Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| challenges.cloudflare.com | 104.17.2.184 |
GET
301
http://challenges.cloudflare.com/
REQUEST
RESPONSE
BODY
GET / HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
UA-CPU: AMD64
Accept-Encoding: gzip, deflate
Host: challenges.cloudflare.com
Connection: Keep-Alive
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Aug 2023 00:23:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 23 Aug 2023 01:23:36 GMT
Location: https://challenges.cloudflare.com/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7faf3536db44c171-ICN
alt-svc: h3=":443"; ma=86400
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
| Flow | SID | Signature | Category |
|---|---|---|---|
| TCP 192.168.56.101:49168 -> 104.17.3.184:443 | 906200054 | SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) | undefined |
| TCP 192.168.56.101:49166 -> 104.17.3.184:443 | 906200054 | SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) | undefined |
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts