10006 |
2020-10-13 18:26
|
invoice.exe 9448a7e12108858e1e48097be290987b Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs WriteConsoleW Tofsee Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key Software crashed keylogger |
2
https://hastebin.com/raw/adibokuxit https://hastebin.com/raw/homocusoke
|
2
104.24.127.89 54.204.14.42
|
1
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
16.2 |
|
21 |
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
10007 |
2020-10-13 18:25
|
http://eddyholdingshuttle.co.z... 9448a7e12108858e1e48097be290987b Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files exploit crash unpack itself Windows utilities Check virtual network interfaces malicious URLs WriteConsoleW Tofsee Windows Exploit Browser Email ComputerName DNS Cryptographic key Software crashed keylogger |
6
http://eddyholdingshuttle.co.za/ID5/ima/miu/invoice.exe http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://crt.comodoca.com/COMODORSAAddTrustCA.crt https://hastebin.com/raw/adibokuxit https://hastebin.com/raw/homocusoke https://api.ipify.org/
|
5
104.24.127.89 117.18.232.200 154.0.174.186 50.19.252.36 91.199.212.52
|
3
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET MALWARE Possible Malicious Invoice EXE ET POLICY PE EXE or DLL Windows file download HTTP
|
|
17.6 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
10008 |
2020-10-13 16:51
|
https://bitbucket.org/soyag/la... b034a3ff4284b5b549d1c55387207229 Dridex Malware Code Injection unpack itself Windows utilities malicious URLs Tofsee Windows DNS |
|
1
|
3
ET INFO TLS Handshake Failure SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET JA3 Hash - Possible Malware - Unknown traffic associated with Dridex
|
|
2.8 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
10009 |
2020-10-13 11:22
|
http://www.advisertours.com/08... ca26ad3cfd67703c3e7a4855407725b5 Dridex VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities AppData folder malicious URLs Tofsee Windows Exploit DNS crashed |
3
http://www.advisertours.com/0810.gif http://www.advisertours.com/favicon.ico http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
|
2
117.18.232.200 192.185.76.253
|
4
ET POLICY PE EXE or DLL Windows file download HTTP SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO TLS Handshake Failure ET JA3 Hash - Possible Malware - Unknown traffic associated with Dridex
|
|
5.0 |
M |
46 |
admin
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
10010 |
2020-10-13 10:23
|
47694201-20200919-YB449177.doc 4c99a6917c48b0dc5f30045683c43840 ENERGETIC BEAR Vulnerability VirusTotal Malware Report Malicious Traffic unpack itself malicious URLs Tofsee Windows DNS |
1
http://binarywebtechsolutions.com/mobile-website-designing-company-in-gurgaon/CLZ/
|
8
103.151.217.206 148.66.138.103 181.30.61.163 189.2.177.210 38.88.126.202 51.38.124.206 54.37.42.48 91.105.94.200
|
8
