popup
NetWork | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Network Analysis

Download pcap
Hosts 4 DNS 1 TCP 50 UDP 5 HTTP 0 ICMP 0 IRC 0 Suricata Snort
IP Address Status Action
164.124.101.2 Active Moloch
51.255.149.48 Active Moloch
62.217.160.2 Active Moloch
77.88.55.88 Active Moloch
Name Response Post-Analysis Lookup
magerint.com
A 51.255.149.48
51.255.149.48

No traffic

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

Flow SID Signature Category
TCP 192.168.56.103:49182 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49182 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49182 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.103:49188 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49176 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49176 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49188 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49182 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49168 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49188 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 51.255.149.48:443 -> 192.168.56.103:49182 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49168 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49190 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49168 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.103:49190 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49173 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49190 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.103:49173 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49188 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49173 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.103:49193 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49193 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49176 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49188 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49168 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49193 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 51.255.149.48:443 -> 192.168.56.103:49168 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49176 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49173 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49173 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49193 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49193 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49200 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49185 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49190 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49200 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49185 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49185 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.103:49196 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49196 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49202 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49200 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49202 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49200 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49196 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49202 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 51.255.149.48:443 -> 192.168.56.103:49185 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49191 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49196 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49185 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49191 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49202 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49212 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49191 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49202 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49212 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49198 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49191 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49198 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49198 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.103:49199 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49190 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49199 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49212 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49199 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 51.255.149.48:443 -> 192.168.56.103:49212 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49207 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49207 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49195 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49207 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.103:49195 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49195 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 51.255.149.48:443 -> 192.168.56.103:49199 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49203 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49216 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49199 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49216 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49207 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49207 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49195 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49195 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49203 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49203 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 51.255.149.48:443 -> 192.168.56.103:49216 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49206 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49206 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49216 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49211 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49206 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.103:49211 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49211 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.103:49210 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 51.255.149.48:443 -> 192.168.56.103:49206 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49224 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49206 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49224 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49211 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49211 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49237 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49237 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49224 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49237 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 51.255.149.48:443 -> 192.168.56.103:49224 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49219 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49208 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49219 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49208 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49219 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.103:49214 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49214 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49234 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49214 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 51.255.149.48:443 -> 192.168.56.103:49208 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49234 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49208 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49219 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49219 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49242 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49242 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49214 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49234 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49214 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49198 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49234 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49198 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49227 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49238 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49227 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49238 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49227 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.103:49218 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49236 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49204 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49218 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49236 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49204 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49218 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.103:49236 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 51.255.149.48:443 -> 192.168.56.103:49227 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49227 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49241 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49241 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49218 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49204 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49241 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 51.255.149.48:443 -> 192.168.56.103:49218 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49204 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49240 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49229 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49240 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49229 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49240 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.103:49229 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.103:49215 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49220 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49215 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49220 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49215 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 51.255.149.48:443 -> 192.168.56.103:49240 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49229 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49240 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49229 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49220 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49220 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49215 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49215 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49244 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49244 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49244 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.103:49222 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49222 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49226 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.103:49222 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 51.255.149.48:443 -> 192.168.56.103:49244 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49244 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49222 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49222 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49231 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49231 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49246 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49231 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.103:49246 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49223 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49223 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49223 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 51.255.149.48:443 -> 192.168.56.103:49246 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49231 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49246 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49231 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49223 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49223 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49233 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49233 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49233 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.103:49228 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49228 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49233 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49233 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49228 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49228 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49232 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49232 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49232 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 51.255.149.48:443 -> 192.168.56.103:49232 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49232 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49245 -> 51.255.149.48:443 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 192.168.56.103:49245 -> 51.255.149.48:443 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 192.168.56.103:49245 -> 51.255.149.48:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 51.255.149.48:443 -> 192.168.56.103:49238 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49238 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49226 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49226 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49203 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49203 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49242 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49242 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49186 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49186 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49210 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49245 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49210 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49245 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49236 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49236 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49237 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49237 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49241 2230002 SURICATA TLS invalid record type Generic Protocol Command Decode
TCP 51.255.149.48:443 -> 192.168.56.103:49241 2230010 SURICATA TLS invalid record/traffic Generic Protocol Command Decode

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts