Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	June 7, 2024, 9:35 a.m.	June 7, 2024, 9:42 a.m.

Size	7.0KB
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`e0354350b177887076f4c89567e0af8d`
SHA256	`584c91693287a0d6c66f27a8c0f1841aad3368bc48b9d36b1088548f9f370032`
CRC32	`E7CE4D7D`
ssdeep	`96:nGJKj1y2oPbML8RcyuHazDvDId4IBmc+TMsa+aIVzNt:G4jU2o48RVHA4U0Zv`
Yara	PE_Header_Zero - PE File Signature Is_DotNET_EXE - (no description) IsPE32 - (no description)

lsass.exe "C:\Users\test22\AppData\Local\Temp\lsass.exe"
1540

Name	Response	Post-Analysis Lookup
www1.militarydefensenow.com	A 34.192.83.212	34.192.83.212

IP Address	Status	Action
164.124.101.2	Active	Moloch
34.192.83.212	Active	Moloch

Suricata Alerts

Flow	SID	Signature	Category
TCP 192.168.56.103:49166 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49166 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49166 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49174 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49174 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49174 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49166	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49166	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49161 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49174	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49161 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49174	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49161 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49161	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49161	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49167 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49167 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49167 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49165 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49165 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49165 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49169 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49169 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49169 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49165	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49165	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49169	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49169	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49172 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49172 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49172 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49170 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49170 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49172	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49172	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49163 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49163 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49164 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49163 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49164 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49164 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49170 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49163	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49163	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49173 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49173 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49173 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49168 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49173	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49168 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49173	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49168 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49164	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49168	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49164	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49168	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49175 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49171 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49175 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49171 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49175 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49171 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49175	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49175	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49171	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49171	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49176 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49176 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49176 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49176	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49176	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49178 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49180 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49178 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49180 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49178 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49180 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49177 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49177 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49177 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49180	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49178	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49180	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49178	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49177	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49177	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49183 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49183 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49190 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49181 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49183 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49190 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49190 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49181 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49181 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49190	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49190	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49181	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49183	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49181	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49183	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49200 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49200 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49200 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49182 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49182 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49193 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49182 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49193 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49193 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49200	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49200	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49182	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49182	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49193	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49193	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49208 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49208 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49208 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49184 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49196 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49184 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49196 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49184 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49196 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49208	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49208	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49186 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49186 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49184	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49186 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49184	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49199 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49213 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49199 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49213 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49199 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49213 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49185 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49188 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49185 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49188 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49185 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49188 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49203 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49216 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49203 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49216 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49203 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49188	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49216 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49188	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49192 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49203	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49192 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49203	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49192 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49189 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49189 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49223 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49189 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49192	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49223 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49192	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49206 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49223 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49206 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49206 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49189	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49189	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49223	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49195 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49223	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49206	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49195 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49206	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49195 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49201 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49201 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49230 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49195	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49201 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49230 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49210 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49195	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49210 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49230 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49210 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49201	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49201	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49179 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49179 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49197 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49179 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49210	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49197 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49210	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49197 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49209 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49179	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49209 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49179	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49209 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49197	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49197	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49235 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49235 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49235 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49198 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49198 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49198 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49219 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49202 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49219 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49202 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49219 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49202 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49198	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49198	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49237 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49237 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49237 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49207 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49220 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49207 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49237	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49220 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49207 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49204 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49237	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49220 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49204 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49204 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49207	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49207	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49240 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49240 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49240 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49205 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49205 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49222 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49205 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49222 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49240	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49222 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49240	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49222	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49222	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49211 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49211 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49246 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49211 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49246 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49246 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49224 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49224 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49246	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49224 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49246	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49215 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49215 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49215 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49224	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49224	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49253 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49215	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49253 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49215	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49253 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49228 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49228 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49228 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49217 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49217 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49255 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49217 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49228	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49255 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49228	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49230	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49255 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49217	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49217	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49255	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49255	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49218 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49218 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49218 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49220	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49264 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49231 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49220	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49264 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49231 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49264 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49231 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49218	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49218	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49264	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49231	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49264	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49231	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49226 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49226 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49267 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49226 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49267 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49267 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49269 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49269 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49234 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49269 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49234 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49267	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49234 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49267	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49229 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49269	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49229 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49269	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49229 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49234	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49234	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49271 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49271 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49271 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49277 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49229	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49277 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49277 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49229	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49244 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49271	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49244 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49277	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49271	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49244 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49277	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49232 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49232 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49232 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49244	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49244	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49278 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49278 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49278 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49232	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49232	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49248 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49248 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49248 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49230	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49233 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49280 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49280 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49280 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49281 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49233 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49281 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49233 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49238 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49281 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49238 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49238 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49233	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49250 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49280	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49233	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49250 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49280	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49250 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49281	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49281	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49238	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49238	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49250	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49242 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49250	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49242 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49242 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49288 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49288 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49288 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49242	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49242	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49288	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49288	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49260 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49239 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49252 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49260 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49252 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49260 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49239 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49252 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49293 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49239 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49293 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49187 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49187 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49187 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49293 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49262 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49293	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49293	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49191 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49191 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49191 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49297 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49252	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49252	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49239	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49239	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49212 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49212 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49212 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49254 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49254 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49254 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49241 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49212	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49297 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49241 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49212	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49297 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49241 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49297	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49241	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49297	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49241	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49214 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49214 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49214 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49214	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49243 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49243 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49262 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49243 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49262 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49214	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49300 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49243	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49300 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49243	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49300 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49259 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49259 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49221 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49259 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49221 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49245 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49221 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49245 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49263 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49263 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49245 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49259	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49263 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49259	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49221	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49300	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49221	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49300	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49263	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49263	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49270 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49270 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49270 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49301 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49225 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49301 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49225 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49268 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49301 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49225 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49268 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49268 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49276 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49276 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49225	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49276 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49225	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49307 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49307 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49276	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49307 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49276	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49268	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49227 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49227 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49289 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49227 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49289 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49289 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49287 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49313 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49287 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49227	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49313 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49287 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49227	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49313 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49302 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49313	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49268	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49313	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49236 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49236 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49236 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49292 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49292 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49292 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49272 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49236	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49272 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49317 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49236	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49272 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49317 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49292	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49317 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49292	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49272	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49272	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49249 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49317	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49249 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49317	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49249 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49303 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49303 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49303 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49302 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49273 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49249	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49326 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49273 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49249	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49326 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49273 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49326 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49302 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49305 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49305 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49305 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49251 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49302	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49251 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49302	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49251 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49330 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49305	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49330 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49305	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49330 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49251	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49251	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49335 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49335 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49335 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49306 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49306 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49306 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49332 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49257 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49332 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49273	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49257 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49332 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49257 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49273	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49306	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49306	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49257	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49257	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49337 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49337 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49337 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49312 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49312 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49266 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49312 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49279 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49266 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49279 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49266 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49279 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49312	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49312	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49346 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49346 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49266	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49346 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49266	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49339 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49339 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49346	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49325 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49339 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49346	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49325 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49325 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49275 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49275 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49275 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49339	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49325	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49339	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49350 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49325	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49350 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49350 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49275	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49275	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49282 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49282 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49350	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49245	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49350	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49245	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49360 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49285 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49360 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49285 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49360 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49285 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49282 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49247 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49247 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49360	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49285	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49360	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49282	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49285	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49329 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49282	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49329 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49329 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49329	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49294 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49329	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49294 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49294 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49333 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49333 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49283 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49333 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49283 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49295 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49247 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49283 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49295 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49295 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49247	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49283	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49247	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49283	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49298 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49298 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49256 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49298 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49290 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49256 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49290 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49256 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49290 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49298	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49256	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49298	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49256	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49291 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49291 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49291 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49309 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49309 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49309 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49291	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49291	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49309	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49309	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49344 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49344 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49344 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49299 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49258 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49299 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49299 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49310 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49310 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49344	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49310 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49344	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49299	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49299	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49310	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49310	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49345 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49345 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49345 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49308 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49308 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49308 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49316 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49345	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49316 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49345	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49316 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49308	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49308	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49316	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49316	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49347 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49347 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49347 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49311 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49311 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49311 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49347	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49319 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49258 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49319 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49258 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49319 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49311	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49347	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49311	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49319	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49319	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49348 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49314 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49348 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49314 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49348 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49314 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49320 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49320 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49320 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49314	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49314	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49351 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49351 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49320	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49351 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49320	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49315 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49258	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49315 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49258	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49315 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49321 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49321 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49321 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49315	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49315	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49261 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49261 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49321	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49261 