popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

t.exe

AsyncRAT PE32 PE File .NET EXE
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 May 26, 2021, 9:49 a.m. May 26, 2021, 9:52 a.m.
Size 5.0KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 ddda0d5616775408eb31992c1d602a8d
SHA256 c944981e841c36822c3db737337bd30a272c3a9d2c2a529febdca620d365928f
CRC32 B683131F
ssdeep 48:62z8ClAcufuUU+wanO5FJfbsjzz+HmqBHBcxg/BtJXwEYmBnSfbNtm:DAlRWUU+7OdbynrkLDab/zNt
Yara
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • Is_DotNET_EXE - (no description)
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
ieaspk.com
A 67.220.184.98
67.220.184.98
IP Address Status Action
164.124.101.2 Active Moloch
46.101.81.223 Active Moloch
67.220.184.98 Active Moloch

Suricata Alerts

Flow SID Signature Category
TCP 67.220.184.98:443 -> 192.168.56.101:49203 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49202 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49203 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49203 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49198 -> 46.101.81.223:80 2016141 ET INFO Executable Download from dotted-quad Host A Network Trojan was detected
TCP 192.168.56.101:49202 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49202 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49202 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49216 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49216 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49216 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49205 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49216 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49208 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49205 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49205 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49205 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49219 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49219 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49219 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49219 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49208 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49215 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49226 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49207 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49215 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49226 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49215 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49207 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49203 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49215 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49208 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49208 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 46.101.81.223:80 -> 192.168.56.101:49198 2018959 ET POLICY PE EXE or DLL Windows file download HTTP Potential Corporate Privacy Violation
TCP 46.101.81.223:80 -> 192.168.56.101:49198 2016538 ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49208 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49226 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 46.101.81.223:80 -> 192.168.56.101:49198 2021076 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49208 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49226 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49221 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49210 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49228 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49221 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49221 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49210 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49221 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49210 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49228 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49210 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49228 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49228 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49207 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49207 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49206 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49206 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49206 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49206 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49209 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49221 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49221 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49209 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49209 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49211 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49209 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49223 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49211 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49211 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49211 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49223 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49212 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49223 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49223 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49212 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49212 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49229 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49212 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49230 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49229 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49229 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49229 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49230 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49230 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49230 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49217 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49217 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49213 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49217 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49217 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49236 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49213 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49213 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49236 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49213 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49236 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49218 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49236 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49218 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49222 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49214 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49239 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49222 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49214 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49222 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49214 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49222 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49214 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49239 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49239 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49239 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49254 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49224 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49254 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49254 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49224 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49254 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49224 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49224 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49231 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49244 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49231 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49231 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49231 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49244 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49234 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49244 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49244 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49218 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49218 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49232 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49201 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49253 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49232 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49201 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49232 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49201 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49232 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49253 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49201 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49220 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49253 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49253 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49220 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49220 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49233 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49234 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49234 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49234 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49225 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49233 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49233 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49256 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49233 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49225 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49225 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49256 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49220 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49225 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49256 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49256 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49235 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49240 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49235 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49235 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49240 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49252 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49240 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49240 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49252 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49235 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49257 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49252 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49252 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49242 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49257 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49237 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49257 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49242 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49257 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49242 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49262 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49242 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49237 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49237 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49227 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49262 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49262 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49262 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49227 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49237 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49248 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49248 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49272 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49248 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49248 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49227 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49260 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49227 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49272 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49272 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49260 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49272 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49260 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49258 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49260 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49238 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49258 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49249 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49238 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49258 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49285 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49238 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49258 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49238 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49273 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49249 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49285 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49249 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49285 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49249 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49273 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49285 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49273 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49246 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49273 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49261 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49246 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49261 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49246 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49265 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49261 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49246 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49286 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49261 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49241 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49275 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49265 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49286 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49265 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49286 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49265 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49286 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49241 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49275 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49241 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49275 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49241 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49263 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49275 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49263 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49287 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49266 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49263 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49243 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49263 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49287 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49287 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49266 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49287 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49243 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49266 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49276 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49243 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49266 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49243 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49264 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49276 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49276 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49298 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49264 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49268 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49276 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49264 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49264 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49298 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49298 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49268 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49298 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49268 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49245 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49268 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49300 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49245 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49245 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49267 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49245 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49303 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49300 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49300 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49247 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49269 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49267 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49300 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49267 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49303 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49267 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49303 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49269 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49303 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49269 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49269 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49250 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49312 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49250 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49250 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49309 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49271 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49250 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49312 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49274 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49312 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49312 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49309 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49271 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49309 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49271 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49309 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49274 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49271 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49274 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49255 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49274 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49309 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49309 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49255 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49319 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49255 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49255 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49282 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49291 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49319 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49313 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49319 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49282 