SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure

131.188.40.189 - mailcious
89.163.164.202
116.12.180.237
193.23.244.244 - mailcious

ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 741
ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 149
ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 139
ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 287

SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure

http://apps.identrust.com/roots/dstrootcax3.p7c

cf-ipfs.com(104.17.64.14) - malware
104.17.96.13 - suspicious
121.254.136.74
192.121.44.26
199.58.81.140 - mailcious

ET INFO Peer to Peer File Sharing Service in DNS Lookup (cf-ipfs .com)
ET INFO Peer to Peer File Sharing Service Domain in TLS SNI (cf-ipfs .com)
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 307
ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 278

SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure

SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure

SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure

ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)

http://x1.i.lencr.org/

x1.i.lencr.org(23.52.33.11)
eduaiqi.uz(83.69.139.250) - mailcious
23.52.33.11
104.192.108.137
83.69.139.250 - mailcious

SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)