Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| ajax.googleapis.com | 172.217.175.234 |
GET
200
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
REQUEST
RESPONSE
BODY
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Accept: */*
Accept-Language: ko-KR
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3)
Host: ajax.googleapis.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 30306
Date: Thu, 05 Aug 2021 01:55:54 GMT
Expires: Fri, 05 Aug 2022 01:55:54 GMT
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Age: 86276
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
| Flow | SID | Signature | Category |
|---|---|---|---|
| TCP 192.168.56.103:49162 -> 172.217.174.202:443 | 906200056 | SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) | undefined |
Suricata TLS
| Flow | Issuer | Subject | Fingerprint |
|---|---|---|---|
|
TLSv1 192.168.56.103:49162 172.217.174.202:443 |
C=US, O=Google Trust Services, CN=GTS CA 1O1 | C=US, ST=California, L=Mountain View, O=Google LLC, CN=upload.video.google.com | ff:c0:ff:a1:df:4a:a6:62:2c:77:6b:0d:f5:da:dd:3c:ed:16:58:29 |
Snort Alerts
No Snort Alerts