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49319 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49282 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49291 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49282 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49313 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49270 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49291 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49313 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49291 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49313 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49270 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49270 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49321 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49270 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49313 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49284 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49313 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49292 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49321 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49284 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49321 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49284 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49321 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49292 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49247 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49284 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49292 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49320 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49292 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49247 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49247 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49320 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49278 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49320 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49320 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49328 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49293 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49278 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49293 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49278 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49328 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49304 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49278 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49293 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49251 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49330 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49328 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49293 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49328 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49251 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49304 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49330 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49251 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49330 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49251 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49304 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49330 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49304 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49294 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49334 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49281 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49294 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49334 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49259 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49294 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49336 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49334 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49294 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49281 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49305 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49334 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49281 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49259 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49281 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49259 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49336 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49305 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49259 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49336 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49305 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49336 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49305 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49296 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49335 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49283 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49296 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49296 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49277 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49335 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49296 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49337 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49335 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49310 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49283 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49335 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49283 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49277 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49283 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49277 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49337 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49310 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49277 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49337 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49310 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49337 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49297 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49310 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49341 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49308 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49297 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49279 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49297 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49341 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49297 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49345 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49341 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49308 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49341 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49308 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49317 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49279 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49308 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49345 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49279 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49345 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49279 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49345 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49317 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49299 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49317 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49342 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49317 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49299 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49311 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49342 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49299 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49280 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49342 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49350 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49299 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49342 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49311 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49318 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49311 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49280 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49350 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49311 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49280 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49342 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49280 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49350 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49318 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49342 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49350 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49301 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49318 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49318 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49301 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49301 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49346 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49301 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49288 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49364 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49314 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49346 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49322 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49346 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49288 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49346 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49314 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49364 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49288 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49364 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49307 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49314 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49322 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49364 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49288 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49314 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49322 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49307 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49322 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49307 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49307 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49347 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49372 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49289 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49347 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49324 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49347 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49325 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49347 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49372 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49289 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49372 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49315 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49289 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49324 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49372 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49325 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49289 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49324 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49324 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49325 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49315 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49325 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49315 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49356 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49315 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49290 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49356 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49374 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49356 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49331 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49356 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49327 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49290 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49316 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49374 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49290 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49374 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49331 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49290 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49374 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49327 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49331 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49316 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49327 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49331 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49327 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49316 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49375 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49316 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49376 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49375 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49295 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49375 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49333 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49375 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49338 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49376 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49376 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49295 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49329 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49376 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49295 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49333 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49338 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49295 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49333 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49338 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49333 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49329 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49338 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49379 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49329 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49329 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49379 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49339 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49302 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49379 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49379 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49343 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49339 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49340 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49339 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49302 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49397 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49339 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49302 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49302 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49340 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49397 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49340 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49381 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49397 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49340 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49397 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49349 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49381 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49306 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49381 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49381 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49349 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49306 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49348 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49349 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49400 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49306 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49349 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49306 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49348 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49400 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49386 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49348 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49400 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49348 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49400 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49386 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49353 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49386 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49323 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49386 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49353 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49351 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49353 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49323 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49409 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49353 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49323 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49323 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49409 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49392 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49351 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49409 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49351 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49409 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49357 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49351 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49392 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49392 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49326 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49392 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49357 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49357 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49357 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49326 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49413 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49354 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49326 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49326 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49411 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49354 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49354 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49413 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49411 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49413 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49411 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49413 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49361 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49411 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49354 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49361 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49361 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49361 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49332 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49366 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49332 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49366 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49332 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49418 