.107.246.50 | 443 | TLS 1.2 | C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1 | C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=wcpstatic.microsoft.com | ad:03:4f:51:d2:e7:02:3e:a7:f8:2e:2c:9c:0e:4c:62:62:7c:10:a1 |
2023-06-07 16:08:13.351216+0800 | 192.168.122.201 | 49176 | 61.147.219.124 | 443 | TLS 1.2 | C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 06 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=www.microsoft.com | 2d:6e:2a:e5:b3:6f:22:07:6a:19:7d:50:00:9d:ee:66:39:6a:a9:9c |
2023-06-07 16:08:15.923208+0800 | 192.168.122.201 | 49184 | 13.107.246.50 | 443 | TLS 1.2 | C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 06 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=identitycdn.msauth.net | 39:26:0c:c1:15:7c:cd:fb:a0:02:79:61:ae:03:2c:85:65:25:bc:7e |
2023-06-07 16:08:16.363413+0800 | 192.168.122.201 | 49185 | 23.204.146.162 | 443 | TLS 1.2 | C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1 | C=US, ST=Massachusetts, L=Cambridge, O=Akamai Technologies, Inc., CN=a248.e.akamai.net | a3:c7:b4:95:4e:16:bd:c5:8a:ee:85:53:5d:c1:c2:cd:43:e9:ec:b9 |
2023-06-07 16:08:16.360162+0800 | 192.168.122.201 | 49186 | 23.204.146.162 | 443 | TLS 1.2 | C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1 | C=US, ST=Massachusetts, L=Cambridge, O=Akamai Technologies, Inc., CN=a248.e.akamai.net | a3:c7:b4:95:4e:16:bd:c5:8a:ee:85:53:5d:c1:c2:cd:43:e9:ec:b9 |
2023-06-07 16:08:17.229299+0800 | 192.168.122.201 | 49188 | 61.147.219.124 | 443 | TLS 1.2 | C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 06 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=www.microsoft.com | 2d:6e:2a:e5:b3:6f:22:07:6a:19:7d:50:00:9d:ee:66:39:6a:a9:9c |
2023-06-07 16:08:17.254760+0800 | 192.168.122.201 | 49187 | 23.33.17.164 | 443 | TLS 1.2 | C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 06 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=www.microsoft.com | 2d:6e:2a:e5:b3:6f:22:07:6a:19:7d:50:00:9d:ee:66:39:6a:a9:9c |
2023-06-07 16:08:19.879302+0800 | 192.168.122.201 | 49194 | 13.107.213.50 | 443 | TLS 1.2 | C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 06 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=identitycdn.msauth.net | 39:26:0c:c1:15:7c:cd:fb:a0:02:79:61:ae:03:2c:85:65:25:bc:7e |
2023-06-07 16:08:18.683851+0800 | 192.168.122.201 | 49191 | 13.107.213.50 | 443 | TLS 1.2 | C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1 | C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=wcpstatic.microsoft.com | ad:03:4f:51:d2:e7:02:3e:a7:f8:2e:2c:9c:0e:4c:62:62:7c:10:a1 |
2023-06-07 16:08:20.026737+0800 | 192.168.122.201 | 49193 | 23.204.146.162 | 443 | TLS 1.2 | C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1 | C=US, ST=Massachusetts, L=Cambridge, O=Akamai Technologies, Inc., CN=a248.e.akamai.net | a3:c7:b4:95:4e:16:bd:c5:8a:ee:85:53:5d:c1:c2:cd:43:e9:ec:b9 |
2023-06-07 16:08:19.759052+0800 | 192.168.122.201 | 49195 | 13.107.246.50 | 443 | TLS 1.2 | C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 06 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=identitycdn.msauth.net | 39:26:0c:c1:15:7c:cd:fb:a0:02:79:61:ae:03:2c:85:65:25:bc:7e |
2023-06-07 16:08:20.141524+0800 | 192.168.122.201 | 49192 | 23.204.146.162 | 443 | TLS 1.2 | C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1 | C=US, ST=Massachusetts, L=Cambridge, O=Akamai Technologies, Inc., CN=a248.e.akamai.net | a3:c7:b4:95:4e:16:bd:c5:8a:ee:85:53:5d:c1:c2:cd:43:e9:ec:b9 |
2023-06-07 16:08:23.348038+0800 | 192.168.122.201 | 49202 | 13.107.213.50 | 443 | TLS 1.2 | C=US, O=Microsoft Corporation, CN=Microsoft Azure TLS Issuing CA 06 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=identitycdn.msauth.net | 39:26:0c:c1:15:7c:cd:fb:a0:02:79:61:ae:03:2c:85:65:25:bc:7e |
No Suricata HTTP
HTML 总结报告 (需15-60分钟同步) |
下载 |
---|
Task ID | 721962 |
---|---|
Mongo ID | 64803b547e769a4ec29e39e1 |
Cuckoo release | 1.4-Maldun |