Network Analysis
Name | Response | Post-Analysis Lookup |
---|---|---|
aws.amazon.com | 13.225.123.73 |
No traffic
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
Flow | SID | Signature | Category |
---|---|---|---|
TCP 192.168.56.101:49201 -> 13.225.123.73:443 | 906200056 | SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) | undefined |
Suricata TLS
Flow | Issuer | Subject | Fingerprint |
---|---|---|---|
TLSv1 192.168.56.101:49201 13.225.123.73:443 |
C=US, O=Amazon, OU=Server CA 1B, CN=Amazon | CN=aws.amazon.com | f7:53:97:5e:76:1e:fb:f6:70:72:02:95:d5:9f:2f:05:52:79:5d:ae |
Snort Alerts
No Snort Alerts