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49321	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49324 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49324 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49324 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49322 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49322 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49351	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49322 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49351	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49324	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49324	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49322	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49322	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49355 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49355 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49336 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49355 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49336 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49261	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49336 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49261	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49334 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49334 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49334 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49265 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49265 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49265 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49340 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49340 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49340 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49341 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49341 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49265	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49341 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49265	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49340	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49340	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49341	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49341	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49274 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49274 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49274 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49349 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49349 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49349 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49343 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49343 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49343 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49349	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49356 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49349	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49356 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49356 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49274	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49343	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49343	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49356	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49356	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49363 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49363 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49363 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49368 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49368 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49368 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49375 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49375 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49375 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49368	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49368	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49274	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49375	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49375	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49284 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49369 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49284 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49369 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49369 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49405 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49405 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49405 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49370 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49370 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49370 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49407 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49407 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49407 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49387 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49387 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49387 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49407	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49407	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49352 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49352 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49352 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49419 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49419 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49419 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49352	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49352	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49419	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49419	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49366 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49366 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49366 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49428 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49428 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49428 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49387	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49387	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49428	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49428	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49388 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49388 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49388 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49438 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49438 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49388	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49438 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49388	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49438	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49438	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49391 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49391 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49391 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49441 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49391	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49391	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49441 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49392 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49392 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49392 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49378 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49378 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49378 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49284 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49441 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49367 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49367 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49284	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49392	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49284	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49392	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49379 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49441	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49379 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49441	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49379 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49367 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49286 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49379	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49286 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49379	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49443 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49286 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49443 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49367	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49443 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49399 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49399 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49399 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49384 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49367	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49384 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49384 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49296 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49296 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49296 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49384	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49371 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49384	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49371 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49447 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49371 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49296	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49447 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49296	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49447 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49386 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49386 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49447	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49386 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49447	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49304 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49374 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49304 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49374 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49304 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49374 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49386	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49386	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49458 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49458 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49304	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49458 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49304	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49399	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49399	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49395 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49458	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49395 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49458	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49395 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49318 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49402 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49318 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49374	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49402 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49318 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49374	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49402 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49395	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49395	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49318	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49402	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49318	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49402	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49376 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49376 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49376 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49413 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49413 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49413 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49323 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49404 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49323 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49404 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49323 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49404 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49377 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49377 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49377 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49404	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49323	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49404	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49416 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49323	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49416 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49416 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49377	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49377	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49408 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49416	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49408 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49327 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49416	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49408 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49327 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49327 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49380 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49380 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49408	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49380 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49408	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49421 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49327	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49421 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49327	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49421 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49380	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49380	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49411 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49411 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49421	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49411 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49421	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49328 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49328 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49328 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49385 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49385 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49411	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49385 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49411	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49423 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49423 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49423 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49331 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49417 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49423	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49331 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49417 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49423	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49417 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49390 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49331 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49390 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49390 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49417	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49417	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49390	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49431 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49390	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49431 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49431 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49338 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49338 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49338 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49418 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49431	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49418 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49393 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49418 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49431	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49393 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49338	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49393 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49338	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49418	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49418	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49393	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49434 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49393	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49434 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49434 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49342 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49342 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49342 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49420 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49420 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49396 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49420 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49396 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49342	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49396 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49342	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49439 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49439 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49439 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49420	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49396	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49420	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49396	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49353 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49439	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49353 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49439	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49353 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49409 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49353	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49409 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49429 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49409 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49353	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49440 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49429 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49440 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49429 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49440 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49358 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49440	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49358 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49440	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49415 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49358 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49415 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49433 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49415 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49433 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49433 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49358	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49446 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49415	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49358	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49446 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49433	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49446 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49433	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49415	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49359 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49446	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49359 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49446	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49359 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49448 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49425 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49448 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49425 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49448 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49425 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49359	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49359	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49448	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49448	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49444 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49444 