|
Time |
Victim OS |
Infection Source |
C&C Server |
DNS Lookups & Failed Connects |
Infection Port |
Packet Trace |
Detection Signatures |
Infection Chatter |
BotHunter Analysis |
Behavioral Cluster |
Forensic Logs |
Antivirus Labels |
Packed Malware_Binary |
Unpacked egg.exe |
Unpacked egg.asm |
Packer PEID |
Data Strings |
Syscall Trace |
| T:00:06:00 | WinXP | 117.99.10.214 (XLRI.AC.IN): BHARTI AIRTEL LTD, DELHI, DELHI, IN. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1270 hits: 12-31 to 10-07] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 00:11:00 | WinXP | 140.113.173.232 (NCTU.EDU.TW): TAIWAN ACADEMIC NETWORK, TAIPEI, T'AI-PEI, TW. |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | 96d089e522 NEW |
none[none] | none:none |
none|none | none | none |
| T:00:11:00 | WinXP | 200.65.102.66 (PRODIGY.NET.MX): UNINET S.A. DE C.V, MEXICO, DISTRITO FEDERAL, MX. |
n/a | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 7e8bfa9b49 [Firefox: 6 hits: 10-01 to 10-07] |
none[none] | none:none |
none|none | none | none | |
| 00:30:00 | WinXP | 92.41.224.83 (IKBCC.COM): EU-ZZ, UK. |
194.54.90.246:80 | :proxim.ircgalaxy.pl UA:citi-bank.ru |
445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
35 of 36 | 11a5f4653d NEW |
none[none] | none:none |
none|none | none | none |
| 00:30:00 | WinXP | 70.184.4.247 (COX.NET): COX COMMUNICATIONS, MACON, GEORGIA, US. |
n/a | 135 | pcap | raw alerts ruleset |
other 18 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:00:40:00 | WinXP | 24.83.91.191 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, SURREY, BRITISH COLUMBIA, CA. |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 00:42:00 | Win2K-f | 70.128.25.93 (PARAGOULD.NET): PARAGOULD CITY LIGHT & WATER, PARAGOULD, ARKANSAS, US. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.254:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] a08f3b74a4 [Firefox:1045 hits: 06-18 to 10-07] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 00:50:00 | WinXP | 115.130.25.28 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 14 lines |
Yeah : 1.3 profile |
none | summary tarball |
35 of 36 | 915419be49 NEW |
none[none] | none:none |
none|none | none | none | |
| T:01:16:00 | WinXP | 89.51.200.229 (PPPOOL.DE): FREENET CITYLINE GMBH, LUEDENSCHEID, NORDRHEIN-WESTFALEN, DE. |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
25 of 25 | 7f60162c2c [Firefox:694 hits: 12-31 to 10-07] |
1aad8e4632 [0] | ASM:Graph |
PolyEnE| | lines=93 embedded dns |
trace |
| T:01:29:00 | WinXP | 117.99.58.24 (XLRI.AC.IN): BHARTI AIRTEL LTD, DELHI, DELHI, IN. |
n/a | RU:moscow-advokat.ru RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 0.8 profile |
none | summary tarball |
25 of 25 | 7f60162c2c [Firefox:694 hits: 12-31 to 10-07] |
1aad8e4632 [0] | ASM:Graph |
PolyEnE| | lines=93 embedded dns |
trace |
| 01:42:00 | Win2K-f | 4.142.222.78 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, MINNEAPOLIS, MINNESOTA, US. |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 114 lines |
Yeah : 1.3 profile |
none | summary tarball |
35 of 36 30 of 36 |
2ce489b91a [Firefox: 2 hits: 10-06 to 10-07] 2f1ec86326 [Firefox: 2 hits: 10-06 to 10-07] |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| 01:43:00 | WinXP | 88.28.231.208 (RIMA-TDE.NET): TELEFONICA MOVILES ESPANA (NCC#2007041930), ES. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | 1a2c0e6130 [Firefox:455 hits: 12-31 to 10-07] |
048df78048 [0] | ASM:Graph |
none|none | lines=61 | trace | |
| T:01:47:00 | Win2K-f | 122.146.83.173 (SPARQNET.NET): NEW CENTURY INFOCOMM TECH. CO. LTD, TW. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.173.47:80 |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:01:55:00 | WinXP | 216.198.174.70 (INTELLEQCOM.NET): INTELLEQ COMMUNICATIONS CORPORATION, US. |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 112 lines |
Yeah : 1.3 profile |
none | summary tarball |
30 of 33 28 of 32 |
3cd7958258 [Firefox:30 hits: 06-17 to 10-05] 41efedf70f [Firefox:29 hits: 06-19 to 10-05] |
none[4] 41efedf70f[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=82 |
trace trace |
| 02:04:00 | WinXP | 12.169.3.17 (GCMUNI.NET): GRUNDY CENTER MUNICIPAL UTILITY, NEW HARTFORD, IOWA, US. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 12 lines |
Yeah : 0.8 profile |
none | summary tarball |
31 of 32 | 741e3b03b3 [Firefox:451 hits: 01-05 to 10-07] |
e0197e8a64 [0] | ASM:Graph |
none|none | lines=62 | trace | |
| 02:10:00 | WinXP | 118.236.100.26 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
ftp 13 lines |
Yeah : 0.8 profile |
none | summary tarball |
32 of 32 | 93385541f3 [Firefox:31 hits: 06-22 to 10-02] |
none[4] | none:none |
none|none | none | trace | |
| T:02:17:00 | WinXP | 58.157.86.73 (UCOM.NE.JP): USEN-CIDR-BLK, JP. (100Mbps) |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 14 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:02:17:00 | WinXP | 122.134.200.28 (MESH.AD.JP): NEC BIGLOBE LTD, TOKYO, TOKYO, JP. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 13 lines |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | 831f4ee0a7 [Firefox:592 hits: 01-01 to 10-07] |
eb7546c600 [0] | ASM:Graph |
none|none | lines=61 | trace | |
| 02:19:00 | Win2K-f | 98.149.190.201 (-): . |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.23:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 02:31:00 | Win2K-f | 24.92.189.231 (RR.COM): ROAD RUNNER HOLDCO LLC, TAMPA, FLORIDA, US. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.173.52:80 |
135 | pcap | raw alerts ruleset |
other 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] a08f3b74a4 [Firefox:1045 hits: 06-18 to 10-07] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 02:44:00 | Win2K-f | 64.138.243.170 (-): . |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.137:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 03:07:00 | WinXP | 4.87.94.89 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, PHILADELPHIA, PENNSYLVANIA, US. |
n/a | :proxim.ircgalaxy.pl US:microsoft.com US:download.microsoft.com US:204.160.104.126:80 US:205.128.73.126:80 |
135 | pcap | raw alerts ruleset |
http 119 lines |
Yeah : 1.3 profile |
none | summary tarball |
32 of 36 35 of 36 0 of 33 |
9335b705d0 NEW d43a1e42d2 NEW e07c29c4ae [Firefox:587 hits: 06-19 to 10-07] |
none[none] none [none] e07c29c4ae[1] |
none:none none:none ASM:Graph |
none|none none|none FSG| |
none none lines=92 |
none none trace |