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET CNC Feodo Tracker Reported CnC Server group 19 ET CNC Feodo Tracker Reported CnC Server group 24 ET CNC Feodo Tracker Reported CnC Server group 11 ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET INFO EXE - Served Attached HTTP ET CNC Feodo Tracker Reported CnC Server group 17
|
|
6.8 |
|
42 |
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
10011 |
2020-10-13 09:50
|
cr.exe d39be521d865df3ab5f3142e22427167 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs Tofsee Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key Software crashed keylogger |
2
http://crt.comodoca.com/COMODORSAAddTrustCA.crt https://api.ipify.org/
|
2
54.225.195.221 91.199.212.52
|
1
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
12.2 |
|
27 |
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
10012 |
2020-10-13 09:29
|
magi.jpg.exe 6f09c7f423232ef509f90e66b1146a50 VirusTotal Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key |
3
https://paste.ee/r/1o4s8 https://paste.ee/r/yRvFT https://paste.ee/r/Ooh5r
|
2
|
1
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
16.6 |
M |
34 |
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
10013 |
2020-10-09 10:02
|
http://popcash.net/world/go/18... 69f7b51e3f887ef9139b43b846a49cfd Dridex VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed |
7
http://chipdie.site/ http://ps.popcash.net/ad/ad?p=181821&w=589043&t=9bc74964fd6ccb57&r=&vw=0&vh=0 http://ps.popcash.net/go/181821/589043 http://popcash.net/world/go/181821/589043 http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://eu.dspultra.com/api/submit_form_request?p=204dca5a-0295-4f86-9478-9570c391faa4&ts=1602205208&z=3294095 http://eu.dspultra.com/api/win_request?sw=1365&sh=1024&ww=1387&wh=992&wiw=1365&wih=899&rf=http%3A%2F%2Fps.popcash.net%2Fgo%2F181821%2F589043&ad_scheme=1&x=1365&y=899&wx=-11&wy=-11&wfc=0&pl=http%3A%2F%2Feu.dspultra.com%2Fapi%2Fsubmit_form_request%3Fp%3D204dca5a-0295-4f86-9478-9570c391faa4%26ts%3D1602205208%26z%3D3294095%23pc303160&np=-1&pt=0&nb=0&ng=1&dm=undefined&cf=1&co=0&ix=0&fs=1&timeout=0&p=204dca5a-0295-4f86-9478-9570c391faa4
|
5
104.27.207.92 107.23.123.124 117.18.232.200 139.45.195.175 51.210.236.126
|
3
ET INFO TLS Handshake Failure ET JA3 Hash - Possible Malware - Unknown traffic associated with Dridex SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
4.6 |
M |
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
10014 |
2020-10-09 09:44
|
osi.exe 918b4df1f8d7b1e18e3e8fccdef3f5de VirusTotal Malware unpack itself Tofsee DNS crashed |
2
https://i.imgur.com/3zBLzB6.png https://i.imgur.com/removed.png https://i.imgur.com/3zBLzB6.png https://i.imgur.com/removed.png
|
1
|
1
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
3.0 |
|
37 |
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
10015 |
2020-10-08 11:03
|
http://50.121.226.158/changepw... 22d27255d945c05b79bfc74eb69a77a0 Dridex VirusTotal Malware Code Injection Malicious Traffic Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed |
4
