Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| firebasestorage.googleapis.com | 172.217.25.170 |
GET
400
https://firebasestorage.googleapis.com/v0/b/rodriakd-8413d.appspot.com/o/dll/dll%20Hope.txt?alt=media&token=61c829f6-e196-49e8-b4ff-041134577ffe
REQUEST
RESPONSE
BODY
GET /v0/b/rodriakd-8413d.appspot.com/o/dll/dll%20Hope.txt?alt=media&token=61c829f6-e196-49e8-b4ff-041134577ffe HTTP/1.1
Host: firebasestorage.googleapis.com
Connection: Keep-Alive
HTTP/1.1 400 Bad Request
X-Content-Type-Options: nosniff
Content-Type: application/json; charset=UTF-8
Access-Control-Expose-Headers: Content-Range, X-Firebase-Storage-XSRF
Access-Control-Allow-Origin: *
X-GUploader-UploadID: AHxI1nPjsUNK5mHybD58mE9Kzf4fkOo5fkSOr0qZJ3B9obHBIkCSfPqmGgbEqjcF-eUxDj8ow0k
Date: Fri, 09 Aug 2024 01:45:30 GMT
Expires: Fri, 09 Aug 2024 01:45:30 GMT
Cache-Control: private, max-age=0
Content-Length: 84
Server: UploadServer
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
| Flow | SID | Signature | Category |
|---|---|---|---|
| TCP 192.168.56.103:49166 -> 142.250.76.234:443 | 906200054 | SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) | undefined |
Suricata TLS
| Flow | Issuer | Subject | Fingerprint |
|---|---|---|---|
|
TLSv1 192.168.56.103:49166 142.250.76.234:443 |
C=US, O=Google Trust Services, CN=WR2 | CN=upload.video.google.com | c4:3f:12:39:d2:ec:4c:2c:1c:0a:a6:18:8e:2a:97:2c:d8:c2:7e:af |
Snort Alerts
No Snort Alerts