| 03:39:00 | Win2K-f | 12.198.30.48 (-): JOYCE MEDIA INC, ACTON, CALIFORNIA, US. (100Mbps) |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 77 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 03:41:00 | WinXP | 4.191.72.239 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, US. (DIAL) |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.254:80 US:208.111.153.215:80 |
135 | pcap | raw alerts ruleset |
other 81 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:03:46:00 | WinXP | 61.20.139.6 (-): FAR EASTONE TELECOMMUNICATION CO. LTD, TW. |
n/a | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | a0139d7ad8 [Firefox:146 hits: 01-03 to 10-07] |
d9e9662db1 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:03:48:00 | WinXP | 4.252.134.225 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, SYCAMORE, ILLINOIS, US. (DIAL) |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1270 hits: 12-31 to 10-07] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:04:12:00 | Win2K-f | 71.115.132.232 (VERIZON.NET): VERIZON INTERNET SERVICES INC, DENTON, TEXAS, US. (100Mbps) |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] a08f3b74a4 [Firefox:1045 hits: 06-18 to 10-07] b5919931fe [Firefox:788 hits: 06-20 to 10-07] |
none[4] a08f3b74a4[1] b5919931fe[1] |
none:none ASM:Graph ASM:Graph |
tElock| Armadillo| ASProtect| |
none lines=81 lines=90 |
trace trace trace |
| T:04:31:00 | WinXP | 117.65.38.33 (AH163.NET): CHINANET ANHUI PROVINCE NETWORK, BEIJING, BEIJING, CN. |
n/a | :proxim.ircgalaxy.pl | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | a43ad8c21e NEW |
none[none] | none:none |
none|none | none | none |
| 04:47:00 | WinXP | 24.85.107.74 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, SURREY, BRITISH COLUMBIA, CA. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:198.78.201.126:80 US:204.160.104.126:80 US:207.123.37.123:80 |
135 | pcap | raw alerts ruleset |
other 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] a08f3b74a4 [Firefox:1045 hits: 06-18 to 10-07] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:04:47:00 | Win2K-f | 64.138.243.170 (-): . |
n/a | US:microsoft.com US:download.microsoft.com US:198.78.201.126:80 US:204.160.104.126:80 US:207.123.37.123:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 05:02:00 | WinXP | 88.240.15.81 (TTNET.NET.TR): TT ADSL-ALCATEL_ACI, ISTANBUL, ISTANBUL, TR. |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 0.8 profile |
none | summary tarball |
25 of 25 | 7f60162c2c [Firefox:694 hits: 12-31 to 10-07] |
1aad8e4632 [0] | ASM:Graph |
PolyEnE| | lines=93 embedded dns |
trace |
| T:05:04:00 | WinXP | 88.240.15.81 (TTNET.NET.TR): TT ADSL-ALCATEL_ACI, ISTANBUL, ISTANBUL, TR. |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:05:05:00 | WinXP | 92.36.123.86 (IKBCC.COM): EU-ZZ, UK. |
n/a | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1270 hits: 12-31 to 10-07] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:05:28:00 | WinXP | 61.20.175.187 (-): FAR EASTONE TELECOMMUNICATION CO. LTD, TAIPEI, T'AI-PEI, TW. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | a0139d7ad8 [Firefox:146 hits: 01-03 to 10-07] |
d9e9662db1 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 05:31:00 | WinXP | 122.53.8.189 (PLDT.NET): IPG, PH. |
194.54.90.246:80 | :proxim.ircgalaxy.pl UA:citi-bank.ru |
445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
36 of 36 | 6672dcb81a NEW |
none[none] | none:none |
none|none | none | none |
| 05:32:00 | Win2K-f | 75.16.232.16 (SBCGLOBAL.NET): PPPOX POOL - RBACK3.KNTPIN, EVANSVILLE, INDIANA, US. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 77 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] a08f3b74a4 [Firefox:1045 hits: 06-18 to 10-07] b5919931fe [Firefox:788 hits: 06-20 to 10-07] |
none[4] a08f3b74a4[1] b5919931fe[1] |
none:none ASM:Graph ASM:Graph |
tElock| Armadillo| ASProtect| |
none lines=81 lines=90 |
trace trace trace |
| 05:54:00 | WinXP | 62.46.65.141 (TELEKOM.AT): HIGHWAY CUSTOMERS, VIENNA, WIEN, AT. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
32 of 32 | 03f912899b [Firefox:157 hits: 01-08 to 10-07] |
83893bd25d [0] | ASM:Graph |
none|none | lines=65 | trace | |
| 05:59:00 | WinXP | 121.80.38.242 (EONET.NE.JP): K-OPTICOM CORPORATION, JP. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 16 lines |
Yeah : 1.3 profile |
none | summary tarball |
35 of 36 | 141d1a2779 NEW |
none[none] | none:none |
none|none | none | none | |
| 06:35:00 | WinXP | 41.214.167.234 (-): . |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1270 hits: 12-31 to 10-07] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:06:57:00 | WinXP | 87.110.120.76 (-): ADDRESS POOL FOR LTC-HOME CUSTOMERS, RIGA, RIGA, LV. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | e69e23fa76 NEW |
none[none] | none:none |
none|none | none | none |
| 07:08:00 | Win2K-f | 76.161.14.254 (-): . |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 79 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] a08f3b74a4 [Firefox:1045 hits: 06-18 to 10-07] b5919931fe [Firefox:788 hits: 06-20 to 10-07] |
none[4] a08f3b74a4[1] b5919931fe[1] |
none:none ASM:Graph ASM:Graph |
tElock| Armadillo| ASProtect| |
none lines=81 lines=90 |
trace trace trace |
| 07:17:00 | Win2K-f | 203.91.190.198 (STARCAT.NE.JP): KMN CORPORATION, NAGOYA, AICHI, JP. |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 79 lines |
Yeah : 1.3 profile |
none | summary tarball |
32 of 33 9 of 33 0 of 32 |
2851817490 [Firefox: 7 hits: 06-27 to 09-25] 624c441842 [Firefox: 4 hits: 06-27 to 09-25] b5919931fe [Firefox:788 hits: 06-20 to 10-07] |
none[none] none [none] b5919931fe[1] |
none:none none:none ASM:Graph |
none|none none|none ASProtect| |
none none lines=90 |
none none trace |
| T:07:25:00 | WinXP | 123.19.135.118 (-): VIETNAM TELECOM NATIONAL (VTN), VN. |
n/a | :www.google.com.au :jbeegvia.ru |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
32 of 32 | bb7681eca8 [Firefox: 4 hits: 09-26 to 10-05] |
none[none] | none:none |
none|none | none | none |
| T:07:30:00 | WinXP | 97.76.195.173 (-): . |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 0.8 profile |
none | summary tarball |
36 of 36 | eca9a5fa95 [Firefox:39 hits: 08-09 to 10-07] |
none[none] | none:none |
none|none | none | none |
| T:07:31:00 | WinXP | 218.251.70.106 (EONET.NE.JP): K-OPTICOM CORPORATION, OSAKA, OSAKA, JP. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | a0139d7ad8 [Firefox:146 hits: 01-03 to 10-07] |
d9e9662db1 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:07:41:00 | Win2K-f | 68.187.205.120 (CHARTER.COM): CHARTER COMMUNICATIONS, GREENVILLE, SOUTH CAROLINA, US. |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] a08f3b74a4 [Firefox:1045 hits: 06-18 to 10-07] b5919931fe [Firefox:788 hits: 06-20 to 10-07] |
none[4] a08f3b74a4[1] b5919931fe[1] |
none:none ASM:Graph ASM:Graph |
tElock| Armadillo| ASProtect| |
none lines=81 lines=90 |
trace trace trace |
| 07:44:00 | Win2K-f | 99.152.69.5 (-): . |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.99.126:80 US:199.93.41.124:80 US:204.160.104.126:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 07:45:00 | WinXP | 87.247.99.13 (-): MIKROVISATA, LT. |
n/a | :proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
36 of 36 | 4c934f9489 NEW |
none[none] | none:none |
none|none | none | none |
| 07:48:00 | WinXP | 122.53.154.154 (PLDT.NET): IPG, PH. |
n/a | 135 | pcap | raw alerts ruleset |
other 5 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:07:50:00 | WinXP | 41.214.174.104 (-): . |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
25 of 25 | 7f60162c2c [Firefox:694 hits: 12-31 to 10-07] |
1aad8e4632 [0] | ASM:Graph |
PolyEnE| | lines=93 embedded dns |
trace |
| T:07:52:00 | WinXP | 86.96.54.57 (NET.AE): EMIRATES TELECOMMUNICATIONS CORPORATION, DUBAI, DUBAI, AE. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
36 of 36 | b872c76081 [Firefox:52 hits: 09-13 to 10-07] |
none[none] | none:none |
none|none | none | none |
| 08:13:00 | Win2K-f | 173.16.103.39 (-): . |
n/a | US:microsoft.com US:download.microsoft.com US:69.28.178.10:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] a08f3b74a4 [Firefox:1045 hits: 06-18 to 10-07] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 08:20:00 | WinXP | 78.88.250.170 (-): VECTRA TECHNOLOGIE S.A, PL. |
n/a | :proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 0ca8face1c NEW |
none[none] | none:none |
none|none | none | none |
| T:08:33:00 | WinXP | 92.114.177.67 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | :proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 8793d64e05 NEW |
none[none] | none:none |
none|none | none | none |
| 08:34:00 | WinXP | 92.114.177.67 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | :proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 8793d64e05 NEW |
none[none] | none:none |
none|none | none | none |
| 08:47:00 | WinXP | 216.10.170.225 (WISPNET.NET): WISPNET LLC, WILSON, NORTH CAROLINA, US. |
n/a | EU:siliconfireware.ru US:searchportal.information.com :wpad US:208.73.210.32:80 DE:212.227.111.29:80 EU:78.47.200.154:80 |
445 | pcap | raw alerts ruleset |
http http http 3 lines |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | df17a625ee [Firefox:269 hits: 01-01 to 10-07] |
9bbdd086c5 [0] | ASM:Graph |
ASPack| | lines=186 embedded dns |
trace |
| T:08:48:00 | Win2K-f | 125.58.94.139 (-): . |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 113 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 33 of 36 27 of 36 |
b5919931fe [Firefox:788 hits: 06-20 to 10-07] e191a65a0a NEW fe8436c042 NEW |
b5919931fe [1] none [none] none [none] |
ASM:Graph none:none none:none |
ASProtect| none|none none|none |
lines=90 none none |
trace none none |
| T:09:00:00 | Win2K-f | 63.17.146.87 (UU.NET): UUNET TECHNOLOGIES INC, NEW YORK, NEW YORK, US. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.226:80 US:208.111.148.247:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 09:01:00 | WinXP | 67.89.32.207 (ALGX.NET): XO COMMUNICATIONS, DRACUT, MASSACHUSETTS, US. |
n/a | :proxim.ircgalaxy.pl US:microsoft.com US:download.microsoft.com US:208.111.148.226:80 US:208.111.148.247:80 |
135 | pcap | raw alerts ruleset |
other 113 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 36 35 of 36 |
4575d9d4f6 [Firefox: 4 hits: 10-01 to 10-07] ed570a2e4d [Firefox: 3 hits: 10-01 to 10-07] |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| T:09:02:00 | Win2K-f | 125.215.205.184 (IMSBIZ.COM): PCCW BUSINESS INTERNET ACCESS, HONG KONG, HONG KONG (SAR), HK. (100Mbps) |
n/a | 135 | pcap | raw alerts ruleset |
other 53 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 33 | 57ce4acac2 [Firefox:245 hits: 06-17 to 10-07] |
57ce4acac2 [1] | ASM:Graph |
Armadillo| | lines=81 | trace | |
| 09:10:00 | Win2K-f | 67.240.189.231 (-): . |
n/a | US:microsoft.com US:download.microsoft.com US:204.160.104.126:80 |
135 | pcap | raw alerts ruleset |
other 79 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:09:12:00 | WinXP | 4.131.216.36 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, SAN JOSE, CALIFORNIA, US. (DIAL) |
n/a | 135 | pcap | raw alerts ruleset |
other 254 lines |
Yeah : 1.3 profile |
none | summary tarball |
24 of 36 | e9ee0d4d34 [Firefox: 4 hits: 09-15 to 09-28] |
none[none] | none:none |
none|none | none | none | |
| T:09:18:00 | WinXP | 114.137.160.193 (-): . |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | 49d6cdaab4 [Firefox: 7 hits: 09-13 to 10-06] |
none[none] | none:none |
none|none | none | none |
| 09:22:00 | WinXP | 200.127.197.47 (NET.AR): PRIMA S.A, BUENOS AIRES, BUENOS AIRES, AR. (DSL) |
n/a | RU:moscow-advokat.ru RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | 96d089e522 NEW |
none[none] | none:none |
none|none | none | none |
| T:09:33:00 | WinXP | 193.248.104.63 (ABO.WANADOO.FR): TELECOM, METZ, NANTERRE, FR. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 18 lines |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 09:45:00 | Win2K-f | 218.237.123.235 (HANANET.NET): HANARO TELECOM INC, SEOUL, KYONGGI-DO, KR. |
n/a | :proxim.ircgalaxy.pl US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 114 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 32 28 of 32 |
8a75955033 [Firefox:39 hits: 06-20 to 10-05] 9276c8b36b [Firefox:39 hits: 06-20 to 10-05] |
none[4] 9276c8b36b[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:09:46:00 | WinXP | 96.15.101.72 (-): . |
n/a | :proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 6d76aea448 NEW |
none[none] | none:none |
none|none | none | none |
| 09:51:00 | WinXP | 190.188.109.65 (NET.AR): PRIMA S.A, AR. |
n/a | :proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 87bf2f533f NEW |
none[none] | none:none |
none|none | none | none |
| T:10:07:00 | WinXP | 124.27.150.153 (INFOWEB.NE.JP): INFOWEB(FUJITSU LTD.), TOKYO, TOKYO, JP. (DIAL) |
n/a | :proxim.ircgalaxy.pl | 445 | pcap | raw alerts ruleset |
shell ftp 13 lines |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 4e3381f981 NEW |
none[none] | none:none |
none|none | none | none |
| T:10:50:00 | Win2K-f | 24.103.145.151 (-): . |
n/a | US:microsoft.com US:download.microsoft.com US:205.128.73.126:80 US:207.123.42.126:80 US:8.12.222.126:80 |
135 | pcap | raw alerts ruleset |
other 253 lines |
Yeah : 1.3 profile |
none | summary tarball |
34 of 36 34 of 36 |
0b09052fb7 NEW d8cf9fc784 NEW |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| T:11:09:00 | WinXP | 87.205.234.239 (-): INTERNETIA, VIENNA, WIEN, AT. |
n/a | :proxim.ircgalaxy.pl RU:moscow-advokat.ru |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | 26e3526604 [Firefox: 7 hits: 09-16 to 10-06] |
none[none] | none:none |
none|none | none | none |
| 11:15:00 | Win2K-f | 163.203.136.226 (VIP-ZA.COM): AFRINIC, JOHANNESBURG, GAUTENG, ZA. |
n/a | 135 | pcap | raw alerts ruleset |
other 4 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:11:16:00 | WinXP | 83.95.126.17 (ADSL-DHCP.TELE.DK): TDC-TELEDANMARK-BREDBAANDSADSL-NET, VEDBAEK, COPENHAGEN, DK. (DSL) |
n/a | RU:moscow-advokat.ru RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | f5ab9763ea [Firefox: 2 hits: 10-03 to 10-03] |
none[none] | none:none |
none|none | none | none |
| 11:29:00 | WinXP | 75.49.14.119 (SBCGLOBAL.NET): PPPOX POOL - SE1.WOTNOH 101906-1259, US. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.173.53:80 US:69.28.178.10:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] a08f3b74a4 [Firefox:1045 hits: 06-18 to 10-07] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 11:33:00 | WinXP | 62.248.24.235 (KABLONET.COM.TR): CABLE OPERATOR NETWORK OF TURK TELEKOM, GAZIANTEP, GAZIANTEP, TR. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | f592d52f3c [Firefox: 5 hits: 01-06 to 05-19] |
85a7174aed [0] | ASM:Graph |
PolyEnE| | lines=73 | trace |
| 11:39:00 | WinXP | 92.96.103.104 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 13 lines |
Yeah : 0.8 profile |
none | summary tarball |
32 of 32 | 03f912899b [Firefox:157 hits: 01-08 to 10-07] |
83893bd25d [0] | ASM:Graph |
none|none | lines=65 | trace | |
| 11:45:00 | Win2K-f | 4.236.141.219 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, US. (DIAL) |
n/a | US:microsoft.com US:download.microsoft.com US:204.160.104.126:80 US:205.128.73.126:80 US:207.123.42.126:80 |
135 | pcap | raw alerts ruleset |
other 77 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 11:47:00 | WinXP | 84.237.141.97 (-): ADDRESS POOL FOR LTC-HOME CUSTOMERS, RIGA, RIGA, LV. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | a0139d7ad8 [Firefox:146 hits: 01-03 to 10-07] |
d9e9662db1 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 11:50:00 | Win2K-f | 4.228.186.214 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, DURANGO, COLORADO, US. (DIAL) |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 166 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] b5919931fe [Firefox:788 hits: 06-20 to 10-07] |
none[4] 73f1082158[1] b5919931fe[1] |
none:none ASM:Graph ASM:Graph |
tElock| Armadillo| ASProtect| |
none lines=81 lines=90 |
trace trace trace |
| 12:15:00 | WinXP | 80.218.185.201 (HISPEED.CH): CABLECOMMAIN-NET, ZURICH, ZURICH, CH. |
n/a | :proxim.ircgalaxy.pl | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | 34caa6c264 NEW |
none[none] | none:none |
none|none | none | none |
| T:12:19:00 | Win2K-f | 12.215.59.60 (MCHSI.COM): MEDIACOM COMMUNICATIONS CORP, GULF SHORES, ALABAMA, US. |
n/a | US:microsoft.com US:download.microsoft.com US:204.160.104.126:80 US:207.123.46.126:80 US:207.123.47.126:80 |
135 | pcap | raw alerts ruleset |
other 59 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 8 of 33 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] b7082104e4 [Firefox:183 hits: 06-18 to 10-07] |
none[4] none [4] |
none:none none:none |
tElock| tElock| |
none none |
trace trace |
| T:12:47:00 | WinXP | 70.184.249.79 (COX.NET): COX COMMUNICATIONS, TULSA, OKLAHOMA, US. |
n/a | :proxim.ircgalaxy.pl US:microsoft.com US:download.microsoft.com US:208.111.148.174:80 |
135 | pcap | raw alerts ruleset |
http 115 lines |
Yeah : 1.3 profile |
none | summary tarball |
34 of 36 0 of 33 28 of 33 |
da00a8e7a1 [Firefox:24 hits: 08-05 to 10-05] e07c29c4ae [Firefox:587 hits: 06-19 to 10-07] f685f8e027 [Firefox:28 hits: 06-18 to 10-05] |
none[none] e07c29c4ae[1] f685f8e027[1] |
none:none ASM:Graph ASM:Graph |
none|none FSG| Armadillo| |
none lines=92 lines=82 |
none trace trace |
| T:12:53:00 | WinXP | 89.155.232.160 (-): TVCABO PORTUGAL S.A, PT. |
n/a | DE:siliconfireware.ru US:searchportal.information.com :www.proxy-socks.net :wpad US:208.73.210.32:80 EU:78.47.200.154:80 |
445 | pcap | raw alerts ruleset |
http http http 3 lines |
Yeah : 0.8 profile |
none | summary tarball |
29 of 30 | af79e0c602 [Firefox: 9 hits: 01-08 to 10-01] |
none[4] | none:none |
ASPack| | none | trace |
| T:13:11:00 | Win2K-f | 99.152.69.5 (-): . |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.115:80 |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] b5919931fe [Firefox:788 hits: 06-20 to 10-07] |
none[4] 73f1082158[1] b5919931fe[1] |
none:none ASM:Graph ASM:Graph |
tElock| Armadillo| ASProtect| |
none lines=81 lines=90 |
trace trace trace |
| T:13:13:00 | WinXP | 82.208.134.70 (ASTRAL.RO): ASTRAL-CJ-DOCSIS, CLUJ-NAPOCA, CLUJ, RO. |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
25 of 25 | 7f60162c2c [Firefox:694 hits: 12-31 to 10-07] |
1aad8e4632 [0] | ASM:Graph |
PolyEnE| | lines=93 embedded dns |
trace |
| T:13:25:00 | WinXP | 74.34.184.188 (FRONTIERNET.NET): FRONTIER COMMUNICATIONS OF AMERICA INC, ROCHESTER, NEW YORK, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 7e8bfa9b49 [Firefox: 6 hits: 10-01 to 10-07] |
none[none] | none:none |
none|none | none | none |
| T:13:27:00 | WinXP | 80.218.164.164 (HISPEED.CH): CABLECOMMAIN-NET, ZURICH, ZURICH, CH. |
n/a | :proxim.ircgalaxy.pl | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | 34caa6c264 NEW |
none[none] | none:none |
none|none | none | none |
| 13:28:00 | WinXP | 81.84.216.35 (CPE.NETCABO.PT): TVCABO-PORTUGAL CABLE MODEM NETWORK, COIMBRA, COIMBRA, PT. |
n/a | RU:moscow-advokat.ru RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
36 of 36 | 3ff96af82f NEW |
none[none] | none:none |
none|none | none | none |
| 13:30:00 | WinXP | 75.49.227.138 (SBCGLOBAL.NET): PPPOX POOL - BRAS6.STLSMO, ST. LOUIS, MISSOURI, US. (DSL) |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | 986b59708d [Firefox:95 hits: 01-14 to 10-07] |
8a00217866 [0] | ASM:Graph |
PolyEnE| | lines=57 | trace |
| T:13:48:00 | WinXP | 41.235.214.109 (TEDATA.NET): PROVIDER LOCAL REGISTRY, EG. |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | c2a03dfdd5 NEW |
none[none] | none:none |
none|none | none | none |
| 13:50:00 | WinXP | 77.21.177.201 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | 47f8cf336a [Firefox: 3 hits: 09-22 to 10-05] |
none[none] | none:none |
none|none | none | none |
| T:13:50:00 | WinXP | 4.224.12.222 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, CINCINNATI, OHIO, US. (DIAL) |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | 97fe4b49e5 NEW |
none[none] | none:none |
none|none | none | none |
| T:13:51:00 | WinXP | 82.207.61.229 (UKRTEL.NET): UKRTELECOM IP ACCESS NETWORK IN KHARKIV, UA. |
n/a | RU:moscow-advokat.ru :caen.fr.eu.undernet.org SE:qis.md.us.dal.net US:lia.zanet.net SE:ozbytes.dal.net :flanders.be.eu.undernet.org :los-angeles.ca.us.undernet.org AT:graz.at.eu.undernet.org :gaspode.zanet.org.za NL:london.uk.eu.undernet.org SE:vancouver.dal.net :lulea.se.eu.undernet.org RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
25 of 25 | 7f60162c2c [Firefox:694 hits: 12-31 to 10-07] |
1aad8e4632 [0] | ASM:Graph |
PolyEnE| | lines=93 embedded dns |
trace |
| 14:02:00 | Win2K-f | 24.97.206.182 (RR.COM): ROAD RUNNER HOLDCO LLC, WOODSTOCK, NEW YORK, US. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.173.16:80 US:208.111.173.41:80 |
135 | pcap | raw alerts ruleset |
other 253 lines |
Yeah : 1.3 profile |
none | summary tarball |
34 of 36 34 of 36 |
0b09052fb7 NEW d8cf9fc784 NEW |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| 14:10:00 | WinXP | 157.157.237.236 (SIMNET.IS): LANDSSIMI ISLANDS, REYKJAVíK, REYKJAVIK, IS. (DSL) |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 13 lines |
Yeah : 0.8 profile |
none | summary tarball |
31 of 32 | 741e3b03b3 [Firefox:451 hits: 01-05 to 10-07] |
e0197e8a64 [0] | ASM:Graph |
none|none | lines=62 | trace | |
| 14:18:00 | WinXP | 24.65.243.184 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, CALGARY, ALBERTA, CA. (DSL) |
n/a | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:14:23:00 | Win2K-f | 98.141.162.205 (-): . |
n/a | 135 | pcap | raw alerts ruleset |
other 18 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:14:28:00 | WinXP | 98.172.138.101 (-): . |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.254:80 US:208.111.153.215:80 |
135 | pcap | raw alerts ruleset |
other 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 14:29:00 | WinXP | 70.70.215.5 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, SURREY, BRITISH COLUMBIA, CA. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 77 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 0 of 33 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] e07c29c4ae [Firefox:587 hits: 06-19 to 10-07] |
none[4] 73f1082158[1] e07c29c4ae[1] |
none:none ASM:Graph ASM:Graph |
tElock| Armadillo| FSG| |
none lines=81 lines=92 |
trace trace trace |
| 14:39:00 | Win2K-f | 24.77.71.211 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, MAPLE RIDGE, BRITISH COLUMBIA, CA. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
other 124 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 36 31 of 36 |
8da9ca8dd8 NEW 954b58386b NEW |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| T:14:44:00 | WinXP | 12.73.237.26 (ATT.NET): AT&T WORLDNET SERVICES, CHICAGO, ILLINOIS, US. (DIAL) |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | 1a2c0e6130 [Firefox:455 hits: 12-31 to 10-07] |
048df78048 [0] | ASM:Graph |
none|none | lines=61 | trace | |
| 14:47:00 | WinXP | 94.191.243.87 (-): . |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1270 hits: 12-31 to 10-07] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:14:47:00 | WinXP | 94.191.243.87 (-): . |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1270 hits: 12-31 to 10-07] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:14:56:00 | Win2K-f | 202.107.200.81 (-): ZHEJIANG FOREST COLLEGE, ZHEJIANG, ZHEJIANG, CN. (100Mbps) |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.173.53:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] a08f3b74a4 [Firefox:1045 hits: 06-18 to 10-07] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 15:00:00 | Win2K-f | 24.70.26.59 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, RED DEER, ALBERTA, CA. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.173.52:80 US:208.111.173.53:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:15:02:00 | WinXP | 78.34.27.58 (NETCOLOGNE.DE): NETCOLOGNE GMBH, KOELN, NORDRHEIN-WESTFALEN, DE. |
n/a | :proxima.ircgalaxy.pl RU:moscow-advokat.ru |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
35 of 36 | c392067a90 NEW |
none[none] | none:none |
none|none | none | none |
| T:15:11:00 | WinXP | 201.47.110.53 (STERLINGSTUDENTS.NET): COMITE GESTOR DA INTERNET NO BRASIL, BR. (DSL) |
n/a | RU:moscow-advokat.ru RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
25 of 25 | 7f60162c2c [Firefox:694 hits: 12-31 to 10-07] |
1aad8e4632 [0] | ASM:Graph |
PolyEnE| | lines=93 embedded dns |
trace |
| 15:21:00 | Win2K-f | 70.64.7.84 (GASOC.COM): SHAW COMMUNICATIONS INC, SASKATOON, SASKATCHEWAN, CA. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.15:80 US:208.111.148.23:80 |
135 | pcap | raw alerts ruleset |
other 110 lines |
Yeah : 1.3 profile |
none | summary tarball |
34 of 36 32 of 36 |
2e43dc0077 [Firefox: 5 hits: 10-01 to 10-05] 3fd58319f0 NEW |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| 15:29:00 | Win2K-f | 208.127.147.76 (DSLEXTREME.COM): DSL EXTREME, WINNETKA, CALIFORNIA, US. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.15:80 US:69.28.178.10:80 |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 15:34:00 | Win2K-f | 118.219.44.54 (-): . |
n/a | 135 | pcap | raw alerts ruleset |
other 71 lines |
Yeah : 1.3 profile |
none | summary tarball |
28 of 33 | 58c343a8d8 [Firefox:34 hits: 06-21 to 10-03] |
58c343a8d8 [1] | ASM:Graph |
Armadillo| | lines=82 | trace | |
| 15:38:00 | WinXP | 72.175.147.148 (BRESNAN.NET): BRESNAN COMMUNICATIONS LLC, PURCHASE, NEW YORK, US. |
n/a | :proxim.ircgalaxy.pl US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 115 lines |
Yeah : 1.3 profile |
none | summary tarball |
31 of 36 0 of 33 34 of 36 |
2ad0505cbb NEW e07c29c4ae [Firefox:587 hits: 06-19 to 10-07] f85a2f9c48 NEW |
none[none] e07c29c4ae[1] none [none] |
none:none ASM:Graph none:none |
none|none FSG| none|none |
none lines=92 none |
none trace none |
| 15:49:00 | WinXP | 76.234.61.104 (SBCGLOBAL.NET): PPPOX POOL - BRAS16.LSAN, US. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.173.47:80 US:208.111.173.52:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:15:54:00 | WinXP | 70.253.227.197 (SWBELL.NET): PPPOX POOL - RBACK3 WACOTX, WACO, TEXAS, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1270 hits: 12-31 to 10-07] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:16:17:00 | WinXP | 98.105.57.148 (-): . |
n/a | :proxim.ircgalaxy.pl UA:citi-bank.ru |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | f353d4eed9 [Firefox:29 hits: 09-17 to 10-07] |
none[none] | none:none |
none|none | none | none |
| 16:17:00 | WinXP | 98.105.57.148 (-): . |
194.54.90.246:80 | :proxim.ircgalaxy.pl UA:citi-bank.ru |
445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
35 of 36 | f353d4eed9 [Firefox:29 hits: 09-17 to 10-07] |
none[none] | none:none |
none|none | none | none |
| T:16:38:00 | WinXP | 72.251.93.219 (1DIAL.COM): AD-BASE SYSTEMS INC. (DBA GLOBALPOPS), PITTSBURGH, PENNSYLVANIA, US. (DIAL) |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
26 of 28 | ca47a36342 [Firefox:15 hits: 02-16 to 10-06] |
c3a58f69c6 [0] | ASM:Graph |
PolyEnE| | lines=89 embedded dns |
trace |
| 16:38:00 | WinXP | 4.225.193.120 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, HUDSON, COLORADO, US. (DIAL) |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.110.126:80 US:204.160.104.126:80 US:4.23.60.125:80 |
135 | pcap | raw alerts ruleset |
other 77 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] a08f3b74a4 [Firefox:1045 hits: 06-18 to 10-07] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:16:43:00 | WinXP | 4.181.155.57 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, W HARTFORD, CONNECTICUT, US. (DIAL) |
n/a | 445 | pcap | raw alerts ruleset |
other 0 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 16:57:00 | WinXP | 71.111.185.19 (VERIZON.NET): VERIZON INTERNET SERVICES INC, ALOHA, OREGON, US. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.173.41:80 US:208.111.173.42:80 |
135 | pcap | raw alerts ruleset |
other 87 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] a08f3b74a4 [Firefox:1045 hits: 06-18 to 10-07] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 17:17:00 | WinXP | 99.163.49.162 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 15 lines |
Yeah : 1.3 profile |
none | summary tarball |
32 of 32 | 03f912899b [Firefox:157 hits: 01-08 to 10-07] |
83893bd25d [0] | ASM:Graph |
none|none | lines=65 | trace | |
| T:17:41:00 | WinXP | 75.137.188.143 (CHARTER.COM): CHARTER COMMUNICATIONS, ATHENS, GEORGIA, US. |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
34 of 36 | 18c7040ea0 NEW |
none[none] | none:none |
none|none | none | none |
| T:17:42:00 | WinXP | 216.139.101.216 (GRM.NET): GRAND RIVER MUTUAL TELEPHONE CORPORATION, JAMESPORT, MISSOURI, US. |
n/a | :proxim.ircgalaxy.pl | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | 688576e4d8 NEW |
none[none] | none:none |
none|none | none | none |
| 17:47:00 | WinXP | 75.180.36.29 (RR.COM): ROAD RUNNER HOLDCO LLC, DUBLIN, OHIO, US. |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | 3ae357d17b [Firefox:182 hits: 01-01 to 10-07] |
462a7be171 [0] | ASM:Graph |
PolyEnE| | lines=73 | trace |
| T:17:52:00 | WinXP | 67.125.140.230 (PACBELL.NET): AT&T INTERNET SERVICES, FRESNO, CALIFORNIA, US. |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 77 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] a08f3b74a4 [Firefox:1045 hits: 06-18 to 10-07] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 18:02:00 | Win2K-f | 69.59.90.98 (NCTV.COM): NORTHLAND CABLE TELEVISION, GREENWOOD, SOUTH CAROLINA, US. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.173.47:80 US:208.111.173.52:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 18:04:00 | WinXP | 200.123.70.96 (TECHTELNET.NET): TECHTEL LMDS COMUNICACIONES INTERACTIVAS S.A, LA PLATA, BUENOS AIRES, AR. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | b1711c43ef NEW |
none[none] | none:none |
none|none | none | none |
| T:18:06:00 | WinXP | 61.218.193.218 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TAIPEI, T'AI-PEI, TW. |
n/a | US:microsoft.com US:download.microsoft.com US:204.160.126.124:80 US:205.128.73.126:80 US:207.123.37.126:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 57ce4acac2 [Firefox:245 hits: 06-17 to 10-07] |
none[4] 57ce4acac2[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:18:13:00 | WinXP | 24.181.76.18 (CHARTER.COM): CHARTER COMMUNICATIONS, LAGRANGE, GEORGIA, US. |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 34 | c7ca96a1e8 [Firefox: 2 hits: 07-21 to 07-24] |
none[none] | none:none |
none|none | none | none |
| 18:14:00 | WinXP | 67.150.174.135 (MDSG-PACWEST.COM): PAC-WEST MANAGED MODEM NAS POOL, LOS ANGELES, CALIFORNIA, US. |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1270 hits: 12-31 to 10-07] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:18:14:00 | WinXP | 67.150.174.135 (MDSG-PACWEST.COM): PAC-WEST MANAGED MODEM NAS POOL, LOS ANGELES, CALIFORNIA, US. |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1270 hits: 12-31 to 10-07] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 18:23:00 | WinXP | 70.183.165.173 (COX.NET): COX COMMUNICATIONS, PROVIDENCE, RHODE ISLAND, US. |
n/a | :proxim.ircgalaxy.pl US:microsoft.com US:download.microsoft.com US:198.78.201.126:80 US:204.160.126.126:80 US:207.123.46.126:80 |
135 | pcap | raw alerts ruleset |
other 114 lines |
Yeah : 1.3 profile |
none | summary tarball |
34 of 36 28 of 33 |
da00a8e7a1 [Firefox:24 hits: 08-05 to 10-05] f685f8e027 [Firefox:28 hits: 06-18 to 10-05] |
none[none] f685f8e027[1] |
none:none ASM:Graph |
none|none Armadillo| |
none lines=82 |
none trace |
| T:18:24:00 | Win2K-f | 172.129.84.111 (AOL.COM): AMERICA ONLINE, RESTON, VIRGINIA, US. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:198.78.201.126:80 US:204.160.126.126:80 US:207.123.46.126:80 |
135 | pcap | raw alerts ruleset |
other 110 lines |
Yeah : 1.3 profile |
none | summary tarball |
30 of 33 29 of 33 |
3373948767 [Firefox:30 hits: 07-03 to 10-05] c73f738c30 [Firefox:30 hits: 07-03 to 10-05] |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| T:18:30:00 | WinXP | 63.168.71.190 (-): AAFES/BARRACKS, HERNDON, VIRGINIA, US. |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
25 of 25 | 7f60162c2c [Firefox:694 hits: 12-31 to 10-07] |
1aad8e4632 [0] | ASM:Graph |
PolyEnE| | lines=93 embedded dns |
trace |
| 18:32:00 | Win2K-f | 74.211.4.245 (BEYONDBB.COM): ORANGE BROADBAND, MT. VERNON, ILLINOIS, US. |
n/a | US:microsoft.com US:download.microsoft.com US:204.160.126.124:80 US:207.123.46.126:80 US:4.23.60.125:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:18:32:00 | Win2K-f | 24.79.64.101 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, VANCOUVER, BRITISH COLUMBIA, CA. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:204.160.126.124:80 US:207.123.46.126:80 US:4.23.60.125:80 |
135 | pcap | raw alerts ruleset |
other 123 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 36 31 of 36 |
0115338c8b [Firefox: 9 hits: 09-12 to 10-01] 321f4fc27d [Firefox: 9 hits: 09-12 to 10-01] |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| T:18:34:00 | WinXP | 200.45.96.239 (NET.AR): APOLO -GOLD-TELECOM-PER, SAN ISIDRO, BUENOS AIRES, AR. |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
36 of 36 | cc263a661d [Firefox:12 hits: 09-24 to 10-02] |
none[none] | none:none |
none|none | none | none |
| 18:44:00 | WinXP | 220.110.193.42 (E-AIDMA.CO.JP): AIDMA CO. LTD, JP. (100Mbps) |
n/a | :www.google.com.au :jbeegvia.ru US:crime-research.ru US:www.worldbank.org :yoiayoi.ru :wcqahzhzn.ru :iirpryry.ru :rihafvu.ru :wpad :ryryodokm.ru :uvjiis.ru :gwvwka.ru :jqsbnyzkp.ru :pvygdo.ru :fxkyagpnw.ru :knclvdz.ru :trsqeigw.ru :odokeqy.ru :kelmpsjp.ru :edjiesp.ru :vllcdvv.ru :nuksdln.ru :tmmeno.ru :zoxdgqx.ru :pwvbfz.ru :nuzbcp.ru US:prodexteam.net :bqpuqt.ru :okskyyn.ru :pnlkria.ru :kargai.ru :kfwfceki.ru |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
31 of 32 | 17028f1eda [Firefox:40 hits: 04-18 to 10-07] |
none[3] | none:none |
tElock| | none | trace |
| 18:47:00 | Win2K-f | 61.222.240.150 (HINET.NET): DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD, KAOHSIUNG, KAO-HSIUNG, TW. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.23:80 |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 57ce4acac2 [Firefox:245 hits: 06-17 to 10-07] b5919931fe [Firefox:788 hits: 06-20 to 10-07] |
none[4] 57ce4acac2[1] b5919931fe[1] |
none:none ASM:Graph ASM:Graph |
tElock| Armadillo| ASProtect| |
none lines=81 lines=90 |
trace trace trace |
| T:18:47:00 | WinXP | 204.193.218.2 (QWEST.NET): QWEST BROADBAND SERVICES INC, DENVER, COLORADO, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
36 of 36 | 71b183b0c8 [Firefox:16 hits: 09-17 to 10-07] |
none[none] | none:none |
none|none | none | none |
| 18:48:00 | WinXP | 204.193.218.2 (QWEST.NET): QWEST BROADBAND SERVICES INC, DENVER, COLORADO, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
36 of 36 | 71b183b0c8 [Firefox:16 hits: 09-17 to 10-07] |
none[none] | none:none |
none|none | none | none |
| T:18:49:00 | WinXP | 220.110.193.42 (E-AIDMA.CO.JP): AIDMA CO. LTD, JP. (100Mbps) |
n/a | :www.google.com.au US:www.yahoo.com :jbeegvia.ru NL:www.viruslist.com US:www.worldbank.org :yoiayoi.ru :wcqahzhzn.ru :iirpryry.ru :rihafvu.ru :ryryodokm.ru :wpad :uvjiis.ru :gwvwka.ru :jqsbnyzkp.ru :pvygdo.ru :fxkyagpnw.ru :knclvdz.ru :trsqeigw.ru :odokeqy.ru :kelmpsjp.ru :edjiesp.ru :vllcdvv.ru :nuksdln.ru :tmmeno.ru :zoxdgqx.ru :pwvbfz.ru :nuzbcp.ru :bqpuqt.ru DE:kavkaz.co.uk :okskyyn.ru :pnlkria.ru :kargai.ru :kfwfceki.ru RU:alfabank.ru :nhuwxyuw.ru US:prodexteam.net :udluzuq.ru :fiazpvnne.ru :ppxuub.ru EU:crutop.nu :lvwgdhwlj.ru GB:www.candidateverifier.com :raxeqajrf.ru :dhagunb.ru :zpwmktjv.ru :aadqca.ru :ygnrqi.ru RU:www.cbr.ru :ycgnbe.ru :yeqsuem.ru :aiizkak.ru |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
31 of 32 | 17028f1eda [Firefox:40 hits: 04-18 to 10-07] |
none[3] | none:none |
tElock| | none | trace |
| 18:53:00 | WinXP | 60.234.102.10 (ORCON.NET.NZ): ORCON INTERNET LTD SUPPORT, AUCKLAND, AUCKLAND, NZ. |
n/a | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1270 hits: 12-31 to 10-07] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 19:26:00 | Win2K-f | 99.250.228.64 (STERLINGSTUDENTS.NET): ROGERS CABLE COMMUNICATIONS INC, CA. |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] a08f3b74a4 [Firefox:1045 hits: 06-18 to 10-07] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 19:56:00 | WinXP | 75.143.192.18 (CHARTER.COM): CHARTER COMMUNICATIONS, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 7e8bfa9b49 [Firefox: 6 hits: 10-01 to 10-07] |
none[none] | none:none |
none|none | none | none |
| T:19:56:00 | WinXP | 75.143.192.18 (CHARTER.COM): CHARTER COMMUNICATIONS, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 7e8bfa9b49 [Firefox: 6 hits: 10-01 to 10-07] |
none[none] | none:none |
none|none | none | none |
| 20:21:00 | WinXP | 190.137.168.211 (NET.AR): TELECOM ARGENTINA S.A, AR. |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
36 of 36 | eca9a5fa95 [Firefox:39 hits: 08-09 to 10-07] |
none[none] | none:none |
none|none | none | none |
| T:20:21:00 | WinXP | 190.137.168.211 (NET.AR): TELECOM ARGENTINA S.A, AR. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
36 of 36 | eca9a5fa95 [Firefox:39 hits: 08-09 to 10-07] |
none[none] | none:none |
none|none | none | none |
| 20:24:00 | WinXP | 66.212.145.204 (NAUTICOM.NET): PINNATECH INC, WEST MIFFLIN, PENNSYLVANIA, US. |
n/a | 135 | pcap | raw alerts ruleset |
other 167 lines |
Yeah : 1.3 profile |
none | summary tarball |
34 of 36 | bafc37aa76 NEW |
none[none] | none:none |
none|none | none | none | |
| 20:27:00 | Win2K-f | 24.241.63.121 (CHARTER.COM): CHARTER COMMUNICATIONS, LAGRANGE, GEORGIA, US. |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.99.124:80 |
135 | pcap | raw alerts ruleset |
http 317 lines |
Yeah : 1.3 profile |
none | summary tarball |
30 of 33 0 of 32 29 of 33 |
378a4bac36 [Firefox: 9 hits: 07-01 to 10-01] b5919931fe [Firefox:788 hits: 06-20 to 10-07] d11b4c2e19 [Firefox: 9 hits: 07-01 to 10-01] |
none[none] b5919931fe[1] none [none] |
none:none ASM:Graph none:none |
none|none ASProtect| none|none |
none lines=90 none |
none trace none |
| T:20:31:00 | Win2K-f | 24.241.63.121 (CHARTER.COM): CHARTER COMMUNICATIONS, LAGRANGE, GEORGIA, US. |
n/a | US:microsoft.com US:download.microsoft.com US:199.93.44.124:80 |
135 | pcap | raw alerts ruleset |
http 317 lines |
Yeah : 1.3 profile |
none | summary tarball |
30 of 33 0 of 32 29 of 33 |
378a4bac36 [Firefox: 9 hits: 07-01 to 10-01] b5919931fe [Firefox:788 hits: 06-20 to 10-07] d11b4c2e19 [Firefox: 9 hits: 07-01 to 10-01] |
none[none] b5919931fe[1] none [none] |
none:none ASM:Graph none:none |
none|none ASProtect| none|none |
none lines=90 none |
none trace none |
| 20:33:00 | WinXP | 116.126.249.246 (-): HANARO TELECOM, SEOUL, KYONGGI-DO, KR. |
n/a | :proxim.ircgalaxy.pl US:microsoft.com US:download.microsoft.com US:207.123.37.125:80 |
135 | pcap | raw alerts ruleset |
http 95 lines |
Yeah : 1.3 profile |
none | summary tarball |
30 of 33 2 of 35 |
6ec2a8994b [Firefox:25 hits: 06-18 to 09-26] bcf66a38c8 [Firefox:12 hits: 07-30 to 09-26] |
none[4] none [none] |
none:none none:none |
tElock| none|none |
none none |
trace none |