http://50.121.226.158/WebTable.xml http://50.121.226.158/changepwd.htm http://50.121.226.158/Language.js http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
|
2
117.18.232.200 50.121.226.158
|
3
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO TLS Handshake Failure ET JA3 Hash - Possible Malware - Unknown traffic associated with Dridex
|
|
6.0 |
M |
50 |
admin
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
10016 |
2020-10-08 10:09
|
http://e-money.kr/ 7d4638c3d5662dd60fcee9df0d9b75e5 Dridex Malware Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed |
31
http://b.rmgserving.com/rmgjsc/zcFilters.js?1 http://e-money.kr/px.js?ch=1 http://usa.claudia-luc.com/zcvisitor/589a64bc-0902-11eb-86af-0aa13ab7a395?campaignid=082dbb60-c1ce-11ea-88e6-0a06ea97c507 http:///aS/feedclick?s=Ilxxar-4JDjHYSZnQRV0rUoLXZk8gkPQsSjqVHDOpXKt3Q5wgRfqufs5fHRXPDoQY_iD5bFykKi_84eTTfdYjvJhYB0lhN02w7bvw4bnd-VjhqNMiHJ9fai-4dt4G6B0hQ0O0I9iZDweaVYoZmXEVRx2SSF2407t6fiA7_-LQZyft_H8it74-MCSkp68JrQ5kQiFGbsH4KIaErBWzlaW_MO8KmEjE3lCpNiSF15W_V7SUHgp2EbYUXv-BEgjbgjmkJv6Zqf22z24Nl70bRlTg9pYsL10OFCvIGFtwg0rXatySHfdF8Ma1khyFWvk52zyKIXSLIdZ7HmgngA9SL4TWj_LFKaQfdCIVYx2X8on_ZxYsVcZjpavJHkTi8lKZLSFZ3WnptWoEGfiYqdNQvLa1zYaJ_flDSUFZ8QWW7j6bn4-5zQAw_SMiBNyfJB76_soJBDnmy9KcrrukHRdpN_Ky8b09gJfW0ZvZFMqPcFWV_1VbRWxQXVc1AgbEayT77cmeBYM8WxJqThPSMz6AXLSWsIzIWDhCyPFQv1jnWu5jDoD-RtqD0DhJx881oqN8FHp9zvvrB2YFlgKX3CMvJEOMMNLM_aBO0od_5G12CrcSxwdVheP618whVXoFzZwClqnBwbpMBt722_9MnwxkvCKPybQAHvNFc8Z3Ab3Vs1F_CDc6AzY3U8-3MMEjlRQOdHrYQe2Ve6QWpx-fowfT0ljP0o1Z3tvae2vJTu6AXYz7K5xQ2OBY6HRrcMEjlRQOdHrYQe2Ve6QWpykVYgezfQi84VSvZDL2LJTH3F3jCkW0WtD_DEBkoG6S2_kDY12OmKsBcHnW2pP37JPd3WLs0oh_dRNVZ-ACrlVJcOjNy0cM1P7eTT2i8z6r-wdPNEnP4nG3X9jCxMVLrs http://e-money.kr/?ga=JJCURHLA7qw%2B05rh%2Bx0uDALoxqdTCVF2r%2FmNxY3H3mQim55Yq7Fkqg%2BDMEcM2R8crZYe1SUsSC3dwd2hofxKvGqNeq5F4tx%2BdLuVgokX7KG%2F5ouqW%2F8sQVvzrI8ffybkVwAyTKyeyIaL%2BoLilX%2FXUf2Bo9YRpSljzbLgOaFv%2Fq8%3D&gerf=S5EtlxgEAAlD44ULHvzHaeBvc5wIobe%2FwdGCf3By8kM%3D&guro=%2B7XX1JeT64uhJWLzEHmespziJO7yLR5kkMAMjev8SS4opaHIlKuYDRtVqWS%2BPR3L& http://usa.claudia-luc.com/zcredirect?visitid=589a64bc-0902-11eb-86af-0aa13ab7a395&type=js&browserWidth=1365&browserHeight=899&iframeDetected=false http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://e-money.kr/px.js?ch=2 http://e-money.kr/ http://ww1.trhzc.com/adclk?&gm=Vru8h4hi67vqeS5uDRGWDnap1lY7tr2%2FFlpHY09LFXJM0YaafEab6DuUu3hutciFPDRG8S19n9gZzmXB32N1DhCV%2F4pJJT9WEEIEsPdh9ySs4HtuyV5yh9wBV0HwGclEuPsBN%2BXoYnhTmNRTh9h9VIYW0Nz7aROWZ9iL9wNOMjnH0GLUxG4pfAzCoPeJnOFcvOmHx1kB0CvIVqdSEFNkP52c%2F8qd7UyGb%2FsLAtBSNjKziS1A8prAjTzAn3v5FUX0GIYMarlph%2BKsoR8BAv5rpRw7cuWr0K9zTwxjoADhkbR0ZXdAyIx%2BNGcNWrfhmpStLreEDKmj2HvLnMDxWgxXdmKyam2NvUSvsTGKXizkygbnLKWgFEiLdOQjJ3pLfDHsrhGvmai9%2FiipXycK6ynCCBTC0h3t9rsFH9D1pkF4pItQlLokbIZtli0UpTp2VYSVJqbXA1aQ%2FPm6Y6ObmhtaTLkw53CvJGdAJOm0T0mpM0jyQigi8tUnktVZmRbSZ7v8OrBTFIhA2tD6k9HR%2BsCbftrqQl%2FbkR1G61Rik3EmAXKBUQRsr283TvurP3ZUD6KbrSlv%2Fa3sWBq1txkld6WsPV08i2gKmENHURqGpqc2YdaevkHxBlamzB2WTZqIEx