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49365 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49444 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49365 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49450 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49365 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49450 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49450 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49444	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49444	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49365	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49365	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49450	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49450	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49457 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49449 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49457 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49449 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49457 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49372 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49449 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49372 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49372 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49455 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49457	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49455 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49449	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49455 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49457	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49449	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49372	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49372	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49467 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49451 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49467 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49451 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49467 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49451 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49383 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49459 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49383 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49459 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49383 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49459 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49451	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49467	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49451	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49467	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49383	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49383	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49461 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49461 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49461 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49453 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49453 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49453 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49394 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49394 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49394 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49453	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49464 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49453	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49464 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49464 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49394	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49394	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49466 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49400 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49466 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49400 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49466 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49400 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49400	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49466	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49400	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49466	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49401 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49401 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49401 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49401	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49401	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49406 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49406 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49406 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49410 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49410 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49410 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49410	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49410	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49422 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49422 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49422 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49422	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49422	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49430 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49430 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49430 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49430	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49430	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49354 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49354 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49432 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49354 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49432 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49432 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49432	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49432	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49357 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49357 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49357 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49436 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49436 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49436 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49357	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49357	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49454 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49454 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49361 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49454 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49361 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49361 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49454	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49454	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49361	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49361	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49456 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49456 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49362 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49456 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49362 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49362 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49362	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49362	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49460 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49460	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49460	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49364 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49364 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49364 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49460 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49460 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49364	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49364	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49373 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49373 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49373 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49373	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49373	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49381 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49381 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49381 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49381	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49381	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49382 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49382 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49382 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49382	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49382	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49389 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49389 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49389 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49397 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49397 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49397 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49397	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49397	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49398 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49398 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49398 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49398	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49398	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49403 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49403 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49403 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49403	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49403	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49412 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49412 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49412 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49412	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49412	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49414 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49414 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49414 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49414	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49414	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49424 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49424 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49424 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49424	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49424	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49426 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49426 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49426 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49426	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49426	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49427 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49427 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49427 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49427	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49427	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49435 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49435 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49435 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49435	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49435	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49437 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49437 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49437 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49437	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49437	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49442 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49442 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49442 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.103:49445 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49445 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49445 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49445	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49445	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49452 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49452 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49452 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49452	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49452	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49462 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49462 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49462 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49462	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49462	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49463 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49463 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49463 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49463	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49463	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49465 -> 34.192.83.212:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.56.103:49465 -> 34.192.83.212:443	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49465 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49465	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49465	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49295	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49185	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49295	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49185	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49456	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49456	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49219	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49219	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49371	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49371	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49355	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49355	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49461	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49385	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49461	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49385	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49211	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49211	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49436	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49436	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49204	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49204	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49369	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49369	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49331	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49331	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49459	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49459	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49366	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49363	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49366	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49363	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49376	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49287	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49289	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49376	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49287	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49289	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49328	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49294	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49328	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49294	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49348	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49348	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49216	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49389	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49216	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49389	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49333	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49333	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49213	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49213	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49334	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49260	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49334	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49260	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49205	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49406	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49205	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49406	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49290	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49290	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49455	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49455	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49425	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49425	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49170	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49170	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49464	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49464	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49202	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49186	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49202	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49186	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49187	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49187	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49370	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49405	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49370	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49405	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49429	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49429	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49226	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49226	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49409	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49409	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49270	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49270	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49303	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49303	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49191	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49191	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49254	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49254	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49335	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49335	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49332	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49209	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49286	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49332	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49209	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49286	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49248	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49248	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49167	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49167	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49330	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49330	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49336	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49336	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49413	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49413	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49279	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49253	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49279	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49253	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49434	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49434	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49354	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49354	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49196	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49196	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49262	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49262	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49235	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49235	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49442	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49442	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49199	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49199	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 192.168.56.103:49468 -> 34.192.83.212:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 34.192.83.212:443 -> 192.168.56.103:49378	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49378	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49301	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49301	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49278	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49278	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49307	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49307	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49337	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49337	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49326	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 34.192.83.212:443 -> 192.168.56.103:49326	2230010	SURICATA TLS invalid record/traffic	Generic Protocol Command Decode