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49366 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49332 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49366 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49418 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49418 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49418 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49423 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49358 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49369 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49423 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49358 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49423 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49358 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49369 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49423 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49422 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49358 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49371 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49369 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49369 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49422 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49371 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49422 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49371 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49343 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49371 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49343 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49362 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49343 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49362 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49378 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49362 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49362 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49428 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49422 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49378 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49344 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49378 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49428 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49378 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49428 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49428 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49344 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49363 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49363 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49380 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49363 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49363 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49426 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49380 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49387 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49380 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49380 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49426 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49426 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49387 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49368 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49426 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49387 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49344 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49387 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49344 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49368 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49382 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49368 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49368 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49382 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49388 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49382 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49352 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49382 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49377 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49388 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49352 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49388 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49352 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49388 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49352 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49377 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49389 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49377 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49377 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49389 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49393 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49355 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49389 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49389 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49383 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49393 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49393 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49393 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49383 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49383 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49390 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49383 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49431 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49390 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49403 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49390 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49431 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49390 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49431 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49431 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49384 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49403 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49403 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49403 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49384 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49384 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49355 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49384 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49355 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49355 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49415 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49385 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49415 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49359 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49415 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49415 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49385 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49385 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49359 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49385 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49359 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49359 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49420 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49394 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49420 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49360 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49420 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49420 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49394 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49360 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49394 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49360 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49394 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49360 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49421 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49421 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49391 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49365 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49421 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49395 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49421 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49391 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49365 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49391 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49395 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49365 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49391 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49395 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49365 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49395 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49398 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49367 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49405 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49398 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49398 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49367 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49398 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49405 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49367 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49405 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49367 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49405 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49402 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49370 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49402 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49410 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49402 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49402 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49370 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49370 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49410 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49370 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49410 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49410 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49406 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49406 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49406 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49373 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49406 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49414 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49373 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49373 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49414 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49373 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49414 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49414 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49416 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49416 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49416 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49416 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49396 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49424 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49396 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49424 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49396 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49424 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49396 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49424 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49427 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49427 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49427 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49427 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49399 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 67.220.184.98:443 -> 192.168.56.101:49425 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49399 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49425 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49399 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49425 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49399 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49425 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49401 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49401 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49401 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49401 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49404 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49404 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49404 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49404 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49407 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49407 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49407 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49407 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49408 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49408 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49408 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49408 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49408 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49408 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49412 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49412 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49412 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49412 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49417 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49417 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49417 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49417 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49419 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49419 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49419 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49419 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49429 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49429 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49429 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49429 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49430 2029340 ET INFO TLS Handshake Failure Potentially Bad Traffic
TCP 192.168.56.101:49430 -> 67.220.184.98:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.101:49430 -> 67.220.184.98:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.101:49430 -> 67.220.184.98:443 906200022 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 67.220.184.98:443 -> 192.168.56.101:49306 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49241 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49282 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49306 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49222 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49241 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49282 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49222 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49379 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49394 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49394 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49421 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49421 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49299 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49400 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49327 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49299 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49251 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49400 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49327 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49353 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49379 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49251 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49353 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49389 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49234 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49389 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49361 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49234 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49361 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49422 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49316 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49207 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49311 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49422 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49207 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49316 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49311 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49377 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49409 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49377 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49270 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49409 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49398 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49270 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49398 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49235 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49286 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49235 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49286 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49369 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49349 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49369 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49383 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49349 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49252 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49383 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49252 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49315 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49243 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49315 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49243 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49253 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49290 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49374 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49253 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49290 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49284 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49374 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49420 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49284 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49420 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49334 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49212 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49413 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49334 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49212 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49413 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49340 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49339 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49340 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49339 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49205 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49205 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49410 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49380 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49410 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49388 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49232 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49356 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49380 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49388 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49356 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49405 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49320 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49405 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49320 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49263 