Network Analysis
Name | Response | Post-Analysis Lookup |
---|---|---|
jejendjcjfhh.com | 172.67.207.35 |
- UDP Requests
-
-
192.168.56.102:57660 164.124.101.2:53
-
192.168.56.102:137 192.168.56.255:137
-
192.168.56.102:138 192.168.56.255:138
-
192.168.56.102:49152 239.255.255.250:3702
-
192.168.56.102:56752 239.255.255.250:1900
-
192.168.56.102:56754 239.255.255.250:3702
-
192.168.56.102:56756 239.255.255.250:3702
-
192.168.56.102:57661 239.255.255.250:3702
-
GET
200
https://jejendjcjfhh.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-32CFDE036B8284D232AC019549C2132F.html
REQUEST
RESPONSE
BODY
GET /liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-32CFDE036B8284D232AC019549C2132F.html HTTP/1.1
UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36 OPR/38.0.2220.41
Host: jejendjcjfhh.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Date: Fri, 19 Mar 2021 09:24:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d6d0d0d5c9673023540fbb3669b850c631616145875; expires=Sun, 18-Apr-21 09:24:35 GMT; path=/; domain=.jejendjcjfhh.com; HttpOnly; SameSite=Lax; Secure
Last-Modified: Thu, 18 Mar 2021 06:03:14 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
cf-request-id: 08eb661a93000042d25ea78000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6ySwZ7Z6mB4%2FPJuWcflqGxEebZG9k8ONcEoHqtTSoOgnZHSz5OvpywVBRzRGqYQhA3i7IE5bZyPnkn0HD%2FK17K1CCLBhCwwG826VluZL9tXA"}]}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6325a60a8a3f42d2-LAX
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
200
https://jejendjcjfhh.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-27DEA882709EB4AB4DC87AB17C9F9AC4.html
REQUEST
RESPONSE
BODY
GET /liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-27DEA882709EB4AB4DC87AB17C9F9AC4.html HTTP/1.1
UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36 OPR/38.0.2220.41
Host: jejendjcjfhh.com
HTTP/1.1 200 OK
Date: Fri, 19 Mar 2021 09:24:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d20f2902bcc912671ed3040e0dff3478f1616145877; expires=Sun, 18-Apr-21 09:24:37 GMT; path=/; domain=.jejendjcjfhh.com; HttpOnly; SameSite=Lax; Secure
Last-Modified: Thu, 18 Mar 2021 06:03:16 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
cf-request-id: 08eb6621f4000042d2a02b3000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LE39miU5pzkpv8B7CrxefDOuv9IZZ6D2%2F9XPSArv5512hs2mCHN5P%2Fx56Dac8OKC7k5T%2BChon9ymKvZZ1P5zWuZTbpPXIHFx8ST%2FYQf1LoLl"}]}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6325a6165c6f42d2-LAX
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
200
https://jejendjcjfhh.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-EB3EAA6FFA810913E932ADBCF6EE4B10.html
REQUEST
RESPONSE
BODY
GET /liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-EB3EAA6FFA810913E932ADBCF6EE4B10.html HTTP/1.1
UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36 OPR/38.0.2220.41
Host: jejendjcjfhh.com
HTTP/1.1 200 OK
Date: Fri, 19 Mar 2021 09:24:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d75c118a623b76eca2356a0d3d3bb3e001616145878; expires=Sun, 18-Apr-21 09:24:38 GMT; path=/; domain=.jejendjcjfhh.com; HttpOnly; SameSite=Lax; Secure
Last-Modified: Thu, 18 Mar 2021 06:03:17 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
cf-request-id: 08eb6626bd000042d2cfbb8000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fWejY6xGCaySHR3onFGfondyBFEjEsr6R%2BhWGjAMcacyew7X9jJBxlsqAa2ObRgZBAptLNE6hok2lZOshSn23bkgtLTaL4Yq3UWG30Dc03L0"}]}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6325a61dfcda42d2-LAX
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
301
http://jejendjcjfhh.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-32CFDE036B8284D232AC019549C2132F.html
REQUEST
RESPONSE
BODY
GET /liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-32CFDE036B8284D232AC019549C2132F.html HTTP/1.1
UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36 OPR/38.0.2220.41
Host: jejendjcjfhh.com
Connection: Keep-Alive
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Mar 2021 09:24:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 19 Mar 2021 10:24:35 GMT
Location: https://jejendjcjfhh.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-32CFDE036B8284D232AC019549C2132F.html
cf-request-id: 08eb6618410000e4bcb1135000000001
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cJyHlRIQ88wvH5z9ULlmkiFHq64RGABnVj61629nnSxT9iR0rHolAo3SHTfwD01%2Fh0znPGCk3Vgiobs9GmltKYQh5RE%2F8LxOSpKhDjk%2BwMOQ"}]}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6325a606c850e4bc-LAX
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
301
http://jejendjcjfhh.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-27DEA882709EB4AB4DC87AB17C9F9AC4.html
REQUEST
RESPONSE
BODY
GET /liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-27DEA882709EB4AB4DC87AB17C9F9AC4.html HTTP/1.1
UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36 OPR/38.0.2220.41
Host: jejendjcjfhh.com
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Mar 2021 09:24:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 19 Mar 2021 10:24:37 GMT
Location: https://jejendjcjfhh.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-27DEA882709EB4AB4DC87AB17C9F9AC4.html
cf-request-id: 08eb6621660000e4bcd3b79000000001
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n1gl9%2Bxq1a6WdNP3yN%2By%2F4rv%2BLVtwxguWjydB2tjtAuQow2c5hxJy8fo%2FRVXt6V%2BcANo31sSQbuf97P09d8eE8UhGtvkVZue2oLwQsuBQkpy"}]}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6325a61579fde4bc-LAX
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
301
http://jejendjcjfhh.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-EB3EAA6FFA810913E932ADBCF6EE4B10.html
REQUEST
RESPONSE
BODY
GET /liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-EB3EAA6FFA810913E932ADBCF6EE4B10.html HTTP/1.1
UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36 OPR/38.0.2220.41
Host: jejendjcjfhh.com
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Mar 2021 09:24:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 19 Mar 2021 10:24:38 GMT
Location: https://jejendjcjfhh.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-EB3EAA6FFA810913E932ADBCF6EE4B10.html
cf-request-id: 08eb6626300000e4bcb6030000000001
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jFBDFzEem7cNdxQ3TMuh9Q7ojvwB5qbWRJjfQguE9rLibBfmkXT%2Bv0Rfpm4WQBvdGS%2Fb0KZVxWW9aLWsUQMMEPgrK%2FbhTsmE8dFvsfGJumSE"}]}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6325a61d1ee3e4bc-LAX
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
Flow | SID | Signature | Category |
---|---|---|---|
TCP 192.168.56.102:49807 -> 172.67.207.35:443 | 906200056 | SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) | undefined |
Suricata TLS
Flow | Issuer | Subject | Fingerprint |
---|---|---|---|
TLSv1 192.168.56.102:49807 172.67.207.35:443 |
C=US, O=Cloudflare, Inc., CN=Cloudflare Inc ECC CA-3 | C=US, ST=California, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com | 24:18:b3:f2:70:0a:f0:7c:35:ee:72:e7:30:b2:a1:36:a3:22:a9:7a |
Snort Alerts
No Snort Alerts