wwf.org(104.18.7.142)
104.18.6.142

SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure

http://www.webtro.co.kr/404.html
http://www.isujeil.co.kr/pg/adm/img/upload1/list.php?query=1
https://www.webtro.co.kr/css_new/r_style.css
https://www.webtro.co.kr/favicon.ico
https://www.webtro.co.kr/img/bg02.gif
https://www.webtro.co.kr/img/bg05.gif
https://www.webtro.co.kr/img/bg04.gif
https://www.webtro.co.kr/img/404.gif
https://www.webtro.co.kr/404.html
https://www.webtro.co.kr/img/bg03.gif
https://www.webtro.co.kr/img/bg01.gif

www.isujeil.co.kr(218.150.78.197)
www.webtro.co.kr(115.71.232.63)
115.71.232.63
218.150.78.197

SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)

api.ipify.org(64.185.227.156)
104.237.62.212

ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup
ET INFO TLS Handshake Failure
ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)

ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)

mgwdg.jungleheart.com(206.71.149.162)
206.71.149.162

SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO DYNAMIC_DNS Query to a *.jungleheart .com Domain
ET INFO TLS Handshake Failure
SURICATA Applayer Wrong direction first Data

https://x311.com/font-awesome/css/4448.7z

restohalto.site() - mailcious
x311.com(209.59.190.160)
www.7-zip.org(49.12.202.237)
209.59.190.160
49.12.202.237

https://virtuehost.net/clients/ferndale/node_modules/json-schema-traverse/spec/fixtures/786.7z

virtuehost.net(192.185.33.166)
www.7-zip.org(49.12.202.237)
49.12.202.237
192.185.33.166

https://kernel.picturate.me/wp-content/plugins/royal-elementor-addons/modules/team-member/widgets/4099.7z

restohalto.site()
kernel.picturate.me(159.65.24.188)
www.7-zip.org(49.12.202.237)
159.65.24.188
49.12.202.237

https://burpeesconpan.com/wp-content/plugins/jetpack/modules/related-posts/rtl/2575.7z

restohalto.site()
burpeesconpan.com(198.57.242.58)
www.7-zip.org(49.12.202.237)
198.57.242.58
49.12.202.237