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49281 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49346 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49263 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49281 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49346 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49424 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49424 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49229 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49210 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49287 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49209 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49232 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49229 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49209 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49210 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49287 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49406 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49404 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49406 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49376 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49404 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49384 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49376 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49393 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49384 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49393 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49257 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49359 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49257 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49359 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49237 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49333 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49372 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49386 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49237 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49268 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49333 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49372 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49386 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49268 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49247 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49264 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49308 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49247 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49264 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49426 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49308 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49426 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49295 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49295 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49216 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49218 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49397 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49216 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49397 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49218 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49326 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49206 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49326 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49228 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49330 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49206 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49314 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49228 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49330 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49314 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49395 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49395 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49211 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49296 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49262 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49283 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49211 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49262 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49296 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49283 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49358 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49358 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49285 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49238 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49429 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49258 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49385 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49238 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49429 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49260 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49258 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49385 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49260 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49387 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49265 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49351 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49265 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49328 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49279 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49351 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49328 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49279 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49240 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49271 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49276 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49240 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49259 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49271 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49276 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49259 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49291 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49297 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49347 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49363 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49297 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49347 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49291 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49363 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49387 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49285 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49269 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49269 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49415 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49362 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49256 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49378 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49418 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49415 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49362 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49256 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49367 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49418 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49378 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49367 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49371 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49371 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49289 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49382 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49272 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49273 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49382 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49289 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49360 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49272 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49273 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49217 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49360 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49217 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49307 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49224 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49307 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49336 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49224 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49336 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49227 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49401 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49202 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49227 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49401 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49202 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49364 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49366 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49288 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49364 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49355 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49278 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49366 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49288 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49335 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49355 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49335 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49350 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49348 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49350 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49277 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49370 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49348 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49381 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49277 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49370 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49381 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49201 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49261 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49201 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49261 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49419 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49368 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49300 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49419 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49368 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49300 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49431 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49254 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49431 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49254 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49344 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49244 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49278 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49344 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49298 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49293 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49298 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49293 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49323 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49250 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49325 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49250 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49244 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49323 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49325 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49390 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49390 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49345 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49324 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49236 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49345 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49324 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49365 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49236 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49414 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49329 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49414 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49303 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49365 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49220 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49428 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49220 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49303 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49428 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49425 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49317 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49425 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49331 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49317 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49337 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49392 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49331 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49337 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49392 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49302 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49203 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49302 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49357 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49329 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49203 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49225 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49357 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49312 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49225 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49214 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49301 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49214 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49312 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49301 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49305 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49245 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49305 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49245 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49332 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49332 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49321 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49427 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49321 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49403 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49427 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49407 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49246 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49403 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49407 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49215 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49246 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49215 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49402 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49255 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49402 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49231 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49255 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49231 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49280 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49275 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49226 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49275 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49280 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49226 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49249 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49249 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49239 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49416 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49239 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49416 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49399 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49399 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49341 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49294 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49341 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49294 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49417 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49417 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49423 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49391 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49423 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49391 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49322 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49322 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49230 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49230 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49267 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49304 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49267 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49304 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49411 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49411 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49354 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49318 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49354 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49318 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49319 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49319 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49219 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49274 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49219 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49274 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49375 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49375 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49266 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49266 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49223 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49223 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49396 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49396 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49373 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49373 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49310 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49310 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49412 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49412 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49352 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49352 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49233 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49233 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49430 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49430 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49242 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49242 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49338 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49338 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49292 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49292 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49213 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49213 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49248 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49248 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49343 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 67.220.184.98:443 -> 192.168.56.101:49343 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

