|
Time |
Victim OS |
Infection Source |
C&C Server |
DNS Lookups & Failed Connects |
Infection Port |
Packet Trace |
Detection Signatures |
Infection Chatter |
BotHunter Analysis |
Behavioral Cluster |
Forensic Logs |
Antivirus Labels |
Packed Malware_Binary |
Unpacked egg.exe |
Unpacked egg.asm |
Packer PEID |
Data Strings |
Syscall Trace |
| 00:11:00 | Win2K-f | 203.222.209.91 (HIMAWARINET.NE.JP): NISHIKYUSYU ELECTRICAL EQUIPMENT, JP. |
67.43.236.98:1863 | :xx.nadnadzz.info CA:xx.enterhere.biz CA:zonetech.info US:130.107.156.40:40564 |
135 | pcap | raw alerts ruleset |
irc http 255 lines |
Yeah : 1.8 profile |
none | summary tarball |
19 of 36 16 of 36 20 of 36 34 of 36 10 of 36 |
27aab4187c NEW 3cd1361df4 NEW a65dda48ec NEW bd1d52b9c3 NEW c025f08a76 NEW |
none[none] none [none] none [none] none [none] none [none] |
none:none none:none none:none none:none none:none |
none|none none|none none|none none|none none|none |
none none none none none |
none none none none none |
| T:00:26:00 | WinXP | 92.114.177.248 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | HK:proxim.ircgalaxy.pl RU:moscow-advokat.ru HK:210.245.211.11:65520 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 27fce8cf02 NEW |
none[none] | none:none |
none|none | none | none |
| 00:52:00 | WinXP | 70.60.110.101 (RR.COM): ROAD RUNNER HOLDCO LLC, CHARLOTTE, NORTH CAROLINA, US. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.69:80 |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 0 of 33 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 73f1082158 [Firefox:1045 hits: 06-18 to 09-14] e07c29c4ae [Firefox:434 hits: 06-19 to 09-14] |
none[4] 73f1082158[1] e07c29c4ae[1] |
none:none ASM:Graph ASM:Graph |
tElock| Armadillo| FSG| |
none lines=81 lines=92 |
trace trace trace |
| 00:52:00 | WinXP | 68.184.109.17 (CHARTER.COM): CHARTER COMMUNICATIONS, DOUGLAS, GEORGIA, US. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 12 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 00:54:00 | WinXP | 78.38.76.79 (-): INFORMATION TECHNOLOGY COMPANY (ITC), IR. |
n/a | 445 | pcap | raw alerts ruleset |
http 2 lines |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 01:40:00 | WinXP | 202.133.199.165 (DCTECH.COM.PH): DCTECH MICRO SERVICES INC, DAVAO, DAVAO CITY, PH. |
n/a | HK:proxim.ircgalaxy.pl RU:moscow-advokat.ru HK:210.245.211.11:65520 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
33 of 36 | d175563b7f NEW |
none[none] | none:none |
none|none | none | none |
| 01:43:00 | WinXP | 91.115.17.169 (TELEKOM.AT): TELEKOM AUSTRIA AKTIENGESELLSCHAFT, AT. |
n/a | US:www.altavista.com US:www.yahoo.com :jbeegvia.ru EU:crutop.nu US:www.worldbank.org :yoiayoi.ru :wcqahzhzn.ru :iirpryry.ru :rihafvu.ru :ryryodokm.ru :wpad :uvjiis.ru :gwvwka.ru :jqsbnyzkp.ru :pvygdo.ru :fxkyagpnw.ru :knclvdz.ru :trsqeigw.ru :odokeqy.ru :kelmpsjp.ru :edjiesp.ru :vllcdvv.ru :nuksdln.ru :tmmeno.ru :zoxdgqx.ru :pwvbfz.ru SE:kavkaz.tv :nuzbcp.ru :bqpuqt.ru :okskyyn.ru RU:alfabank.ru :pnlkria.ru |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
31 of 32 | 17028f1eda [Firefox:29 hits: 04-18 to 08-27] |
none[3] | none:none |
tElock| | none | trace |
| T:02:20:00 | WinXP | 41.234.168.25 (TEDATA.NET): PROVIDER LOCAL REGISTRY, EG. |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1068 hits: 12-31 to 09-14] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 02:23:00 | WinXP | 78.48.0.166 (HANSENET.DE): HANSENET TELEKOMMUNIKATION GMBH, GELSENKIRCHEN, NORDRHEIN-WESTFALEN, DE. |
n/a | HK:proxim.ircgalaxy.pl HK:210.245.211.11:80 |
445 | pcap | raw alerts ruleset |
shell ftp 16 lines |
Yeah : 1.3 profile |
none | summary tarball |
34 of 36 | 75c16054ca NEW |
none[none] | none:none |
none|none | none | none |
| T:02:26:00 | WinXP | 92.60.225.91 (IKBCC.COM): EU-ZZ, UK. |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
27 of 32 | f190da6fbe [Firefox:26 hits: 01-02 to 08-23] |
d8dc6af14c [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:02:31:00 | WinXP | 114.120.1.106 (-): . |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | eec7cce07c [Firefox: 4 hits: 08-15 to 08-29] |
none[none] | none:none |
none|none | none | none |
| T:02:47:00 | Win2K-f | 203.153.41.34 (-): RAILWAY BOARD NEW DELHI, DELHI, DELHI, IN. (100Mbps) |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.108.126:80 |
135 | pcap | raw alerts ruleset |
other 142 lines |
Yeah : 1.3 profile |
none | summary tarball |
32 of 36 33 of 35 |
77bf3c6d25 NEW 88fd020726 NEW |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| 03:11:00 | Win2K-f | 75.45.254.210 (SBCGLOBAL.NET): PPPOX POOL RBACK11.SFLDMI, WATERFORD, MICHIGAN, US. (DSL) |
n/a | 135 | pcap | raw alerts ruleset |
other 18 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 03:12:00 | WinXP | 61.205.7.146 (EONET.NE.JP): K-OPTICOM CORPORATION, JP. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 16 lines |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | 831f4ee0a7 [Firefox:532 hits: 01-01 to 09-14] |
eb7546c600 [0] | ASM:Graph |
none|none | lines=61 | trace | |
| 03:17:00 | WinXP | 68.146.252.242 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, CALGARY, ALBERTA, CA. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 77 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 0 of 33 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 73f1082158 [Firefox:1045 hits: 06-18 to 09-14] e07c29c4ae [Firefox:434 hits: 06-19 to 09-14] |
none[4] 73f1082158[1] e07c29c4ae[1] |
none:none ASM:Graph ASM:Graph |
tElock| Armadillo| FSG| |
none lines=81 lines=92 |
trace trace trace |
| 03:43:00 | Win2K-f | 71.111.178.98 (VERIZON.NET): VERIZON INTERNET SERVICES INC, ALOHA, OREGON, US. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.173.46:80 |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 0 of 32 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] a08f3b74a4 [Firefox:712 hits: 06-18 to 09-14] b5919931fe [Firefox:563 hits: 06-20 to 09-14] |
none[4] a08f3b74a4[1] b5919931fe[1] |
none:none ASM:Graph ASM:Graph |
tElock| Armadillo| ASProtect| |
none lines=81 lines=90 |
trace trace trace |
| 03:44:00 | WinXP | 124.241.136.202 (STARCAT.NE.JP): KMN CORPORATION, NAGOYA, AICHI, JP. |
n/a | 135 | pcap | raw alerts ruleset |
other 18 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:04:05:00 | Win2K-f | 70.60.110.101 (RR.COM): ROAD RUNNER HOLDCO LLC, CHARLOTTE, NORTH CAROLINA, US. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.115:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 73f1082158 [Firefox:1045 hits: 06-18 to 09-14] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:04:15:00 | WinXP | 220.210.248.171 (MEGAEGG.NE.JP): ENERGIA COMMUNICATIONS INC, JP. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 15 lines |
Yeah : 1.3 profile |
none | summary tarball |
31 of 32 | 741e3b03b3 [Firefox:354 hits: 01-05 to 09-14] |
e0197e8a64 [0] | ASM:Graph |
none|none | lines=62 | trace | |
| T:04:28:00 | WinXP | 79.184.42.180 (TPNET.PL): TPSA, PL. |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1068 hits: 12-31 to 09-14] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 04:39:00 | Win2K-f | 66.184.15.228 (LDMI.COM): TALK AMERICA, VICTORIA, BRITISH COLUMBIA, CA. |
n/a | US:microsoft.com HK:proxim.ircgalaxy.pl US:download.microsoft.com US:205.128.73.126:80 US:207.123.42.126:80 HK:210.245.211.11:65520 US:4.23.60.125:80 |
135 | pcap | raw alerts ruleset |
other 113 lines |
Yeah : 1.3 profile |
none | summary tarball |
