Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| toolgamepc.blogspot.com | 142.250.207.97 |
GET
0
https://toolgamepc.blogspot.com/p/tgp.html
REQUEST
RESPONSE
BODY
GET /p/tgp.html HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0
Host: toolgamepc.blogspot.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Tue, 03 Sep 2024 00:30:11 GMT
Date: Tue, 03 Sep 2024 00:30:11 GMT
Cache-Control: private, max-age=0
Last-Modified: Wed, 28 Aug 2024 15:57:02 GMT
X-Robots-Tag: all,noodp
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Accept-Ranges: none
Vary: Accept-Encoding
Transfer-Encoding: chunked
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
| Flow | SID | Signature | Category |
|---|---|---|---|
| TCP 192.168.56.103:49162 -> 172.217.27.33:443 | 906200054 | SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) | undefined |
Suricata TLS
| Flow | Issuer | Subject | Fingerprint |
|---|---|---|---|
|
TLSv1 192.168.56.103:49162 172.217.27.33:443 |
C=US, O=Google Trust Services, CN=WR2 | CN=misc-sni.blogspot.com | 19:1a:ab:37:46:a3:1f:05:55:e6:dd:6b:99:d8:a7:eb:f7:f6:d5:e1 |
Snort Alerts
No Snort Alerts