Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| www.kbproducciones.com |
CNAME
kbproducciones.com
|
50.63.15.171 |
No traffic
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
| Flow | SID | Signature | Category |
|---|---|---|---|
| TCP 192.168.56.101:49167 -> 50.63.15.171:443 | 906200054 | SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) | undefined |
Suricata TLS
| Flow | Issuer | Subject | Fingerprint |
|---|---|---|---|
|
TLSv1 192.168.56.101:49167 50.63.15.171:443 |
C=US, O=DigiCert Inc, OU=www.digicert.com, CN=RapidSSL TLS RSA CA G1 | CN=kbproducciones.com | f6:66:91:c6:36:7f:fc:41:a1:2e:cd:e6:8a:e1:3f:c6:bc:04:27:b0 |
Snort Alerts
No Snort Alerts