32 of 36 35 of 36 |
d37d58322a NEW f4a5378d44 NEW |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| 04:43:00 | Win2K-f | 69.89.102.70 (ACD.NET): ACD.NET, US. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.173.46:80 US:208.111.173.47:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 73f1082158 [Firefox:1045 hits: 06-18 to 09-14] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 04:56:00 | Win2K-f | 64.192.64.16 (WCG.NET): LIGHTCORE A CENTURYTELCOMPANY, NASHUA, NEW HAMPSHIRE, US. |
210.245.211.11:65520 | US:microsoft.com HK:proxim.ircgalaxy.pl US:download.microsoft.com DE:dl2.teenpassage.com US:192.221.108.126:80 HK:210.245.211.11:65520 |
135 | pcap | raw alerts ruleset |
irc http 120 lines |
Yeah : 1.8 profile |
none | summary tarball |
31 of 33 29 of 33 |
1b94c1cc14 [Firefox: 7 hits: 07-01 to 08-19] 62728ad1cd [Firefox: 7 hits: 07-01 to 08-19] |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| T:05:01:00 | WinXP | 124.195.153.195 (-): . |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 112 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] a08f3b74a4 [Firefox:712 hits: 06-18 to 09-14] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 05:02:00 | WinXP | 118.8.186.150 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 14 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | 831f4ee0a7 [Firefox:532 hits: 01-01 to 09-14] |
eb7546c600 [0] | ASM:Graph |
none|none | lines=61 | trace | |
| 05:14:00 | WinXP | 221.245.22.21 (UCOM.NE.JP): KG, JP. (100Mbps) |
n/a | RU:moscow-advokat.ru RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
36 of 36 | a9cfbd1b0c [Firefox: 2 hits: 09-12 to 09-13] |
none[none] | none:none |
none|none | none | none |
| T:05:15:00 | WinXP | 221.245.22.21 (UCOM.NE.JP): KG, JP. (100Mbps) |
n/a | RU:moscow-advokat.ru HR:london.uk.eu.undernet.org SE:qis.md.us.dal.net SE:vancouver.dal.net NL:diemen.nl.eu.undernet.org RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
36 of 36 | a9cfbd1b0c [Firefox: 2 hits: 09-12 to 09-13] |
none[none] | none:none |
none|none | none | none |
| 05:17:00 | WinXP | 85.85.82.235 (CLIENTES.EUSKALTEL.ES): EUSKALTEL, ES. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | be4b2d7742 NEW |
none[none] | none:none |
none|none | none | none |
| T:05:22:00 | Win2K-f | 76.194.20.43 (MIDWEST-CONNECTIONS.COM): MIDWEST CONNECTIONS, PAOLA, KANSAS, US. |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 0 of 32 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] a08f3b74a4 [Firefox:712 hits: 06-18 to 09-14] b5919931fe [Firefox:563 hits: 06-20 to 09-14] |
none[4] a08f3b74a4[1] b5919931fe[1] |
none:none ASM:Graph ASM:Graph |
tElock| Armadillo| ASProtect| |
none lines=81 lines=90 |
trace trace trace |
| 05:22:00 | Win2K-f | 93.81.8.223 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
210.245.211.11:65520 | HK:proxim.ircgalaxy.pl DE:dl2.teenpassage.com US:microsoft.com US:download.microsoft.com HK:210.245.211.11:65520 DE:85.114.141.207:80 |
445 | pcap | raw alerts ruleset |
irc 9 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 05:23:00 | Win2K-f | 24.80.113.212 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, BURNABY, BRITISH COLUMBIA, CA. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 125 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 36 31 of 36 0 of 32 |
0115338c8b NEW 321f4fc27d NEW b5919931fe [Firefox:563 hits: 06-20 to 09-14] |
none[none] none [none] b5919931fe[1] |
none:none none:none ASM:Graph |
none|none none|none ASProtect| |
none none lines=90 |
none none trace |
| 05:26:00 | WinXP | 114.120.41.179 (-): . |
n/a | RU:moscow-advokat.ru :caen.fr.eu.undernet.org NO:london.uk.eu.undernet.org :gaspode.zanet.org.za US:lia.zanet.net :los-angeles.ca.us.undernet.org SE:ced.dal.net :washington.dc.us.undernet.org SE:qis.md.us.dal.net :lulea.se.eu.undernet.org NL:diemen.nl.eu.undernet.org SE:broadway.ny.us.dal.net AT:graz.at.eu.undernet.org RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 | f0b49cdcfc [Firefox:14 hits: 07-04 to 09-13] |
none[none] | none:none |
none|none | none | none |
| 05:37:00 | WinXP | 114.120.15.137 (-): . |
210.245.211.11:65520 | HK:proxim.ircgalaxy.pl RU:moscow-advokat.ru DE:dl2.teenpassage.com :washington.dc.us.undernet.org SE:coins.dal.net NO:london.uk.eu.undernet.org SE:ced.dal.net :lulea.se.eu.undernet.org :los-angeles.ca.us.undernet.org SE:viking.dal.net RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http irc 4 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 36 | c3bc53e727 NEW |
none[none] | none:none |
none|none | none | none |
| 06:04:00 | Win2K-f | 12.64.66.167 (PRSERV.NET): AT&T GLOBAL SERVICES, CHICAGO, ILLINOIS, US. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.153.236:80 US:208.111.173.16:80 |
135 | pcap | raw alerts ruleset |
other 182 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 73f1082158 [Firefox:1045 hits: 06-18 to 09-14] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:06:33:00 | WinXP | 64.184.89.107 (SWAYZEE.COM): SWAYZEE TELEPHONE CO, SWAYZEE, INDIANA, US. |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
34 of 36 | 49d6cdaab4 NEW |
none[none] | none:none |
none|none | none | none |
| 06:39:00 | WinXP | 219.249.176.30 (HANANET.NET): HANARO TELECOM INC, SEOUL, KYONGGI-DO, KR. |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.108.126:80 US:205.128.73.126:80 US:207.123.37.123:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 33 33 of 33 |
4c3df24b32 [Firefox:181 hits: 06-17 to 09-14] 53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] |
4c3df24b32 [1] none [4] |
ASM:Graph none:none |
Armadillo| tElock| |
lines=81 none |
trace trace |
| T:06:45:00 | WinXP | 12.208.80.133 (MCHSI.COM): MEDIACOM COMMUNICATIONS CORP, VERNON HILLS, ILLINOIS, US. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 15 lines |
Yeah : 1.3 profile |
none | summary tarball |
31 of 32 | 741e3b03b3 [Firefox:354 hits: 01-05 to 09-14] |
e0197e8a64 [0] | ASM:Graph |
none|none | lines=62 | trace | |
| 06:51:00 | WinXP | 4.87.93.191 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, HILLIARD, FLORIDA, US. |
210.245.211.11:65520 | HK:proxim.ircgalaxy.pl US:microsoft.com US:download.microsoft.com DE:dl2.teenpassage.com HK:210.245.211.11:65520 |
135 | pcap | raw alerts ruleset |
http irc 183 lines |
Yeah : 1.8 profile |
none | summary tarball |
32 of 36 35 of 36 0 of 33 |
9335b705d0 NEW d43a1e42d2 NEW e07c29c4ae [Firefox:434 hits: 06-19 to 09-14] |
none[none] none [none] e07c29c4ae[1] |
none:none none:none ASM:Graph |
none|none none|none FSG| |
none none lines=92 |
none none trace |
| T:07:02:00 | Win2K-f | 12.219.244.164 (MCHSI.COM): MEDIACOM COMMUNICATIONS CORP, RIDGECREST, CALIFORNIA, US. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.99.126:80 US:205.128.73.126:80 US:209.84.20.126:80 |
135 | pcap | raw alerts ruleset |
other 59 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 8 of 33 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] b7082104e4 [Firefox:128 hits: 06-18 to 09-14] |
none[4] none [4] |
none:none none:none |
tElock| tElock| |
none none |
trace trace |
| T:07:12:00 | WinXP | 219.122.228.152 (EONET.NE.JP): K-OPTICOM CORPORATION, TONDABAYASHI, OSAKA, JP. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 12 lines |
Yeah : 0.8 profile |
none | summary tarball |
31 of 32 | 741e3b03b3 [Firefox:354 hits: 01-05 to 09-14] |
e0197e8a64 [0] | ASM:Graph |
none|none | lines=62 | trace | |
| 07:20:00 | Win2K-f | 211.44.195.77 (KRLINE.NET): KRNIC, KR. |
n/a | HK:proxima.ircgalaxy.pl US:microsoft.com US:download.microsoft.com US:208.111.148.15:80 US:208.111.148.23:80 HK:210.245.211.11:65520 |
135 | pcap | raw alerts ruleset |
other 97 lines |
Yeah : 1.3 profile |
none | summary tarball |
30 of 32 30 of 32 |
475d9a7753 [Firefox: 2 hits: 06-22 to 07-26] e9a7fa27d5 [Firefox: 2 hits: 06-22 to 07-26] |
none[4] e9a7fa27d5[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=82 |
trace trace |
| 07:23:00 | WinXP | 85.84.126.169 (CLIENTES.EUSKALTEL.ES): GLOBAL TELECOMMUNICATION SERVICE PROVIDER, BILBAO, PAIS VASCO, ES. |
n/a | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 07:23:00 | WinXP | 68.147.151.75 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, CALGARY, ALBERTA, CA. (DSL) |
n/a | HK:proxim.ircgalaxy.pl RU:moscow-advokat.ru RU:194.6.222.11:6667 HK:210.245.211.11:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | ba6f48b79a NEW |
none[none] | none:none |
none|none | none | none |
| T:07:23:00 | WinXP | 68.147.151.75 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, CALGARY, ALBERTA, CA. (DSL) |
n/a | HK:proxim.ircgalaxy.pl RU:moscow-advokat.ru RU:194.6.222.11:6667 HK:210.245.211.11:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | ba6f48b79a NEW |
none[none] | none:none |
none|none | none | none |
| T:07:26:00 | WinXP | 208.127.157.191 (DSLEXTREME.COM): DSL EXTREME, WINNETKA, CALIFORNIA, US. |
n/a | 135 | pcap | raw alerts ruleset |
other 263 lines |
Yeah : 1.3 profile |
none | summary tarball |
24 of 36 | e9ee0d4d34 NEW |
none[none] | none:none |
none|none | none | none | |
| 07:43:00 | WinXP | 219.71.235.221 (NVWTV.COM.TW): HOSHIN GIGAMEDIA CENTER INC, TW. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 189 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 35 30 of 35 0 of 33 |
017226a316 [Firefox: 7 hits: 07-27 to 09-12] 9b03689ec5 [Firefox: 7 hits: 07-27 to 09-12] e07c29c4ae [Firefox:434 hits: 06-19 to 09-14] |
none[none] none [none] e07c29c4ae[1] |
none:none none:none ASM:Graph |
none|none none|none FSG| |
none none lines=92 |
none none trace |
| 07:43:00 | Win2K-f | 124.241.141.81 (STARCAT.NE.JP): KMN CORPORATION, NAGOYA, AICHI, JP. |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] a08f3b74a4 [Firefox:712 hits: 06-18 to 09-14] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:07:51:00 | WinXP | 70.183.164.230 (COX.NET): COX COMMUNICATIONS, WARWICK, RHODE ISLAND, US. |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 0 of 33 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 73f1082158 [Firefox:1045 hits: 06-18 to 09-14] e07c29c4ae [Firefox:434 hits: 06-19 to 09-14] |
none[4] 73f1082158[1] e07c29c4ae[1] |
none:none ASM:Graph ASM:Graph |
tElock| Armadillo| FSG| |
none lines=81 lines=92 |
trace trace trace |
| T:07:57:00 | WinXP | 118.236.190.233 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 13 lines |
Yeah : 1.3 profile |
none | summary tarball |
32 of 32 | 93385541f3 [Firefox:24 hits: 06-22 to 09-13] |
none[4] | none:none |
none|none | none | trace | |
| T:07:58:00 | Win2K-f | 124.62.41.35 (-): POWERCOM, KR. |
n/a | HK:proxim.ircgalaxy.pl HK:210.245.211.11:65520 |
139 | pcap | raw alerts ruleset |
shell http ftp 8 lines |
Yeah : 1.3 profile |
none | summary tarball |
34 of 36 | 90b5d8e9aa NEW |
none[none] | none:none |
none|none | none | none |
| T:08:18:00 | Win2K-f | 81.9.197.18 (CM-81-9-197-10.TELECABLE.ES): TELECABLE, OVIEDO, ASTURIAS, ES. (DSL) |
69.64.51.132:6789 | HK:proxim.ircgalaxy.pl US:ice.novi-pazar.biz HK:210.245.211.11:65520 |
445 | pcap | raw alerts ruleset |
irc 22 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 08:28:00 | Win2K-f | 4.155.194.74 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, PITTSBURGH, PENNSYLVANIA, US. (DIAL) |
n/a | US:microsoft.com US:download.microsoft.com US:198.78.201.126:80 US:207.123.37.123:80 US:8.12.202.125:80 |
135 | pcap | raw alerts ruleset |
other 88 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 73f1082158 [Firefox:1045 hits: 06-18 to 09-14] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 08:29:00 | WinXP | 116.126.26.99 (-): HANARO TELECOM, SEOUL, KYONGGI-DO, KR. |
n/a | HK:proxim.ircgalaxy.pl US:microsoft.com US:download.microsoft.com HK:210.245.211.11:65520 |
135 | pcap | raw alerts ruleset |
http 95 lines |
Yeah : 1.3 profile |
none | summary tarball |
30 of 33 2 of 35 0 of 33 |
6ec2a8994b [Firefox:20 hits: 06-18 to 08-30] bcf66a38c8 [Firefox: 7 hits: 07-30 to 08-30] e07c29c4ae [Firefox:434 hits: 06-19 to 09-14] |
none[4] none [none] e07c29c4ae[1] |
none:none none:none ASM:Graph |
tElock| none|none FSG| |
none none lines=92 |
trace none trace |
| T:08:33:00 | WinXP | 61.34.136.38 (BORA.NET): DACOM CORP, SEOUL, KYONGGI-DO, KR. |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.108.126:80 US:204.160.126.124:80 |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 0 of 33 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 73f1082158 [Firefox:1045 hits: 06-18 to 09-14] e07c29c4ae [Firefox:434 hits: 06-19 to 09-14] |
none[4] 73f1082158[1] e07c29c4ae[1] |
none:none ASM:Graph ASM:Graph |
tElock| Armadillo| FSG| |
none lines=81 lines=92 |
trace trace trace |
| T:08:47:00 | WinXP | 89.214.144.158 (-): GPRS COSTUMERS, PT. |
194.54.90.246:80 | HK:proxim.ircgalaxy.pl UA:citi-bank.ru HK:210.245.211.11:65520 |
445 | pcap | raw alerts ruleset |
http irc 4 lines |
Yeah : 1.3 profile |
none | summary tarball |
36 of 36 | 6cf11d6364 [Firefox: 2 hits: 09-12 to 09-14] |
none[none] | none:none |
none|none | none | none |
| 08:48:00 | WinXP | 80.199.42.24 (ADSL-FIXED.TELE.DK): TDC-INTERNET-STATIC-ASSIGNED-IP, COPENHAGEN, COPENHAGEN, DK. (DSL) |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | c05385e600 [Firefox:12 hits: 01-20 to 08-15] |
6a383b021d [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 09:00:00 | WinXP | 63.28.61.167 (UU.NET): UUNET TECHNOLOGIES INC, CHICAGO, ILLINOIS, US. |
n/a | US:microsoft.com US:download.microsoft.com US:207.123.37.126:80 US:207.123.42.126:80 US:8.12.222.126:80 |
135 | pcap | raw alerts ruleset |
other 79 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 73f1082158 [Firefox:1045 hits: 06-18 to 09-14] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:09:18:00 | WinXP | 89.184.22.95 (-): MELT LIMITED LIABILITY COMPANY, RU. |
n/a | EU:siliconfireware.ru US:searchportal.information.com DE:ebookfinaltrash.ru :wpad US:208.73.210.32:80 DE:212.227.111.29:80 DE:217.11.54.126:80 |
445 | pcap | raw alerts ruleset |
http http http 3 lines |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | a12cab51ef [Firefox:516 hits: 01-01 to 09-14] |
40f7f463c4 [0] | ASM:Graph |
ASPack| | lines=281 embedded dns |
trace |
| 09:22:00 | WinXP | 71.68.82.99 (RR.COM): ROAD RUNNER HOLDCO LLC, MONROE, NORTH CAROLINA, US. |
n/a | DE:siliconfireware.ru US:searchportal.information.com GB:new.egg.com :wpad GB:welcome3.smile.co.uk US:208.73.210.32:80 DE:212.227.111.29:80 |
445 | pcap | raw alerts ruleset |
http http http http 31 lines |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | a12cab51ef [Firefox:516 hits: 01-01 to 09-14] |
40f7f463c4 [0] | ASM:Graph |
ASPack| | lines=281 embedded dns |
trace |
| T:09:23:00 | Win2K-f | 208.71.28.214 (FREEWIREBROADBAND.COM): FREEWIRE BROADBAND LLC, US. (100Mbps) |
n/a | 135 | pcap | raw alerts ruleset |
other 18 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 09:25:00 | WinXP | 4.255.205.236 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, YUKON, OKLAHOMA, US. (DIAL) |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.108.126:80 US:192.221.110.126:80 US:192.221.99.124:80 |
135 | pcap | raw alerts ruleset |
other 91 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 73f1082158 [Firefox:1045 hits: 06-18 to 09-14] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 09:26:00 | WinXP | 82.246.67.2 (PROXAD.NET): PROXAD / FREE SAS, FOURMIES, NORD-PAS-DE-CALAIS, FR. |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
35 of 36 | 75cf39cba2 [Firefox: 4 hits: 09-12 to 09-14] |
none[none] | none:none |
none|none | none | none |
| T:09:29:00 | Win2K-f | 4.255.205.236 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, YUKON, OKLAHOMA, US. (DIAL) |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.110.126:80 |
135 | pcap | raw alerts ruleset |
other 82 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 73f1082158 [Firefox:1045 hits: 06-18 to 09-14] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:09:29:00 | Win2K-f | 216.79.244.14 (BELLSOUTH.NET): BELLSOUTH.NET INC, NEW ORLEANS, LOUISIANA, US. |
n/a | US:microsoft.com US:download.microsoft.com US:204.160.126.126:80 US:205.128.73.126:80 US:8.12.222.126:80 |
135 | pcap | raw alerts ruleset |
other 151 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 73f1082158 [Firefox:1045 hits: 06-18 to 09-14] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 09:33:00 | Win2K-f | 68.184.103.247 (CHARTER.COM): CHARTER COMMUNICATIONS, DOUGLAS, GEORGIA, US. |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 0 of 32 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] a08f3b74a4 [Firefox:712 hits: 06-18 to 09-14] b5919931fe [Firefox:563 hits: 06-20 to 09-14] |
none[4] a08f3b74a4[1] b5919931fe[1] |
none:none ASM:Graph ASM:Graph |
tElock| Armadillo| ASProtect| |
none lines=81 lines=90 |
trace trace trace |
| T:09:45:00 | WinXP | 222.233.182.243 (HANANET.NET): HANARO TELECOM INC, SEOUL, KYONGGI-DO, KR. |
210.245.211.11:65520 | HK:proxima.ircgalaxy.pl US:microsoft.com DE:dl2.teenpassage.com US:download.microsoft.com DE:85.114.141.207:80 |
135 | pcap | raw alerts ruleset |
irc http 127 lines |
Yeah : 1.8 profile |
none | summary tarball |
31 of 33 30 of 32 |
1509c8d024 [Firefox:22 hits: 06-17 to 09-13] f23b040440 [Firefox:13 hits: 06-22 to 09-13] |
none[4] f23b040440[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=82 |
trace trace |
| 09:45:00 | WinXP | 79.132.193.76 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | US:www.yahoo.com :jbeegvia.ru SE:www.kavkazcenter.com US:www.worldbank.org :yoiayoi.ru :wcqahzhzn.ru :iirpryry.ru :rihafvu.ru :ryryodokm.ru :wpad :uvjiis.ru :gwvwka.ru :jqsbnyzkp.ru :pvygdo.ru :fxkyagpnw.ru :knclvdz.ru :trsqeigw.ru :odokeqy.ru :kelmpsjp.ru :edjiesp.ru :vllcdvv.ru :nuksdln.ru :tmmeno.ru :zoxdgqx.ru :pwvbfz.ru NL:www.viruslist.com :nuzbcp.ru :bqpuqt.ru :okskyyn.ru :pnlkria.ru RU:alfabank.ru :kargai.ru :kfwfceki.ru :nhuwxyuw.ru :udluzuq.ru US:crime-research.ru GB:www.candidateverifier.com :fiazpvnne.ru :ppxuub.ru :lvwgdhwlj.ru |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
31 of 32 | 17028f1eda [Firefox:29 hits: 04-18 to 08-27] |
none[3] | none:none |
tElock| | none | trace |
| 09:46:00 | WinXP | 91.126.54.252 (RP80.SE): WEBTECH NORD HELSINGBORG, HELSINGBORG, SKANE, SE. |
n/a | RU:moscow-advokat.ru SE:vancouver.dal.net SE:viking.dal.net SE:ozbytes.dal.net SE:broadway.ny.us.dal.net :los-angeles.ca.us.undernet.org :caen.fr.eu.undernet.org :washington.dc.us.undernet.org SE:coins.dal.net SE:qis.md.us.dal.net :lulea.se.eu.undernet.org :brussels.be.eu.undernet.org AT:graz.at.eu.undernet.org SE:ced.dal.net :gaspode.zanet.org.za RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
36 of 36 | a9cfbd1b0c [Firefox: 2 hits: 09-12 to 09-13] |
none[none] | none:none |
none|none | none | none |
| 09:50:00 | WinXP | 92.115.6.4 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | HK:proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 HK:210.245.211.11:65520 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
36 of 36 | 1bb75fcc4b NEW |
none[none] | none:none |
none|none | none | none |
| T:09:58:00 | WinXP | 61.205.93.3 (EONET.NE.JP): K-OPTICOM CORPORATION, JP. |
n/a | RU:moscow-advokat.ru SE:broadway.ny.us.dal.net :los-angeles.ca.us.undernet.org SE:qis.md.us.dal.net SE:viking.dal.net AT:graz.at.eu.undernet.org RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
28 of 29 | 3a813df3ed [Firefox: 6 hits: 02-04 to 08-24] |
7759abbf55 [0] | ASM:Graph |
PolyEnE| | lines=93 embedded dns |
trace |
| T:10:02:00 | WinXP | 71.116.192.54 (VERIZON.NET): VERIZON INTERNET SERVICES INC, YUCAIPA, CALIFORNIA, US. (DSL) |
n/a | RU:moscow-advokat.ru SE:viking.dal.net AT:graz.at.eu.undernet.org :lulea.se.eu.undernet.org US:lia.zanet.net SE:vancouver.dal.net :los-angeles.ca.us.undernet.org NL:london.uk.eu.undernet.org :flanders.be.eu.undernet.org SE:broadway.ny.us.dal.net RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
25 of 25 | 7f60162c2c [Firefox:537 hits: 12-31 to 09-14] |
1aad8e4632 [0] | ASM:Graph |
PolyEnE| | lines=93 embedded dns |
trace |
| T:10:22:00 | WinXP | 65.183.137.81 (BURLINGTONTELECOM.NET): BURLINGTON TELECOM, CLOQUET, MINNESOTA, US. |
n/a | US:microsoft.com US:download.microsoft.com US:199.93.41.126:80 |
135 | pcap | raw alerts ruleset |
http 86 lines |
Yeah : 1.3 profile |
none | summary tarball |
3 of 33 33 of 33 0 of 33 |
3ed16ae12d [Firefox:18 hits: 06-19 to 09-14] 79c01ec060 [Firefox:31 hits: 06-18 to 09-14] e07c29c4ae [Firefox:434 hits: 06-19 to 09-14] |
3ed16ae12d [1] none [4] e07c29c4ae[1] |
ASM:Graph none:none ASM:Graph |
Armadillo| tElock| FSG| |
lines=81 none lines=92 |
trace trace trace |
| T:10:37:00 | WinXP | 98.134.132.74 (-): . |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1068 hits: 12-31 to 09-14] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 10:37:00 | WinXP | 76.178.247.214 (RR.COM): ROAD RUNNER HOLDCO LLC, HERNDON, VIRGINIA, US. |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1068 hits: 12-31 to 09-14] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 10:39:00 | Win2K-f | 68.149.158.35 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, EDMONTON, ALBERTA, CA. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.108.126:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 73f1082158 [Firefox:1045 hits: 06-18 to 09-14] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:10:41:00 | WinXP | 189.51.133.164 (BRASILTELECOM.NET.BR): COMITE GESTOR DA INTERNET NO BRASIL, BR. |
n/a | RU:moscow-advokat.ru RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
25 of 25 | 7f60162c2c [Firefox:537 hits: 12-31 to 09-14] |
1aad8e4632 [0] | ASM:Graph |
PolyEnE| | lines=93 embedded dns |
trace |
| T:10:49:00 | WinXP | 79.132.193.49 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | :www.google.com.au :jbeegvia.ru NL:www.viruslist.com |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
31 of 32 | 17028f1eda [Firefox:29 hits: 04-18 to 08-27] |
none[3] | none:none |
tElock| | none | trace |
| 10:52:00 | WinXP | 79.132.193.137 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | US:www.altavista.com :jbeegvia.ru |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
31 of 32 | 17028f1eda [Firefox:29 hits: 04-18 to 08-27] |
none[3] | none:none |
tElock| | none | trace |
| T:11:01:00 | Win2K-f | 208.94.178.163 (-): . |
n/a | HK:proxim.ircgalaxy.pl US:microsoft.com US:download.microsoft.com HK:210.245.211.11:65520 |
135 | pcap | raw alerts ruleset |
http 101 lines |
Yeah : 1.3 profile |
none | summary tarball |
34 of 35 32 of 35 0 of 32 |
2d76ff4e53 [Firefox: 8 hits: 07-23 to 08-24] 7df1377ee3 [Firefox: 8 hits: 07-23 to 08-24] b5919931fe [Firefox:563 hits: 06-20 to 09-14] |
none[none] none [none] b5919931fe[1] |
none:none none:none ASM:Graph |
none|none none|none ASProtect| |
none none lines=90 |
none none trace |
| T:11:08:00 | WinXP | 85.181.248.209 (ALICEDSL.DE): HANSENET-ADSL, DE. (DSL) |
n/a | HK:proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 HK:210.245.211.11:65520 |
445 | pcap | raw alerts ruleset |
http 3 lines |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | 00be9a9d63 NEW |
none[none] | none:none |
none|none | none | none |
| 11:22:00 | WinXP | 64.83.242.23 (CLEARWAVE.COM): CLEARWAVE COMMUNICATIONS, HARRISBURG, ILLINOIS, US. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.54:80 US:208.111.148.69:80 |
135 | pcap | raw alerts ruleset |
other 169 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 73f1082158 [Firefox:1045 hits: 06-18 to 09-14] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 11:40:00 | Win2K-f | 61.220.116.19 (HINET.NET): DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD, TAIPEI, T'AI-PEI, TW. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.15:80 US:69.28.178.10:80 |
135 | pcap | raw alerts ruleset |
other 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 57ce4acac2 [Firefox:177 hits: 06-17 to 09-14] |
none[4] 57ce4acac2[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 11:46:00 | WinXP | 92.40.34.6 (IKBCC.COM): EU-ZZ, UK. |
n/a | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:11:53:00 | WinXP | 75.60.205.90 (SBCGLOBAL.NET): PPPOX POOL - SE1.WOTNOH, COLUMBUS, OHIO, US. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.54:80 US:208.111.148.69:80 |
135 | pcap | raw alerts ruleset |
other 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] a08f3b74a4 [Firefox:712 hits: 06-18 to 09-14] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:12:10:00 | WinXP | 24.80.113.212 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, BURNABY, BRITISH COLUMBIA, CA. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:199.93.53.125:80 US:207.123.47.126:80 US:8.12.202.125:80 |
135 | pcap | raw alerts ruleset |
other 124 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 36 31 of 36 |
0115338c8b NEW 321f4fc27d NEW |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| T:12:30:00 | WinXP | 83.132.173.135 (CPE.NETCABO.PT): TVCABO-PORTUGAL CABLE MODEM NETWORK, PT. |
194.54.90.246:80 | HK:proxim.ircgalaxy.pl UA:citi-bank.ru HK:210.245.211.11:80 |
445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
34 of 36 | 920a658efb NEW |
none[none] | none:none |
none|none | none | none |
| 12:32:00 | WinXP | 190.191.144.102 (-): . |
194.54.90.246:80 | HK:proxim.ircgalaxy.pl UA:citi-bank.ru HK:210.245.211.11:65520 |
445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
34 of 36 | c4dd51ff9c NEW |
none[none] | none:none |
none|none | none | none |
| T:12:36:00 | Win2K-f | 71.136.17.66 (-): MILANO DESIGN, PLANO, TEXAS, US. (100Mbps) |
n/a | US:microsoft.com US:download.microsoft.com US:204.160.104.126:80 US:207.123.37.125:80 US:4.23.60.125:80 |
135 | pcap | raw alerts ruleset |
other 85 lines |
Yeah : 1.3 profile |
none | summary tarball |
3 of 33 33 of 33 |
73ce2b74da [Firefox:10 hits: 06-18 to 09-14] 79c01ec060 [Firefox:31 hits: 06-18 to 09-14] |
73ce2b74da [1] none [4] |
ASM:Graph none:none |
Armadillo| tElock| |
lines=81 none |
trace trace |
| 12:42:00 | Win2K-f | 63.246.120.141 (SPEAKEASY.NET): US. |
n/a | 135 | pcap | raw alerts ruleset |
other 18 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 12:47:00 | WinXP | 212.124.164.41 (YUBC.NET): YUBC SYSTEM, CS. (DSL) |
n/a | HK:proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 HK:210.245.211.11:65520 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
30 of 32 | 74c52ba45e NEW |
none[none] | none:none |
none|none | none | none |
| T:12:48:00 | WinXP | 92.250.106.198 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
194.54.90.246:80 | HK:proxim.ircgalaxy.pl UA:citi-bank.ru HK:210.245.211.11:65520 |
445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
36 of 36 | 6cf11d6364 [Firefox: 2 hits: 09-12 to 09-14] |
none[none] | none:none |
none|none | none | none |
| 12:53:00 | Win2K-f | 63.17.173.149 (UU.NET): UUNET TECHNOLOGIES INC, US. |
n/a | US:microsoft.com US:download.microsoft.com US:198.78.220.124:80 |
135 | pcap | raw alerts ruleset |
http 77 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 0 of 32 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 73f1082158 [Firefox:1045 hits: 06-18 to 09-14] b5919931fe [Firefox:563 hits: 06-20 to 09-14] |
none[4] 73f1082158[1] b5919931fe[1] |
none:none ASM:Graph ASM:Graph |
tElock| Armadillo| ASProtect| |
none lines=81 lines=90 |
trace trace trace |
| T:13:03:00 | WinXP | 78.55.178.159 (ALICEDSL.DE): HANSENET TELEKOMMUNIKATION GMBH, HAMBURG, HAMBURG, DE. (DSL) |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
32 of 32 | 03f912899b [Firefox:119 hits: 01-08 to 09-14] |
83893bd25d [0] | ASM:Graph |
none|none | lines=65 | trace | |
| T:13:22:00 | WinXP | 172.130.94.219 (AOL.COM): AMERICA ONLINE, RESTON, VIRGINIA, US. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:204.160.126.124:80 US:207.123.37.124:80 US:207.123.47.126:80 |
135 | pcap | raw alerts ruleset |
other 77 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 73f1082158 [Firefox:1045 hits: 06-18 to 09-14] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 13:33:00 | Win2K-f | 124.61.39.56 (-): POWERCOM, KR. |
n/a | HK:proxima.ircgalaxy.pl US:microsoft.com US:download.microsoft.com HK:210.245.211.11:65520 |
135 | pcap | raw alerts ruleset |
http 87 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 33 32 of 33 |
4c3df24b32 [Firefox:181 hits: 06-17 to 09-14] 58408136a4 [Firefox:17 hits: 06-28 to 08-24] |
4c3df24b32 [1] none [none] |
ASM:Graph none:none |
Armadillo| none|none |
lines=81 none |
trace none |
| 13:34:00 | WinXP | 114.120.27.195 (-): . |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 0.8 profile |
none | summary tarball |
36 of 36 | eca9a5fa95 [Firefox: 7 hits: 08-09 to 09-13] |
none[none] | none:none |
none|none | none | none |
| 13:37:00 | WinXP | 89.204.206.134 (O2.IE): O2 IRELAND MOBILE PHONE OPERATOR, IE. |
194.54.90.246:80 | HK:proxim.ircgalaxy.pl UA:citi-bank.ru HK:210.245.211.11:65520 |
445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
35 of 36 | 561664c30b NEW |
none[none] | none:none |
none|none | none | none |
| T:13:45:00 | WinXP | 159.134.156.201 (EIRCOM.NET): EIRCOM GROUP PLC, TRALEE, KERRY, IE. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 13:50:00 | WinXP | 159.134.156.201 (EIRCOM.NET): EIRCOM GROUP PLC, TRALEE, KERRY, IE. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 13 lines |
Yeah : 0.8 profile |
none | summary tarball |
31 of 32 | 741e3b03b3 [Firefox:354 hits: 01-05 to 09-14] |
e0197e8a64 [0] | ASM:Graph |
none|none | lines=62 | trace | |
| T:13:52:00 | WinXP | 70.70.51.27 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, CHILLIWACK, BRITISH COLUMBIA, CA. (DSL) |
n/a | HK:proxim.ircgalaxy.pl RU:moscow-advokat.ru RU:194.6.222.11:6667 HK:210.245.211.11:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | 13003605cc NEW |
none[none] | none:none |
none|none | none | none |
| T:13:57:00 | WinXP | 118.231.99.131 (-): . |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 4 lines |
Yeah : 1.3 profile |
none | summary tarball |
36 of 36 | eca9a5fa95 [Firefox: 7 hits: 08-09 to 09-13] |
none[none] | none:none |
none|none | none | none |
| 14:01:00 | WinXP | 85.220.110.209 (SIMNET.IS): ICENET, REYKJAVíK, REYKJAVIK, IS. (DSL) |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 15 lines |
Yeah : 1.3 profile |
none | summary tarball |
31 of 32 | 741e3b03b3 [Firefox:354 hits: 01-05 to 09-14] |
e0197e8a64 [0] | ASM:Graph |
none|none | lines=62 | trace | |
| T:14:18:00 | Win2K-f | 68.146.26.57 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, CALGARY, ALBERTA, CA. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com HK:proxim.ircgalaxy.pl US:199.93.41.124:80 HK:210.245.211.11:65520 |
135 | pcap | raw alerts ruleset |
other 123 lines |
Yeah : 1.3 profile |
none | summary tarball |
35 of 36 32 of 36 |
2204fd4d17 NEW eb0857e1b1 NEW |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| 14:22:00 | Win2K-f | 60.249.198.98 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 57ce4acac2 [Firefox:177 hits: 06-17 to 09-14] |
none[4] 57ce4acac2[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 14:31:00 | WinXP | 80.2.13.178 (NTL.COM): NTLI, PORTSMOUTH, ENGLAND, UK. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:209.84.20.126:80 |
135 | pcap | raw alerts ruleset |
http 61 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 8 of 33 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] b7082104e4 [Firefox:128 hits: 06-18 to 09-14] |
none[4] none [4] |
none:none none:none |
tElock| tElock| |
none none |
trace trace |
| T:14:46:00 | WinXP | 190.188.155.68 (NET.AR): PRIMA S.A, AR. |
n/a | HK:proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 HK:210.245.211.11:65520 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 75b1decfa8 NEW |
none[none] | none:none |
none|none | none | none |
| 15:28:00 | Win2K-f | 70.70.209.155 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, WHITE ROCK SURREY, BRITISH COLUMBIA, CA. |
n/a | 135 | pcap | raw alerts ruleset |
other 18 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 15:35:00 | WinXP | 4.230.228.55 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, NEW ORLEANS, LOUISIANA, US. (DIAL) |
n/a | DE:siliconfireware.ru GB:welcome3.smile.co.uk :wpad US:searchportal.information.com RU:www.bbin.ru RU:195.200.213.52:80 GB:195.92.84.198:80 US:208.73.210.32:80 DE:212.227.111.29:80 DE:217.11.54.126:80 EU:78.47.200.154:80 |
445 | pcap | raw alerts ruleset |
http http http 3 lines |
Yeah : 0.8 profile |
none | summary tarball |
22 of 32 | 68cd473638 [Firefox: 2 hits: 08-22 to 09-12] |
none[none] | none:none |
none|none | none | none |
| T:15:46:00 | WinXP | 78.34.15.159 (NETCOLOGNE.DE): NETCOLOGNE GMBH, KOELN, NORDRHEIN-WESTFALEN, DE. |
n/a | HK:proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 HK:210.245.211.11:65520 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | cdf8cd94a9 NEW |
none[none] | none:none |
none|none | none | none |
| 15:58:00 | WinXP | 200.112.243.211 (CMET.NET): CMET SACI, SANTIAGO, REGION METROPOLITANA, CL. |
n/a | RU:moscow-advokat.ru RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
25 of 25 | 7f60162c2c [Firefox:537 hits: 12-31 to 09-14] |
1aad8e4632 [0] | ASM:Graph |
PolyEnE| | lines=93 embedded dns |
trace |
| T:16:02:00 | WinXP | 210.79.185.53 (MEDIATTI.NET): MEDIATTI COMMUNICATIONS INC, OKINAWA, OKINAWA, JP. |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 86 lines |
Yeah : 1.3 profile |
none | summary tarball |
3 of 33 33 of 33 0 of 33 |
3ed16ae12d [Firefox:18 hits: 06-19 to 09-14] 79c01ec060 [Firefox:31 hits: 06-18 to 09-14] e07c29c4ae [Firefox:434 hits: 06-19 to 09-14] |
3ed16ae12d [1] none [4] e07c29c4ae[1] |
ASM:Graph none:none ASM:Graph |
Armadillo| tElock| FSG| |
lines=81 none lines=92 |
trace trace trace |
| 16:07:00 | WinXP | 119.77.174.119 (-): . |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 0.8 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1068 hits: 12-31 to 09-14] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 16:36:00 | Win2K-f | 196.208.95.105 (TELKOM-IPNET.CO.ZA): AFRINIC, CAPE TOWN, WESTERN CAPE, ZA. |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.99.124:80 US:204.160.126.126:80 |
135 | pcap | raw alerts ruleset |
http 94 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 57ce4acac2 [Firefox:177 hits: 06-17 to 09-14] |
none[4] 57ce4acac2[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 16:44:00 | WinXP | 75.137.184.218 (CHARTER.COM): CHARTER COMMUNICATIONS, ATHENS, GEORGIA, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | 18c7040ea0 NEW |
none[none] | none:none |
none|none | none | none |
| T:16:46:00 | WinXP | 117.97.132.109 (XLRI.AC.IN): BHARTI AIRTEL LTD, DELHI, DELHI, IN. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1068 hits: 12-31 to 09-14] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:16:52:00 | WinXP | 74.75.234.215 (RR.COM): ROAD RUNNER HOLDCO LLC, HERNDON, VIRGINIA, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1068 hits: 12-31 to 09-14] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 16:53:00 | WinXP | 217.201.66.194 (-): TELECOM ITALIA MOBILE, IT. |
n/a | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1068 hits: 12-31 to 09-14] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace | |
| 17:04:00 | WinXP | 209.214.142.158 (BELLSOUTH.NET): BELLSOUTH.NET INC, LAKE CITY, FLORIDA, US. |
n/a | RU:moscow-advokat.ru RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
25 of 25 | 7f60162c2c [Firefox:537 hits: 12-31 to 09-14] |
1aad8e4632 [0] | ASM:Graph |
PolyEnE| | lines=93 embedded dns |
trace |
| 17:19:00 | WinXP | 211.239.4.83 (EPNETWORKS.CO.KR): ENTERPRISENET-INFRA, SEOUL, KYONGGI-DO, KR. |
n/a | HK:proxim.ircgalaxy.pl US:microsoft.com US:download.microsoft.com HK:210.245.211.11:65520 |
135 | pcap | raw alerts ruleset |
http 114 lines |
Yeah : 1.3 profile |
none | summary tarball |
32 of 33 29 of 33 |
686d4ca67b [Firefox: 5 hits: 07-08 to 08-26] b7e379b157 [Firefox: 5 hits: 07-08 to 08-26] |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| T:17:22:00 | WinXP | 76.167.67.71 (RR.COM): ROAD RUNNER HOLDCO LLC, HERNDON, VIRGINIA, US. |
n/a | RU:moscow-advokat.ru RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
25 of 25 | 7f60162c2c [Firefox:537 hits: 12-31 to 09-14] |
1aad8e4632 [0] | ASM:Graph |
PolyEnE| | lines=93 embedded dns |
trace |
| T:17:23:00 | WinXP | 64.108.158.48 (-): DIAL POOL TNT1.LGTPMI, LANSING, MICHIGAN, US. |
n/a | EU:siliconfireware.ru US:searchportal.information.com GB:new.egg.com :wpad GB:welcome3.smile.co.uk RU:www.bbin.ru RU:195.200.213.52:80 GB:195.92.84.198:80 US:208.73.210.32:80 DE:212.227.111.29:80 DE:217.11.54.126:80 GB:217.145.225.22:80 |
445 | pcap | raw alerts ruleset |
http http http 3 lines |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | a12cab51ef [Firefox:516 hits: 01-01 to 09-14] |
40f7f463c4 [0] | ASM:Graph |
ASPack| | lines=281 embedded dns |
trace |
| T:17:26:00 | WinXP | 211.239.4.83 (EPNETWORKS.CO.KR): ENTERPRISENET-INFRA, SEOUL, KYONGGI-DO, KR. |
n/a | HK:proxim.ircgalaxy.pl US:microsoft.com US:download.microsoft.com US:208.111.173.42:80 US:208.111.173.46:80 HK:210.245.211.11:65520 |
135 | pcap | raw alerts ruleset |
other 113 lines |
Yeah : 1.3 profile |
none | summary tarball |
32 of 33 29 of 33 |
686d4ca67b [Firefox: 5 hits: 07-08 to 08-26] b7e379b157 [Firefox: 5 hits: 07-08 to 08-26] |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| T:17:33:00 | WinXP | 24.109.64.140 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, CALGARY, ALBERTA, CA. (DSL) |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
36 of 36 | b872c76081 NEW |
none[none] | none:none |
none|none | none | none |
| 17:37:00 | Win2K-f | 4.162.78.83 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, DALLAS, TEXAS, US. (DIAL) |
n/a | 135 | pcap | raw alerts ruleset |
other 160 lines |
Yeah : 1.3 profile |
none | summary tarball |
32 of 36 | 5dd1895896 NEW |
none[none] | none:none |
none|none | none | none | |
| 17:55:00 | WinXP | 24.82.177.224 (SHELLCOMPUTERS.COM): SHAW COMMUNICATIONS INC, COQUITLAM, BRITISH COLUMBIA, CA. (DSL) |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
34 of 36 | c380ec506e NEW |
none[none] | none:none |
none|none | none | none |
| T:17:55:00 | WinXP | 24.82.177.224 (SHELLCOMPUTERS.COM): SHAW COMMUNICATIONS INC, COQUITLAM, BRITISH COLUMBIA, CA. (DSL) |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | c380ec506e NEW |
none[none] | none:none |
none|none | none | none |
| 18:02:00 | WinXP | 99.250.219.20 (STERLINGSTUDENTS.NET): ROGERS CABLE COMMUNICATIONS INC, CA. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.152:80 US:208.111.148.174:80 |
135 | pcap | raw alerts ruleset |
other 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] a08f3b74a4 [Firefox:712 hits: 06-18 to 09-14] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:18:04:00 | WinXP | 99.180.48.162 (-): . |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.152:80 US:208.111.148.174:80 |
135 | pcap | raw alerts ruleset |
other 89 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 73f1082158 [Firefox:1045 hits: 06-18 to 09-14] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 18:08:00 | WinXP | 4.244.217.46 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, US. (DIAL) |
n/a | DE:siliconfireware.ru US:searchportal.information.com GB:new.egg.com :wpad US:208.73.210.32:80 |
445 | pcap | raw alerts ruleset |
http http http http 26 lines |
Yeah : 0.8 profile |
none | summary tarball |
27 of 36 | a23220b55e NEW |
none[none] | none:none |
none|none | none | none |
| T:18:10:00 | WinXP | 81.41.66.205 (RIMA-TDE.NET): TELEFONICA DE ESPANA SAU, ES. |
n/a | HK:proxim.ircgalaxy.pl RU:moscow-advokat.ru RU:194.6.222.11:6667 HK:210.245.211.11:65520 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 83959d63ea NEW |
none[none] | none:none |
none|none | none | none |
| T:18:34:00 | WinXP | 218.165.128.211 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TAINAN, KAO-HSIUNG, TW. |
n/a | HK:proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | d5447df949 NEW |
none[none] | none:none |
none|none | none | none |
| 18:47:00 | Win2K-f | 4.140.201.60 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, ROCHESTER, NEW YORK, US. (DIAL) |
n/a | 135 | pcap | raw alerts ruleset |
other 18 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 18:49:00 | Win2K-f | 218.237.187.246 (HANANET.NET): HANARO TELECOM INC, SEOUL, KYONGGI-DO, KR. |
n/a | HK:proxima.ircgalaxy.pl US:microsoft.com US:download.microsoft.com HK:210.245.211.11:65520 |
135 | pcap | raw alerts ruleset |
http 98 lines |
Yeah : 1.3 profile |
none | summary tarball |
31 of 33 31 of 33 0 of 32 |
776985f561 [Firefox:10 hits: 06-24 to 09-12] 8ec6129efe [Firefox:10 hits: 06-24 to 09-12] b5919931fe [Firefox:563 hits: 06-20 to 09-14] |
776985f561 [1] none [4] b5919931fe[1] |
ASM:Graph none:none ASM:Graph |
Armadillo| tElock| ASProtect| |
lines=82 none lines=90 |
trace trace trace |
| 18:51:00 | WinXP | 66.91.44.21 (RR.COM): ROAD RUNNER HOLDCO LLC, KAILUA, HAWAII, US. (DSL) |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | 1fcc146d70 [Firefox:35 hits: 01-02 to 08-29] |
258fafe892 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 18:57:00 | Win2K-f | 24.77.71.211 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, MAPLE RIDGE, BRITISH COLUMBIA, CA. (DSL) |
n/a | 135 | pcap | raw alerts ruleset |
other 146 lines |
Yeah : 1.3 profile |
none | summary tarball |
2 of 32 | e5c7bce70e [Firefox:31 hits: 06-20 to 09-14] |
e5c7bce70e [1] | ASM:Graph |
Armadillo| | lines=81 | trace | |
| 18:57:00 | WinXP | 200.165.195.144 (STERLINGSTUDENTS.NET): COMITE GESTOR DA INTERNET NO BRASIL, BR. (DSL) |
n/a | RU:moscow-advokat.ru SE:qis.md.us.dal.net AT:graz.at.eu.undernet.org HR:london.uk.eu.undernet.org :brussels.be.eu.undernet.org RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | d9c778eaa4 NEW |
none[none] | none:none |
none|none | none | none |
| T:19:10:00 | WinXP | 69.227.178.109 (PACBELL.NET): PPPOX POOL - RBACK8.IRVNCA 092004-0956, LOS ANGELES, CALIFORNIA, US. (DSL) |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | 3ae357d17b [Firefox:172 hits: 01-01 to 09-12] |
462a7be171 [0] | ASM:Graph |
PolyEnE| | lines=73 | trace |
| 19:32:00 | Win2K-f | 72.64.30.16 (VERIZON.NET): VERIZON INTERNET SERVICES INC, CHARLESTON, WEST VIRGINIA, US. |
n/a | US:microsoft.com US:download.microsoft.com US:8.12.202.125:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 73f1082158 [Firefox:1045 hits: 06-18 to 09-14] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 19:40:00 | WinXP | 140.239.41.134 (XO.NET): XO COMMUNICATIONS, CAMBRIDGE, MASSACHUSETTS, US. |
n/a | 135 | pcap | raw alerts ruleset |
other 18 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:19:44:00 | Win2K-f | 68.144.203.90 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, CALGARY, ALBERTA, CA. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com HK:proxim.ircgalaxy.pl US:198.78.201.126:80 US:207.123.42.126:80 US:209.84.20.126:80 HK:210.245.211.11:65520 |
135 | pcap | raw alerts ruleset |
other 123 lines |
Yeah : 1.3 profile |
none | summary tarball |
35 of 36 32 of 36 |
2204fd4d17 NEW eb0857e1b1 NEW |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| T:19:58:00 | WinXP | 190.174.65.32 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 15 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | 1a2c0e6130 [Firefox:387 hits: 12-31 to 09-14] |
048df78048 [0] | ASM:Graph |
none|none | lines=61 | trace | |
| T:20:01:00 | WinXP | 114.120.64.41 (-): . |
n/a | HK:proxim.ircgalaxy.pl RU:moscow-advokat.ru :washington.dc.us.undernet.org :caen.fr.eu.undernet.org :los-angeles.ca.us.undernet.org SE:ozbytes.dal.net :lulea.se.eu.undernet.org :flanders.be.eu.undernet.org NL:diemen.nl.eu.undernet.org RU:194.6.222.11:6667 HK:210.245.211.11:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | ba6f48b79a NEW |
none[none] | none:none |
none|none | none | none |
| T:20:18:00 | WinXP | 70.168.12.165 (COX.NET): COX COMMUNICATIONS, PAWTUCKET, RHODE ISLAND, US. |
n/a | HK:proxim.ircgalaxy.pl US:microsoft.com US:download.microsoft.com HK:210.245.211.11:65520 |
135 | pcap | raw alerts ruleset |
http 118 lines |
Yeah : 1.3 profile |
none | summary tarball |
34 of 36 0 of 33 28 of 33 |
da00a8e7a1 [Firefox:12 hits: 08-05 to 09-14] e07c29c4ae [Firefox:434 hits: 06-19 to 09-14] f685f8e027 [Firefox:16 hits: 06-18 to 09-14] |
none[none] e07c29c4ae[1] f685f8e027[1] |
none:none ASM:Graph ASM:Graph |
none|none FSG| Armadillo| |
none lines=92 lines=82 |
none trace trace |
| 20:28:00 | WinXP | 4.167.246.209 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, NEW YORK, NEW YORK, US. (DIAL) |
n/a | US:microsoft.com US:download.microsoft.com HK:proxim.ircgalaxy.pl US:192.221.110.125:80 US:192.221.99.126:80 US:205.128.73.126:80 HK:210.245.211.11:65520 |
135 | pcap | raw alerts ruleset |
other 141 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 33 32 of 33 |
62cfe21240 [Firefox: 2 hits: 07-07 to 09-14] b99badda6e [Firefox: 2 hits: 07-07 to 09-14] |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| 20:32:00 | WinXP | 71.98.248.129 (VERIZON.NET): VERIZON INTERNET SERVICES INC, SARASOTA, FLORIDA, US. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.110.125:80 US:192.221.99.126:80 US:205.128.73.126:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] a08f3b74a4 [Firefox:712 hits: 06-18 to 09-14] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 20:38:00 | WinXP | 118.236.44.100 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 15 lines |
Yeah : 1.3 profile |
none | summary tarball |
32 of 32 | 93385541f3 [Firefox:24 hits: 06-22 to 09-13] |
none[4] | none:none |
none|none | none | trace | |
| 20:41:00 | Win2K-f | 70.61.108.77 (RR.COM): ROAD RUNNER HOLDCO LLC, CHARLOTTE, NORTH CAROLINA, US. |
n/a | US:microsoft.com US:download.microsoft.com US:198.78.220.126:80 US:8.12.202.125:80 US:8.12.222.126:80 |
135 | pcap | raw alerts ruleset |
other 80 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 73f1082158 [Firefox:1045 hits: 06-18 to 09-14] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 20:46:00 | Win2K-f | 202.22.220.10 (KTV.NE.JP): GUNMA CABLE MEDIA CORP, TOKYO, TOKYO, JP. |
n/a | 135 | pcap | raw alerts ruleset |
other 11 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 21:09:00 | WinXP | 71.136.17.66 (-): MILANO DESIGN, PLANO, TEXAS, US. (100Mbps) |
n/a | US:microsoft.com US:download.microsoft.com US:205.128.73.126:80 |
135 | pcap | raw alerts ruleset |
http 86 lines |
Yeah : 1.3 profile |
none | summary tarball |
3 of 33 33 of 33 |
73ce2b74da [Firefox:10 hits: 06-18 to 09-14] 79c01ec060 [Firefox:31 hits: 06-18 to 09-14] |
73ce2b74da [1] none [4] |
ASM:Graph none:none |
Armadillo| tElock| |
lines=81 none |
trace trace |
| 21:11:00 | WinXP | 98.105.165.121 (-): . |
n/a | HK:proxim.ircgalaxy.pl US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
other 126 lines |
Yeah : 1.3 profile |
none | summary tarball |
31 of 32 29 of 33 |
5378ab9d2d [Firefox: 5 hits: 06-28 to 08-13] 60a6e7e23c [Firefox: 5 hits: 06-28 to 08-13] |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| 21:11:00 | WinXP | 24.210.238.24 (RR.COM): ROAD RUNNER HOLDCO LLC, NEVADA, OHIO, US. |
n/a | RU:moscow-advokat.ru RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
26 of 28 | ca47a36342 [Firefox: 5 hits: 02-16 to 08-30] |
c3a58f69c6 [0] | ASM:Graph |
PolyEnE| | lines=89 embedded dns |
trace |
| 21:20:00 | WinXP | 66.88.98.162 (XO.NET): XO COMMUNICATIONS, HOLLYWOOD, FLORIDA, US. |
n/a | US:microsoft.com US:download.microsoft.com US:207.123.42.126:80 US:209.84.20.126:80 |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 73f1082158 [Firefox:1045 hits: 06-18 to 09-14] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:21:37:00 | WinXP | 220.219.9.110 (INFOWEB.NE.JP): INFOWEB(FUJITSU LTD.), TOKYO, TOKYO, JP. (DIAL) |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
31 of 32 | 741e3b03b3 [Firefox:354 hits: 01-05 to 09-14] |
e0197e8a64 [0] | ASM:Graph |
none|none | lines=62 | trace | |
| T:21:44:00 | Win2K-f | 67.129.38.151 (QWEST.NET): WAYPORT - HOTEL NETWORK, BELLEVUE, WASHINGTON, US. |
n/a | US:microsoft.com US:download.microsoft.com US:204.160.104.126:80 US:205.128.73.126:80 US:207.123.42.126:80 |
135 | pcap | raw alerts ruleset |
other 79 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] a08f3b74a4 [Firefox:712 hits: 06-18 to 09-14] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 21:57:00 | Win2K-f | 24.84.180.234 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, VANCOUVER, BRITISH COLUMBIA, CA. |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.99.124:80 |
135 | pcap | raw alerts ruleset |
other 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 73f1082158 [Firefox:1045 hits: 06-18 to 09-14] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:22:12:00 | Win2K-f | 12.210.179.181 (MCHSI.COM): MEDIACOM COMMUNICATIONS CORP, SALT LAKE CITY, UTAH, US. |
n/a | US:microsoft.com US:download.microsoft.com US:4.23.60.125:80 |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 0 of 32 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] 73f1082158 [Firefox:1045 hits: 06-18 to 09-14] b5919931fe [Firefox:563 hits: 06-20 to 09-14] |
none[4] 73f1082158[1] b5919931fe[1] |
none:none ASM:Graph ASM:Graph |
tElock| Armadillo| ASProtect| |
none lines=81 lines=90 |
trace trace trace |
| 22:18:00 | WinXP | 190.19.61.226 (-): . |
n/a | HK:proxim.ircgalaxy.pl UA:citi-bank.ru |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 571e381ed4 NEW |
none[none] | none:none |
none|none | none | none |
| T:22:18:00 | WinXP | 190.19.61.226 (-): . |
n/a | HK:proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 HK:210.245.211.11:65520 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 571e381ed4 NEW |
none[none] | none:none |
none|none | none | none |
| 22:19:00 | Win2K-f | 67.117.131.185 (PACBELL.NET): PPPOX-POOL RBACK1.SNFC, SAN FRANCISCO, CALIFORNIA, US. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.108.126:80 US:204.160.104.126:80 US:207.123.46.126:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2095 hits: 06-17 to 09-14] a08f3b74a4 [Firefox:712 hits: 06-18 to 09-14] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 22:53:00 | WinXP | 24.84.116.36 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, LANGLEY, BRITISH COLUMBIA, CA. (DSL) |
n/a | HK:proxim.ircgalaxy.pl HK:210.245.211.11:65520 |
135 | pcap | raw alerts ruleset |
other 364 lines |
Yeah : 1.3 profile |
none | summary tarball |
32 of 36 | e13ea75c5a NEW |
none[none] | none:none |
none|none | none | none |
| 22:56:00 | Win2K-f | 96.33.82.215 (-): . |
n/a | US:microsoft.com US:download.microsoft.com HK:proxim.ircgalaxy.pl US:208.111.148.137:80 US:208.111.148.152:80 HK:210.245.211.11:65520 |
135 | pcap | raw alerts ruleset |
other 166 lines |
Yeah : 1.3 profile |
none | summary tarball |
30 of 33 29 of 33 |
65494b4a08 [Firefox: 5 hits: 06-29 to 09-12] eeb51a6e9e [Firefox: 5 hits: 06-29 to 09-12] |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| T:23:03:00 | WinXP | 79.163.207.208 (-): IDEA, PL. |
n/a | HK:proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 HK:210.245.211.11:65520 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 35 | dbbc586732 [Firefox:31 hits: 07-28 to 08-30] |
none[none] | none:none |
none|none | none | none |
| 23:42:00 | Win2K-f | 218.238.57.41 (HANANET.NET): HANARO TELECOM INC, SEOUL, KYONGGI-DO, KR. |
210.245.211.11:65520 | US:microsoft.com HK:proxima.ircgalaxy.pl US:download.microsoft.com DE:dl2.teenpassage.com US:208.111.153.236:80 DE:85.114.141.207:80 |
135 | pcap | raw alerts ruleset |
irc http 101 lines |
Yeah : 1.8 profile |
none | summary tarball |
31 of 33 33 of 35 |
168aab35a3 [Firefox:127 hits: 06-17 to 09-14] f7738e7352 [Firefox: 4 hits: 07-25 to 08-15] |
none[4] none [none] |
none:none none:none |
tElock| none|none |
none none |
trace none |
| T:23:58:00 | Win2K-f | 211.239.191.196 (KRLINE.NET): KRNIC, KR. |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 77 lines |
Yeah : 1.3 profile |
none | summary tarball |
1 of 33 35 of 36 |
7b2dec4d44 [Firefox: 2 hits: 06-21 to 08-24] f3d5574c1e NEW |
7b2dec4d44 [1] none [none] |
ASM:Graph none:none |
Armadillo| none|none |
lines=81 none |
trace none |