Suricata TLS

No Suricata TLS

Checks if process is being debugged by a debugger (2 events)

Time & API	Arguments	Status	Return	Repeated
IsDebuggerPresent June 7, 2024, 9:35 a.m.			0	0
IsDebuggerPresent June 7, 2024, 9:35 a.m.			0	0

Uses Windows APIs to generate a cryptographic key (2 events)

Time & API	Arguments	Status	Return	Repeated
CryptExportKey June 7, 2024, 9:35 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x004411b8 flags: 0 crypto_export_handle: 0x00000000 blob_type: 8	1	1	0
CryptExportKey June 7, 2024, 9:35 a.m.	buffer: f .°ñ1½@m/Î&?Iªy½tQ0Fg¯É crypto_handle: 0x004411b8 flags: 0 crypto_export_handle: 0x00000000 blob_type: 8	1	1	0

Checks amount of memory in system, this can be used to detect virtual machines that have a low amount of memory available (1 event)

Time & API	Arguments	Status	Return	Repeated
GlobalMemoryStatusEx June 7, 2024, 9:35 a.m.		1	1	0

Allocates read-write-execute memory (usually to unpack itself) (19 events)

Time & API	Arguments	Status
NtAllocateVirtualMemory June 7, 2024, 9:35 a.m.	process_identifier: 1540 region_size: 1572864 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00820000 allocation_type: 8192 (MEM_RESERVE) process_handle: 0xffffffff	1
NtAllocateVirtualMemory June 7, 2024, 9:35 a.m.	process_identifier: 1540 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00960000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtProtectVirtualMemory June 7, 2024, 9:35 a.m.	process_identifier: 1540 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x73f61000 process_handle: 0xffffffff	1
NtProtectVirtualMemory June 7, 2024, 9:35 a.m.	process_identifier: 1540 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x73f62000 process_handle: 0xffffffff	1
NtAllocateVirtualMemory June 7, 2024, 9:35 a.m.	process_identifier: 1540 region_size: 2162688 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02280000 allocation_type: 8192 (MEM_RESERVE) process_handle: 0xffffffff	1
NtAllocateVirtualMemory June 7, 2024, 9:35 a.m.	process_identifier: 1540 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02450000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory June 7, 2024, 9:35 a.m.	process_identifier: 1540 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00512000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory June 7, 2024, 9:35 a.m.	process_identifier: 1540 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00545000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory June 7, 2024, 9:35 a.m.	process_identifier: 1540 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0054b000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory June 7, 2024, 9:35 a.m.	process_identifier: 1540 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00547000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory June 7, 2024, 9:35 a.m.	process_identifier: 1540 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0052c000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory June 7, 2024, 9:35 a.m.	process_identifier: 1540 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00650000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory June 7, 2024, 9:35 a.m.	process_identifier: 1540 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0051c000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory June 7, 2024, 9:35 a.m.	process_identifier: 1540 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0051a000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory June 7, 2024, 9:35 a.m.	process_identifier: 1540 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00536000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory June 7, 2024, 9:35 a.m.	process_identifier: 1540 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0052a000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory June 7, 2024, 9:35 a.m.	process_identifier: 1540 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0053a000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory June 7, 2024, 9:35 a.m.	process_identifier: 1540 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00537000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory June 7, 2024, 9:35 a.m.	process_identifier: 1540 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0053b000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1

Checks adapter addresses which can be used to detect virtual network interfaces (1 event)

Time & API	Arguments	Status	Return	Repeated
GetAdaptersAddresses June 7, 2024, 9:35 a.m.	flags: 1158 family: 0	1	0	0

Looks for the Windows Idle Time to determine the uptime (1 event)

Time & API	Arguments	Status	Return	Repeated
NtQuerySystemInformation June 7, 2024, 9:35 a.m.	information_class: 8 (SystemProcessorPerformanceInformation)	1	0	0

A process attempted to delay the analysis task. (1 event)

description

lsass.exe tried to sleep 5456426 seconds, actually delayed analysis time by 5456426 seconds

Network communications indicative of possible code injection originated from the process lsass.exe (50 out of 307 events)

Time & API	Arguments	Status	Return	Repeated
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÅ)íy9Ä$ñ©«áÅ+á¨x^·û#²/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 976		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÆ;V(Ïðµø»ÎeTØ =¹Í/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 976		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÆ¶ÏY¬pRG°ÉÞãq>iv¢g ªËòæ/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1176		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÇyQtÒ=R áhXñü){¢a!.¡û/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1176		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÇ÷¡; [ß¡ÏH7H3Ã>5[ÑÂ À/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1176		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÇ×¹>I[ÊzbªYë7#Jc)Åû}/üÒþ/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1176		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÈÚÅ=ÅÞGÚ¦s÷G?>p2M.h'çRyQ/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1176		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÈ<EÆ]W%c@Cùj\6Ù¶vòn¹÷L9Å/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1216		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÉÇ@ÃÉ"løsÉ_VÓþçpL½°/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1216		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÉüÄ7e¢ëL´>.åHhb0±@áó"®Ar%f¦/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1216		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÉ«-·,¦¬1 &^«¹N¸ï¤o/®?sÃ/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1216		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÊÁì}ÔÍ®<EÒk9udÆe6çìÞN`4/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1220		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÊêX oØïZv Òv9RÿùÍÙYFaXÁ/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1244		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUË§éh=°yP¬^iÃT½*ûqbsÁó)^8ðõZ/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1248		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUË÷/RÂ³þ´¥prSBzku²û<< à/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1248		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUËD¶«Uå\GÚ=#,u¨ÛÒ0 ò.»Y/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1248		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÌìÄU«Àä@}t¾¬ås2½ãËÉæôþW/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1248		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÌó,âZÈÈ³\|Lj%¨ky^oÂÜÚÈ/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1248		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÌØ?hÜÕ]Xo}í5³çHñ¡ÛÞixq½/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1248		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÍËUòí¸½$æ·d.D ½"%anæ¶/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1248		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÍÑ)õæ,8ð½µ\|ÀgOcÆëóu/Û¢À[/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1248		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÎ·ÁY¤£ÒS±ê"KRAl¤÷æY/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1248		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÎRÌL²¢^%^( §ÍlÁ¸¥Í}#¾/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1248		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÎêT¯ý\Q~¨n©PdÈ´8ÐXµ©lÚt n#/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1252		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÏýÚ¡Ís;Ô(j¹Y)<Ak%T=UÀ/¶/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1252		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÏ¸ài×¸ÿ)"çR~«s3ÃÓEäãt z/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1252		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÐþ1ùµn ¥Òí¼yþòÔäAÎ;l®Nð/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1252		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÐ½kÆ©4NË}jÒäÛv`ã7*¡Õ/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1260		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÐ'&$(^c(¬Ê¬0$*²RÊç^p¡}^¬/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1260		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÑ>Cîg×®Ä1înÙ*À#ËTó.oOµ/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1264		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÑäL²jR7Òèä¢RM ^!H.ÛèÈl/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1264		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÑ!id/%VèO¦xî¸À´â)r,plôÿÿ/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1264		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÒQ"H176DWGåß8Bµ¤zÒÏ½¼cL/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1264		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÒ:FoéÃÐ>nDæ*{ÍA#ZB+ù}ê/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1264		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÓ¾0bÌzÏËÀög,-Å'Yðý®§%ËÛg/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1264		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÓËw ìi?R^¡eÌÔAÊeÖ%+¯áüÊ!/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1264		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÓãÏÝÖ×~ã;Å¿Vç Ûn8ákí#K ÛµÒµ/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1264		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÔÍfúfÀw³R2öMd!ëâÎ¼×+7Mÿ/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1264		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÔvnÛ÷º÷÷ÏíÕÓ§xdö.·ÍÍé$/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1268		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÕát,ÆRdÛââ^/)ß`B°)[ªi¾ÙUã/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1268		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÕ¿òñé+\|p`pøõóû]A¯8g½í^/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1268		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÕiºc.lcSÌNÂaÇv@\æôýgöq(ö/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1268		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÖ@q×D?özÚ»F ãõÅ!h£[vKUýÒx·/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1268		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÖàÓþpÛ0T7aµ)Î¼{ÅøÊ^&O/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1268		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUÖý>J¬½½Q.Åqv³´ÝbûlãòêøF£/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1268		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbU×_¡)h+CëÞ`61åº~q£Üñ/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1268		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbU×«eÄ9ïCN1ÂùíÃÏCVw^V½tÂ/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1268		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUØ\¨bÔ¡[ç{q´J®ÍÞãÙÌª*S<â/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1284		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUØ8ZY¾~÷aa´cë"R±È¼FU]t¬ç/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1284		0	0
WSASend June 7, 2024, 9:35 a.m.	buffer: ~zfbUØTvðéñ~?kàÜìâ^ÛÂÃìïô{/5 ÀÀÀ À 289ÿ www1.militarydefensenow.com socket: 1284		0	0

