Cuckoo Sandbox

IP Address	Status	Action	VT	Location
No hosts contacted.

Name	Response	Post-Analysis Lookup
No hosts contacted.

No traffic

No traffic

No traffic

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

Flow	SID	Signature	Category
TCP 198.251.84.141:443 -> 192.168.168.223:49287	2029340	ET INFO TLS Handshake Failure	Potentially Bad Traffic
TCP 192.168.168.223:49287 -> 198.251.84.141:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.168.223:49288 -> 198.251.84.141:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 198.251.84.141:443 -> 192.168.168.223:49287	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 198.251.84.141:443 -> 192.168.168.223:49288	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.168.223:49291 -> 198.251.84.141:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 198.251.84.141:443 -> 192.168.168.223:49291	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.168.223:49292 -> 198.251.84.141:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.168.223:49294 -> 198.251.84.141:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 198.251.84.141:443 -> 192.168.168.223:49294	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 192.168.168.223:49295 -> 198.251.84.141:443	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 198.251.84.141:443 -> 192.168.168.223:49292	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode
TCP 198.251.84.141:443 -> 192.168.168.223:49295	2230002	SURICATA TLS invalid record type	Generic Protocol Command Decode

Suricata TLS

Flow	Issuer	Subject	Fingerprint
TLS 1.2 192.168.168.223:49239 188.114.97.11:443	C=US, O=Google Trust Services, CN=WE1	CN=mij-zencowi.de	27:81:f0:68:3e:23:0e:1a:e2:59:22:5a:77:2b:af:54:21:cb:c7:9d
TLS 1.2 192.168.168.223:49238 188.114.97.11:443	C=US, O=Google Trust Services, CN=WE1	CN=mij-zencowi.de	27:81:f0:68:3e:23:0e:1a:e2:59:22:5a:77:2b:af:54:21:cb:c7:9d
TLS 1.2 192.168.168.223:49251 151.101.66.137:443	C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo ECC Domain Validation Secure Server CA	CN=*.jquery.com	cd:b5:6e:05:85:0c:5a:ae:47:12:80:2a:5b:c6:e5:8f:11:72:e2:b5
TLS 1.2 192.168.168.223:49250 151.101.66.137:443	C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo ECC Domain Validation Secure Server CA	CN=*.jquery.com	cd:b5:6e:05:85:0c:5a:ae:47:12:80:2a:5b:c6:e5:8f:11:72:e2:b5
TLS 1.2 192.168.168.223:49252 3.164.230.127:443	C=US, O=Amazon, CN=Amazon RSA 2048 M02	CN=*.imagekit.io	61:bf:f1:a1:c3:63:69:98:40:72:23:fe:9d:c6:a8:42:2e:10:3f:b0
TLS 1.2 192.168.168.223:49253 3.164.230.127:443	C=US, O=Amazon, CN=Amazon RSA 2048 M02	CN=*.imagekit.io	61:bf:f1:a1:c3:63:69:98:40:72:23:fe:9d:c6:a8:42:2e:10:3f:b0
TLS 1.2 192.168.168.223:49265 216.58.211.234:443	C=US, O=Google Trust Services, CN=WE2	CN=upload.video.google.com	7e:14:87:08:df:ba:04:65:17:ba:3b:4f:ba:ea:bc:8c:3f:0a:a4:00
TLS 1.2 192.168.168.223:49266 216.58.211.234:443	C=US, O=Google Trust Services, CN=WE2	CN=upload.video.google.com	7e:14:87:08:df:ba:04:65:17:ba:3b:4f:ba:ea:bc:8c:3f:0a:a4:00
TLS 1.2 192.168.168.223:49282 216.58.211.228:443	C=US, O=Google Trust Services, CN=WE2	CN=www.google.com	d0:d7:4c:27:9f:7b:15:26:db:1e:8c:54:8c:59:28:47:e4:a8:63:68
TLS 1.2 192.168.168.223:49283 216.58.211.228:443	C=US, O=Google Trust Services, CN=WE2	CN=www.google.com	d0:d7:4c:27:9f:7b:15:26:db:1e:8c:54:8c:59:28:47:e4:a8:63:68
TLS 1.2 192.168.168.223:49290 216.58.209.196:443	C=US, O=Google Trust Services, CN=WE2	CN=*.gstatic.com	62:27:9c:c9:95:ff:8f:83:34:d0:b1:42:cb:b7:63:c0:8e:6f:3e:f1
TLS 1.2 192.168.168.223:49289 216.58.209.196:443	C=US, O=Google Trust Services, CN=WE2	CN=*.gstatic.com	62:27:9c:c9:95:ff:8f:83:34:d0:b1:42:cb:b7:63:c0:8e:6f:3e:f1
TLS 1.2 192.168.168.223:49286 91.196.125.59:443	C=US, O=Let's Encrypt, CN=R10	CN=runo-kazanlak.com	17:4f:44:e0:b1:29:c0:6c:51:18:f0:44:70:34:1b:ce:33:62:f5:09
TLS 1.2 192.168.168.223:49285 91.196.125.59:443	C=US, O=Let's Encrypt, CN=R10	CN=runo-kazanlak.com	17:4f:44:e0:b1:29:c0:6c:51:18:f0:44:70:34:1b:ce:33:62:f5:09
TLS 1.2 192.168.168.223:49299 91.196.125.59:443	None	None	None
TLS 1.2 192.168.168.223:49300 91.196.125.59:443	None	None	None
TLS 1.2 192.168.168.223:49301 91.196.125.59:443	None	None	None
TLS 1.2 192.168.168.223:49303 91.196.125.59:443	None	None	None

Snort Alerts

No Snort Alerts

Cuckoo

We're processing your submission... This could take a few seconds.