81pBLU5uEisFr2f%2FLenjM7uHlgTyrQaAMi1jRhMjQcm9kjHwvZmCav1iOdexDLr9e7UjnnGkggLxvA1kdkeB0qgl%2B3VInHxySINW%2Fd3twL%2B0MyiBbBFSVEc4XS3b6E2sHtX%2Bu8p2N2GIiVo9revwvRWslzlWLC5lIBFnm%2BVu7zEXGI824PA24b1qUC8di2TVrTokG7geW5aPgjVDSaUeAinjtV9u%2F934%2FLqo3rCr1PcSVmHG%2BYkLj5irj6kLAu3160fNOyIxOHycnDqZfd90xBVukT81ijsSrIOl2axNTVzyR0%2B7UyrnQujmxGWpZYbHkjIsBrixaIb78jXiR3v22V%2FcgZaQdQZkbLPLcSPomgsil4l0Fpp%2FQm5H3kY1v%2FkuH1QJtOsn%2Fb0aCpte3tYAYV2yJ1bboKxcpGQ2T8qALK6LuBfWjsUNhDtwytNjQVoQMbhlfjqoQVteu1A5OUT7XJ63D3L3pA82RI6JWUyD6JB20eKGNh75xDN%2BmrR6EkKDc0cnXiQGFZntUdCCXDKlDY12noOlO4ydPnnYkU2D3zD7ofBV%2FKtJfeBh2Dlj9S8B0c3GK4IgjNEw6cQwq09TceqcFl8gLgFimRqAMdfPOTmWw%3D&gc=11193496647250322798711&gi=%2FiZuu3AYALKPdk%2BjumQpi8Vjo6xMauokTWEMnfl57zKBrxGJsifdsE8SyVMkDFC4Nbk0oQ5Gr%2FR2aJpYBKEn5OlRwlLZhcbJj1PjqUfe%2FdAAKmf5fpfkUoiipMjehlyAj2xn62Ln2O7R4xdXuv%2Fc%2BPXiYXyF6AKMSKzfcpQ4PJtm8ELUN8tBUOHAZsrEgypSLpFxIOoX%2BpNKuSH1USEgTHr2j1NbFLPrIYvwhWend4UB5QxvxvkeTXiVvCxQzOVOxtUkAiWa5G5LBS%2FiY%2FUVZtynG4ko2iK0LpLohRobVO7raRTI%2B7ZoGfRoh190%2Bz7BkygGBcKwkCH%2BkQZzvh0XSrLZhmvCCd6UFnEP9haC%2Bvxgxk9mY16DvflnPpwGT93JU6b6xQs9QRv2S%2Buz2Qf5dMhR%2FhZF%2BTUfHJZDx55nJe3Wl6gHy7TqiMoIMtTw%2FHjT6PuFfEW4JyQRdKYQTqeeclaMda5jllTrLoq9%2BtEa2TsaJFa2%2BaZqXKv%2B13%2Fkmxm51D%2BRoSE%2Bu92iZpJuNU5VhdbvCzb5%2BLLQP3XCXb0absor1qJwI1zkazfdpvYCn2gu8bhWfU1d8CrWdPRmF3ZfWSZ24zyTWZO9Yu5kz8v%2B2iI%3D&kgp=0&jccheck=1&jccheck=1 https://www.lovefiestaonline.club/?pazer&source=ochre-snail https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js https://assets.landingpages.gamigo.com/assets/fiesta/vid_fiestagf/css/style.animated.css https://assets.landingpages.gamigo.com/assets/fiesta/vid_fiestagf/images/fiesta-logo.png https://assets.landingpages.gamigo.com/assets/fiesta/vid_fiestagf/css/reg.min.css https://assets.landingpages.gamigo.com/assets/fiesta/vid_fiestagf/images/fiesta-forest-background-mask.png https://assets.landingpages.gamigo.com/RegAPI/validation/jquery.validationEngine-en-c.min.js https://assets.landingpages.gamigo.com/RegAPI/emailonly1.1.4.2.min.js?t=1535120453 https://assets.landingpages.gamigo.com/legal/meWantCookies1.8.js https://assets.landingpages.gamigo.com/RegAPI/images/gamigo-icons.png https://assets.landingpages.gamigo.com/assets/fiesta/vid_fiestagf/images/oh-dini-en.png https://assets.landingpages.gamigo.com/assets/fiesta/vid_fiestagf/images/regbox_ranken.png https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js https://assets.landingpages.gamigo.com/assets/fiesta/vid_fiestagf/images/bullet.png https://assets.landingpages.gamigo.com/assets/fiesta/vid_fiestagf/images/button.png https://assets.landingpages.gamigo.com/assets/fiesta/vid_fiestagf/images/reg_button.png https://fonts.googleapis.com/css?family=Cinzel+Decorative:900%7CCinzel:900%7CLato:400,700&subset=latin https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wWA.woff https://fonts.gstatic.com/s/cinzeldecorative/v9/daaHSScvJGqLYhG8nNt8KPPswUAPniZQa9lESTc.woff https://fonts.gstatic.com/s/cinzel/v10/8vIU7ww63mVu7gtR-kwKxNvkNOjw-n_gfY3lCw.woff https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPHw.woff
|
11
117.18.232.200 121.254.136.24 141.8.224.25 172.217.175.106 172.217.25.67 172.217.27.74 172.67.216.63 173.192.101.24 208.73.211.165 54.225.132.253 69.16.175.42
|
4
ET DROP Spamhaus DROP Listed Traffic Inbound group 37 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO TLS Handshake Failure ET JA3 Hash - Possible Malware - Unknown traffic associated with Dridex
|
|
4.6 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
10017 |
2020-10-08 09:29
|
don.exe 1941b425080aeb2d67a5f87c416c78dc Browser Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs WriteConsoleW Tofsee Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key crashed keylogger |
4
http://crt.comodoca.com/COMODORSAAddTrustCA.crt https://pastebin.com/raw/1KhstdKx https://pastebin.com/raw/Q0L8DPuZ https://api.ipify.org/
|
3
104.23.98.190 54.227.255.202 91.199.212.52
|
1
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
15.8 |
|
18 |
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
10018 |
2020-10-07 10:04
|
http://50.121.226.158/changepw... 22d27255d945c05b79bfc74eb69a77a0 Dridex VirusTotal Malware Code Injection Malicious Traffic Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed |
4
http://50.121.226.158/WebTable.xml http://50.121.226.158/changepwd.htm http://50.121.226.158/Language.js http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
|
2
117.18.232.200 50.121.226.158
|
3
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO TLS Handshake Failure ET JA3 Hash - Possible Malware - Unknown traffic associated with Dridex
|
|
6.0 |
|
50 |
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
10019 |
2020-10-07 09:30
|
v.exe 95458c35d7afba9c35a6742af517e531 Browser Info Stealer VirusTotal Email Client Info Stealer Malware powershell AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process AppData folder malicious URLs sandbox evasion WriteConsoleW Tofsee Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key crashed keylogger |
3
http://crt.comodoca.com/COMODORSAAddTrustCA.crt https://pastebin.com/raw/W63zsRav https://api.ipify.org/
|
3
104.23.98.190 54.235.182.194 91.199.212.52
|
1
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
21.6 |
|
33 |
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
10020 |
2020-10-07 09:20
|
m.exe e86dfa940e4913b73a5ce0d94df2a10a Browser Info Stealer VirusTotal Email Client Info Stealer Malware powershell AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process AppData folder malicious URLs sandbox evasion WriteConsoleW Tofsee Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key crashed keylogger |
3
http://crt.comodoca.com/COMODORSAAddTrustCA.crt https://pastebin.com/raw/W63zsRav https://api.ipify.org/
|
3
104.23.99.190 23.21.252.4 91.199.212.52
|
1
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
21.0 |
|
35 |
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|