IsDebuggerPresent

 0 0

IsDebuggerPresent

 0 0
Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

 1 1 0
suspicious_features GET method with no useragent header, Connection to IP address suspicious_request GET http://46.101.81.223/origin.exe
request GET http://46.101.81.223/origin.exe
Time & API Arguments Status Return Repeated

NtAllocateVirtualMemory

 process_identifier: 2444
region_size: 2097152
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x00840000
allocation_type: 8192 (MEM_RESERVE)
process_handle: 0xffffffff
1 0 0

NtAllocateVirtualMemory

 process_identifier: 2444
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x00a00000
allocation_type: 4096 (MEM_COMMIT)
process_handle: 0xffffffff
1 0 0

NtProtectVirtualMemory

 process_identifier: 2444
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x72741000
process_handle: 0xffffffff
1 0 0

NtProtectVirtualMemory

 process_identifier: 2444
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x72742000
process_handle: 0xffffffff
1 0 0

NtAllocateVirtualMemory

 process_identifier: 2444
region_size: 983040
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x006a0000
allocation_type: 8192 (MEM_RESERVE)
process_handle: 0xffffffff
1 0 0

NtAllocateVirtualMemory

 process_identifier: 2444
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x00750000
allocation_type: 4096 (MEM_COMMIT)
process_handle: 0xffffffff
1 0 0

NtAllocateVirtualMemory

 process_identifier: 2444
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x003a2000
allocation_type: 4096 (MEM_COMMIT)
process_handle: 0xffffffff
1 0 0

NtAllocateVirtualMemory

 process_identifier: 2444
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x00455000
allocation_type: 4096 (MEM_COMMIT)
process_handle: 0xffffffff
1 0 0

NtAllocateVirtualMemory

 process_identifier: 2444
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x0045b000
allocation_type: 4096 (MEM_COMMIT)
process_handle: 0xffffffff
1 0 0

NtAllocateVirtualMemory

 process_identifier: 2444
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x00457000
allocation_type: 4096 (MEM_COMMIT)
process_handle: 0xffffffff
1 0 0

NtAllocateVirtualMemory

 process_identifier: 2444
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x003bc000
allocation_type: 4096 (MEM_COMMIT)
process_handle: 0xffffffff
1 0 0

NtAllocateVirtualMemory

 process_identifier: 2444
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x00530000
allocation_type: 4096 (MEM_COMMIT)
process_handle: 0xffffffff
1 0 0

NtAllocateVirtualMemory

 process_identifier: 2444
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x003ca000
allocation_type: 4096 (MEM_COMMIT)
process_handle: 0xffffffff
1 0 0

NtAllocateVirtualMemory

 process_identifier: 2444
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x003c7000
allocation_type: 4096 (MEM_COMMIT)
process_handle: 0xffffffff
1 0 0

NtAllocateVirtualMemory

 process_identifier: 2444
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x003aa000
allocation_type: 4096 (MEM_COMMIT)
process_handle: 0xffffffff
1 0 0

NtAllocateVirtualMemory

 process_identifier: 2444
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x003c6000
allocation_type: 4096 (MEM_COMMIT)
process_handle: 0xffffffff
1 0 0

NtAllocateVirtualMemory

 process_identifier: 2444
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x003cb000
allocation_type: 4096 (MEM_COMMIT)
process_handle: 0xffffffff
1 0 0

NtAllocateVirtualMemory

 process_identifier: 2444
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x003ba000
allocation_type: 4096 (MEM_COMMIT)
process_handle: 0xffffffff
1 0 0

NtAllocateVirtualMemory

 process_identifier: 2444
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x003ac000
allocation_type: 4096 (MEM_COMMIT)
process_handle: 0xffffffff
1 0 0
Time & API Arguments Status Return Repeated

GetAdaptersAddresses

 flags: 15
family: 0
111 0
host 46.101.81.223
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.MSIL.Basic.9.Gen
FireEye Generic.mg.ddda0d5616775408
ALYac Trojan.MSIL.Basic.9.Gen
Cybereason malicious.616775
APEX Malicious
Kaspersky UDS:Trojan-PSW.MSIL.Agensla.gen
BitDefender Trojan.MSIL.Basic.9.Gen
Ad-Aware Trojan.MSIL.Basic.9.Gen
Emsisoft Trojan.MSIL.Basic.9.Gen (B)
eGambit Unsafe.AI_Score_92%
Microsoft Trojan:Win32/Wacatac.B!ml
Arcabit Trojan.MSIL.Basic.9.Gen
GData Trojan.MSIL.Basic.9.Gen
MAX malware (ai score=81)
SentinelOne Static AI - Suspicious PE
Fortinet MSIL/Bulz.0420!tr
BitDefenderTheta Gen:NN.ZemsilF.34692.am0@aqzcxin