File has been identified by 50 AntiVirus engines on VirusTotal as malicious (50 events)

Bkav	W32.AIDetectMalware.CS
Lionic	Trojan.Win32.Blocker.V!c
Skyhigh	Artemis!Trojan
ALYac	Trojan.GenericKD.73028396
Cylance	Unsafe
VIPRE	Trojan.GenericKD.73028396
Sangfor	Downloader.Msil.Blocker.Vi0r
K7AntiVirus	Trojan-Downloader ( 005b40de1 )
BitDefender	Trojan.GenericKD.73028396
K7GW	Trojan-Downloader ( 005b40de1 )
Arcabit	Trojan.Generic.D45A532C
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/TrojanDownloader.Agent.QOL
APEX	Malicious
McAfee	Artemis!E0354350B177
Avast	Win32:DropperX-gen [Drp]
Kaspersky	HEUR:Trojan-Ransom.MSIL.Blocker.gen
Alibaba	Ransom:MSIL/Blocker.134704be
MicroWorld-eScan	Trojan.GenericKD.73028396
Rising	Malware.Obfus/MSIL@AI.88 (RDM.MSIL2:udsDB7Xt8XFpqGsFC3fotg)
Emsisoft	Trojan.GenericKD.73028396 (B)
F-Secure	Trojan.TR/Dldr.Agent.gprfd
Zillya	Trojan.Blocker.Win32.166019
McAfeeD	Real Protect-LS!E0354350B177
FireEye	Trojan.GenericKD.73028396
Sophos	Mal/Generic-S
Ikarus	Trojan-Downloader.MSIL.Agent
Webroot	W32.Malware.Gen
Google	Detected
Avira	TR/Dldr.Agent.gprfd
Antiy-AVL	Trojan/Win32.Wacatac
Kingsoft	MSIL.Trojan-Ransom.Blocker.gen
Microsoft	Trojan:MSIL/PureLog.RDG!MTB
ZoneAlarm	HEUR:Trojan-Ransom.MSIL.Blocker.gen
GData	Win32.Trojan.Agent.9CGW8Q
Varist	W32/ABRisk.FRCT-5681
AhnLab-V3	Dropper/Win.DropperX-gen.C5630376
BitDefenderTheta	Gen:NN.ZemsilF.36806.am0@amBOBtj
DeepInstinct	MALICIOUS
VBA32	TScope.Trojan.MSIL
Malwarebytes	Trojan.Downloader.MSIL
Panda	Trj/Chgt.AD
Tencent	Malware.Win32.Gencirc.10bffd39
MAX	malware (ai score=82)
MaxSecure	Trojan.Malware.73689294.susgen
Fortinet	MSIL/Agent.PVH!tr
AVG	Win32:DropperX-gen [Drp]
Paloalto	generic.ml
alibabacloud	Ransomware:MSIL/Blocker.gyf

lsass.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All