| 20:43:00 | Win2K-f | 204.95.9.210 (LCOM.NET): LIBERTY COMMUNICATIONS, WEST BRANCH, IOWA, US. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.173.47:80 US:208.111.173.52:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:20:51:00 | WinXP | 24.213.224.230 (RR.COM): ROAD RUNNER HOLDCO LLC, AMSTERDAM, NEW YORK, US. |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 77 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] a08f3b74a4 [Firefox:1045 hits: 06-18 to 10-07] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:20:53:00 | WinXP | 63.25.10.32 (UU.NET): UUNET TECHNOLOGIES INC, US. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.153.231:80 US:208.111.153.236:80 |
135 | pcap | raw alerts ruleset |
other 134 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:20:57:00 | WinXP | 116.59.144.39 (-): MOBILE BUSINESS GROUP CHUNGHWA TELECOM CO. LTD, TAIPEI, T'AI-PEI, TW. |
n/a | :proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 1b7ec6ce60 [Firefox: 6 hits: 09-16 to 09-24] |
none[none] | none:none |
none|none | none | none |
| 21:06:00 | Win2K-f | 220.128.125.227 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.108:80 US:208.111.148.69:80 |
135 | pcap | raw alerts ruleset |
other 95 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 33 29 of 32 |
57ce4acac2 [Firefox:245 hits: 06-17 to 10-07] 83f26f5044 [Firefox:25 hits: 06-20 to 10-04] |
57ce4acac2 [1] none [4] |
ASM:Graph none:none |
Armadillo| tElock| |
lines=81 none |
trace trace |
| 21:20:00 | WinXP | 98.105.242.232 (-): . |
n/a | 135 | pcap | raw alerts ruleset |
other 158 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 36 | 6eca10d7e9 NEW |
none[none] | none:none |
none|none | none | none | |
| 21:24:00 | WinXP | 70.39.7.211 (-): . |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.173.52:80 US:208.111.173.53:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] a08f3b74a4 [Firefox:1045 hits: 06-18 to 10-07] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:21:33:00 | WinXP | 76.78.49.163 (APOGEENET.NET): APOGEE TELECOM INC, AUSTIN, TEXAS, US. |
n/a | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
36 of 36 | 2d6c8c447f [Firefox:11 hits: 09-16 to 10-03] |
none[none] | none:none |
none|none | none | none |
| 21:45:00 | WinXP | 189.48.159.186 (BRASILTELECOM.NET.BR): COMITE GESTOR DA INTERNET NO BRASIL, BR. |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 69d773e78a [Firefox: 2 hits: 09-28 to 09-28] |
none[none] | none:none |
none|none | none | none |
| 21:48:00 | WinXP | 24.67.184.113 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, VANCOUVER, BRITISH COLUMBIA, CA. (DSL) |
n/a | RU:moscow-advokat.ru :caen.fr.eu.undernet.org SE:qis.md.us.dal.net AT:graz.at.eu.undernet.org :los-angeles.ca.us.undernet.org :flanders.be.eu.undernet.org SE:viking.dal.net SE:ozbytes.dal.net :washington.dc.us.undernet.org :gaspode.zanet.org.za SE:broadway.ny.us.dal.net |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
34 of 36 | 3a0b35b15c NEW |
none[none] | none:none |
none|none | none | none |
| 21:57:00 | Win2K-f | 75.60.243.40 (SBCGLOBAL.NET): PPPOX POOL - SE1.WOTNOH, DALLAS, TEXAS, US. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.173.41:80 US:208.111.173.42:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] a08f3b74a4 [Firefox:1045 hits: 06-18 to 10-07] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:22:12:00 | WinXP | 4.143.17.40 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, MINNEAPOLIS, MINNESOTA, US. (DIAL) |
n/a | 135 | pcap | raw alerts ruleset |
other 6 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 22:29:00 | WinXP | 69.155.6.88 (SWBELL.NET): PPPOX POOL - BRAS1 STLSMO, ST. LOUIS, MISSOURI, US. (DSL) |
n/a | DE:siliconfireware.ru US:searchportal.information.com SE:kavkazcenter.com SE:kavkazcenter.net FI:kavkazchat.com US:chechenpress.info GB:chechenpress.co.uk :shaheeds.org US:daymohk.info :chripress.org :marsho.dk US:www.jamaatshariat.com FI:imgs2.kavkazcenter.com :www.google.com FI:static.kavkazchat.com GB:www.chechenpress.co.uk :www.islamicfinder.org :www.youtube.com 208.117.236.70:80 US:66.242.19.44:80 |
445 | pcap | raw alerts ruleset |
http http 312 lines |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | ab5e47bf8d [Firefox:44 hits: 01-02 to 10-03] |
none[3] | none:none |
ASPack| | none | trace |
| T:22:34:00 | Win2K-f | 70.184.3.86 (COX.NET): COX COMMUNICATIONS, WARNER ROBINS, GEORGIA, US. |
n/a | :proxim.ircgalaxy.pl US:microsoft.com US:download.microsoft.com US:207.123.46.126:80 |
135 | pcap | raw alerts ruleset |
other 113 lines |
Yeah : 1.3 profile |
none | summary tarball |
32 of 33 29 of 33 |
87e1117f2a [Firefox:13 hits: 07-18 to 10-06] b4fe4581c3 [Firefox:13 hits: 07-18 to 10-06] |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| T:22:46:00 | Win2K-f | 24.92.189.231 (RR.COM): ROAD RUNNER HOLDCO LLC, TAMPA, FLORIDA, US. |
n/a | US:microsoft.com US:download.microsoft.com US:207.123.46.125:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] a08f3b74a4 [Firefox:1045 hits: 06-18 to 10-07] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 22:53:00 | WinXP | 68.147.151.75 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, CALGARY, ALBERTA, CA. (DSL) |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | c2a03dfdd5 NEW |
none[none] | none:none |
none|none | none | none |
| 22:53:00 | WinXP | 75.51.249.145 (-): HASSAN MAHFOOD, PLANO, TEXAS, US. (100Mbps) |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 77 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 0 of 33 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] a08f3b74a4 [Firefox:1045 hits: 06-18 to 10-07] e07c29c4ae [Firefox:587 hits: 06-19 to 10-07] |
none[4] a08f3b74a4[1] e07c29c4ae[1] |
none:none ASM:Graph ASM:Graph |
tElock| Armadillo| FSG| |
none lines=81 lines=92 |
trace trace trace |
| T:23:06:00 | WinXP | 60.234.101.205 (ORCON.NET.NZ): ORCON INTERNET LTD SUPPORT, AUCKLAND, AUCKLAND, NZ. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1270 hits: 12-31 to 10-07] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 23:19:00 | Win2K-f | 64.139.99.92 (NCIDATA.COM): NCI DATA.COM INC, BREWSTER, WASHINGTON, US. |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.110.125:80 US:204.160.104.126:80 US:207.123.42.126:80 |
135 | pcap | raw alerts ruleset |
other 78 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 23:20:00 | WinXP | 213.21.18.67 (-): CALLINO GMBH, DE. |
n/a | :proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | b1da3a5b36 NEW |
none[none] | none:none |
none|none | none | none |
| 23:47:00 | WinXP | 99.224.119.109 (ROGERS.COM): ROGERS CABLE COMMUNICATIONS INC, TORONTO, ONTARIO, CA. |
n/a | US:microsoft.com US:download.microsoft.com US:199.93.41.126:80 US:205.128.73.126:80 US:207.123.37.126:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:2950 hits: 06-17 to 10-07] 73f1082158 [Firefox:1451 hits: 06-18 to 10-07] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |