|
Time |
Victim OS |
Infection Source |
C&C Server |
DNS Lookups & Failed Connects |
Infection Port |
Packet Trace |
Detection Signatures |
Infection Chatter |
BotHunter Analysis |
Behavioral Cluster |
Forensic Logs |
Antivirus Labels |
Packed Malware_Binary |
Unpacked egg.exe |
Unpacked egg.asm |
Packer PEID |
Data Strings |
Syscall Trace |
| T:11:23:00 | WinXP | 83.132.49.24 (CPE.NETCABO.PT): TVCABO-PORTUGAL CABLE MODEM NETWORK, LISBON, LISBOA, PT. |
n/a | EU:proxim.ircgalaxy.pl | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | 1094c6aece NEW |
none[none] | none:none |
none|none | none | none |
| T:11:40:00 | WinXP | 68.225.84.48 (COX.NET): COX COMMUNICATIONS, NEWPORT NEWS, VIRGINIA, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | fcd4bae1af [Firefox: 4 hits: 10-27 to 10-31] |
none[none] | none:none |
none|none | none | none |
| 11:43:00 | WinXP | 68.225.84.48 (COX.NET): COX COMMUNICATIONS, NEWPORT NEWS, VIRGINIA, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | fcd4bae1af [Firefox: 4 hits: 10-27 to 10-31] |
none[none] | none:none |
none|none | none | none |
| 11:49:00 | WinXP | 209.127.208.24 (-): TELSCAPE COMMUNICATIONS INC, MONROVIA, CALIFORNIA, US. |
79.132.211.24:65520 | EU:proxim.ircgalaxy.pl US:microsoft.com EU:79.132.211.24:65520 |
135 | pcap | raw alerts ruleset |
irc 126 lines |
Yeah : 1.8 profile |
none | summary tarball |
34 of 36 32 of 36 |
a8c074e136 [Firefox:10 hits: 08-21 to 11-07] fc22cbd605 [Firefox:10 hits: 08-21 to 11-07] |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| 11:50:00 | WinXP | 67.63.113.69 (SPEAKEASY.NET): US. |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:4017 hits: 06-17 to 11-17] a08f3b74a4 [Firefox:1441 hits: 06-18 to 11-16] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:11:52:00 | Win2K-f | 70.182.64.71 (COX.NET): COX COMMUNICATIONS, OKLAHOMA CITY, OKLAHOMA, US. |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:4017 hits: 06-17 to 11-17] a08f3b74a4 [Firefox:1441 hits: 06-18 to 11-16] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 12:09:00 | WinXP | 72.253.135.131 (-): . |
194.54.90.246:80 | EU:proxim.ircgalaxy.pl UA:citi-bank.ru |
445 | pcap | raw alerts ruleset |
http irc 3 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 35 | e50d19ea22 [Firefox: 8 hits: 10-21 to 11-14] |
none[none] | none:none |
none|none | none | none |
| T:12:16:00 | WinXP | 87.116.202.95 (TNP.PL): NETWORK OF INTERNET SERVICE PROVIDER, PL. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
32 of 32 | 5818023061 [Firefox: 5 hits: 04-01 to 11-15] |
a227e5e49d [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:12:32:00 | WinXP | 24.70.26.59 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, RED DEER, ALBERTA, CA. (DSL) |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:4017 hits: 06-17 to 11-17] 73f1082158 [Firefox:1992 hits: 06-18 to 11-17] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 12:45:00 | WinXP | 209.42.150.240 (WISPNET.NET): WISPNET LLC, HOPKINSVILLE, KENTUCKY, US. |
n/a | RU:moscow-advokat.ru RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
25 of 25 | 7f60162c2c [Firefox:756 hits: 12-31 to 11-15] |
1aad8e4632 [0] | ASM:Graph |
PolyEnE| | lines=93 embedded dns |
trace |
| T:12:47:00 | WinXP | 209.42.150.240 (WISPNET.NET): WISPNET LLC, HOPKINSVILLE, KENTUCKY, US. |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
25 of 25 | 7f60162c2c [Firefox:756 hits: 12-31 to 11-15] |
1aad8e4632 [0] | ASM:Graph |
PolyEnE| | lines=93 embedded dns |
trace |
| 12:54:00 | WinXP | 88.166.218.62 (PROXAD.NET): PROXAD / FREE SAS, PARIS, ILE-DE-FRANCE, FR. |
n/a | RU:moscow-advokat.ru RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
29 of 36 | a1c572df66 [Firefox: 2 hits: 11-04 to 11-09] |
none[none] | none:none |
none|none | none | none |
| T:12:55:00 | WinXP | 88.166.218.62 (PROXAD.NET): PROXAD / FREE SAS, PARIS, ILE-DE-FRANCE, FR. |
n/a | RU:moscow-advokat.ru RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
29 of 36 | a1c572df66 [Firefox: 2 hits: 11-04 to 11-09] |
none[none] | none:none |
none|none | none | none |
| T:13:00:00 | WinXP | 79.163.181.202 (-): IDEA, PL. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 6b3beaea1a [Firefox:34 hits: 10-21 to 11-15] |
none[none] | none:none |
none|none | none | none |
| 13:12:00 | WinXP | 83.233.210.160 (BREDBAND2.NET): PROVIDER LOCAL REGISTRY, SE. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 428ae15458 [Firefox:26 hits: 10-14 to 11-16] |
none[none] | none:none |
none|none | none | none |
| 13:14:00 | WinXP | 163.203.132.174 (VIP-ZA.COM): AFRINIC, JOHANNESBURG, GAUTENG, ZA. |
n/a | 135 | pcap | raw alerts ruleset |
other 173 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:4017 hits: 06-17 to 11-17] 57ce4acac2 [Firefox:352 hits: 06-17 to 11-16] |
none[4] 57ce4acac2[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
|
| T:13:16:00 | WinXP | 87.246.62.152 (-): CMTS CLIENTS IN SOFIA, SOFIA, SOFIYA, BG. |
n/a | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 06a5e31b47 [Firefox:15 hits: 10-28 to 11-14] |
none[none] | none:none |
none|none | none | none | |
| T:13:20:00 | WinXP | 66.63.109.32 (GWI.NET): GREAT WORKS INTERNET, SHAPLEIGH, MAINE, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1116 hits: 12-31 to 11-16] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:13:34:00 | Win2K-f | 218.211.83.179 (SPARQNET.NET): NEW CENTURY INFOCOMM TECH. CO. LTD, TW. |
n/a | 135 | pcap | raw alerts ruleset |
other 18 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 13:37:00 | WinXP | 208.100.229.192 (1DIAL.COM): AD-BASE SYSTEMS INC. (DBA GLOBALPOPS), PITTSBURGH, PENNSYLVANIA, US. (DIAL) |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 129 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:4017 hits: 06-17 to 11-17] 73f1082158 [Firefox:1992 hits: 06-18 to 11-17] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:13:39:00 | WinXP | 82.207.37.179 (UKRTEL.NET): UKRTELECOM IP ACCESS NETWORK IN SIMPHEROPOL, UA. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 0.8 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1116 hits: 12-31 to 11-16] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 13:46:00 | WinXP | 63.139.123.146 (-): FLYING COLORS BROADCASTS, WASHINGTON, DISTRICT OF COLUMBIA, US. (100Mbps) |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:4017 hits: 06-17 to 11-17] 73f1082158 [Firefox:1992 hits: 06-18 to 11-17] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:13:55:00 | WinXP | 85.122.43.144 (RNC.RO): RNC, RO. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | a0139d7ad8 [Firefox:180 hits: 04-10 to 11-15] |
d9e9662db1 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 14:04:00 | WinXP | 87.56.146.222 (BROADBAND.TELE.DK): TDC-TELEDANMARK-BREDBAANDSADSL-NET, DK. |
n/a | EU:siliconfireware.ru US:searchportal.information.com US:spi.domainsponsor.com :www.proxy-socks.net :wpad |
445 | pcap | raw alerts ruleset |
http http http 10 lines |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | a12cab51ef [Firefox:396 hits: 04-01 to 11-16] |
40f7f463c4 [0] | ASM:Graph |
ASPack| | lines=281 embedded dns |
trace |
| T:14:05:00 | WinXP | 94.191.139.20 (-): . |
n/a | EU:proxim.ircgalaxy.pl RU:moscow-advokat.ru EU:79.132.211.24:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | 3049a62223 NEW |
none[none] | none:none |
none|none | none | none |
| 14:29:00 | WinXP | 193.69.96.141 (BLUECOM.NO): CATCH COMMUNCIATIONS ASA, NO. |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
34 of 36 | 4b440bbb53 [Firefox: 7 hits: 11-10 to 11-16] |
none[none] | none:none |
none|none | none | none |
| 14:31:00 | WinXP | 88.210.66.225 (REV.OPTIMUS.PT): OPTIMUS PORTUGAL, LISBON, LISBOA, PT. (DSL) |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
35 of 36 | 6b3beaea1a [Firefox:34 hits: 10-21 to 11-15] |
none[none] | none:none |
none|none | none | none |
| T:14:32:00 | WinXP | 88.210.66.225 (REV.OPTIMUS.PT): OPTIMUS PORTUGAL, LISBON, LISBOA, PT. (DSL) |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 6b3beaea1a [Firefox:34 hits: 10-21 to 11-15] |
none[none] | none:none |
none|none | none | none |
| T:14:35:00 | WinXP | 4.136.75.174 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, ATLANTA, GEORGIA, US. (DIAL) |
n/a | 135 | pcap | raw alerts ruleset |
other 6 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 14:48:00 | WinXP | 78.63.252.180 (ZEBRA.LT): LIETUVOS, LT. |
194.54.90.246:80 | EU:proxim.ircgalaxy.pl UA:citi-bank.ru EU:79.132.211.24:65520 |
445 | pcap | raw alerts ruleset |
http irc 3 lines |
Yeah : 1.3 profile |
none | summary tarball |
35 of 36 | a917b38976 [Firefox: 9 hits: 10-14 to 11-14] |
none[none] | none:none |
none|none | none | none |
| T:14:52:00 | Win2K-f | 68.151.223.18 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, EDMONTON, ALBERTA, CA. (DSL) |
n/a | 135 | pcap | raw alerts ruleset |
other 789 lines |
Yeah : 1.3 profile |
none | summary tarball |
18 of 36 | 02e2629711 NEW |
none[none] | none:none |
none|none | none | none | |
| T:14:53:00 | WinXP | 75.138.52.95 (CHARTER.COM): CHARTER COMMUNICATIONS, GREENVILLE, SOUTH CAROLINA, US. |
n/a | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:14:54:00 | WinXP | 41.214.168.38 (-): . |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1116 hits: 12-31 to 11-16] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:15:04:00 | WinXP | 203.184.3.115 (CALLPLUS.NET.NZ): CALLPLUS SERVICES LIMITED, NZ. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | 986b59708d [Firefox:116 hits: 04-07 to 11-16] |
8a00217866 [0] | ASM:Graph |
PolyEnE| | lines=57 | trace |
| 15:08:00 | Win2K-f | 70.167.83.233 (COX.NET): COX COMMUNICATIONS, MACON, GEORGIA, US. |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:4017 hits: 06-17 to 11-17] 73f1082158 [Firefox:1992 hits: 06-18 to 11-17] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 15:20:00 | WinXP | 75.79.51.69 (-): . |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:4017 hits: 06-17 to 11-17] 73f1082158 [Firefox:1992 hits: 06-18 to 11-17] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:15:26:00 | WinXP | 92.40.230.150 (IKBCC.COM): EU-ZZ, UK. |
n/a | EU:proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 EU:79.132.211.24:65520 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | b52d214d08 [Firefox:60 hits: 10-05 to 11-16] |
none[none] | none:none |
none|none | none | none |
| 15:27:00 | WinXP | 75.42.90.119 (SBCGLOBAL.NET): PPPOX POOL - BRAS5.SCRMCA 090106-1000, US. (DSL) |
n/a | :www.google.com.au US:www.yahoo.com :jbeegvia.ru |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
31 of 32 | 17028f1eda [Firefox:58 hits: 04-18 to 11-05] |
none[3] | none:none |
tElock| | none | trace |
| 15:50:00 | Win2K-f | 70.242.27.83 (SWBELL.NET): PPPOX POOL - RBACK17 HSTNTX, HOUSTON, TEXAS, US. (DIAL) |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:4017 hits: 06-17 to 11-17] a08f3b74a4 [Firefox:1441 hits: 06-18 to 11-16] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 16:09:00 | Win2K-f | 60.248.17.88 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TAOYUAN, T'AI-WAN, TW. |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:4017 hits: 06-17 to 11-17] 57ce4acac2 [Firefox:352 hits: 06-17 to 11-16] |
none[4] 57ce4acac2[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 16:13:00 | WinXP | 4.252.169.170 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, US. (DIAL) |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 81 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:4017 hits: 06-17 to 11-17] 73f1082158 [Firefox:1992 hits: 06-18 to 11-17] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 16:17:00 | Win2K-f | 125.230.86.152 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
n/a | 139 | pcap | raw alerts ruleset |
ftp 12 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 36 | d73bdf4a0e [Firefox:32 hits: 10-27 to 11-16] |
none[none] | none:none |
none|none | none | none | |
| 16:20:00 | WinXP | 217.202.102.119 (-): TELECOM ITALIA MOBILE, IT. |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
34 of 36 | 3f4618b880 [Firefox: 3 hits: 11-08 to 11-13] |
none[none] | none:none |
none|none | none | none |
| T:16:20:00 | WinXP | 217.202.102.119 (-): TELECOM ITALIA MOBILE, IT. |
n/a | RU:moscow-advokat.ru RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | 3f4618b880 [Firefox: 3 hits: 11-08 to 11-13] |
none[none] | none:none |
none|none | none | none |
| T:16:21:00 | Win2K-f | 172.163.255.57 (AOL.COM): AMERICA ONLINE, US. |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 79 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:4017 hits: 06-17 to 11-17] 73f1082158 [Firefox:1992 hits: 06-18 to 11-17] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 16:27:00 | WinXP | 190.246.172.183 (-): . |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
35 of 36 | b27d73bfcb [Firefox:58 hits: 10-10 to 11-16] |
none[none] | none:none |
none|none | none | none |
| T:16:27:00 | WinXP | 190.246.172.183 (-): . |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
35 of 36 | b27d73bfcb [Firefox:58 hits: 10-10 to 11-16] |
none[none] | none:none |
none|none | none | none |
| T:16:52:00 | Win2K-f | 4.182.233.8 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, SAN JOSE, CALIFORNIA, US. (DIAL) |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 131 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:4017 hits: 06-17 to 11-17] 73f1082158 [Firefox:1992 hits: 06-18 to 11-17] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 16:53:00 | WinXP | 66.105.244.6 (ALGX.NET): XO COMMUNICATIONS, SAN ANTONIO, TEXAS, US. |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1116 hits: 12-31 to 11-16] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:16:57:00 | WinXP | 24.187.160.243 (OPTONLINE.NET): OPTIMUM ONLINE (CABLEVISION SYSTEMS), MEDFORD, NEW YORK, US. |
n/a | 135 | pcap | raw alerts ruleset |
other 1010 lines |
Yeah : 1.3 profile |
none | summary tarball |
6 of 36 7 of 36 |
2c0902a088 [Firefox: 3 hits: 11-12 to 11-14] 435638f87d [Firefox: 3 hits: 11-12 to 11-14] |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
|
| 17:07:00 | WinXP | 114.148.160.155 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 15 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | 831f4ee0a7 [Firefox:488 hits: 04-01 to 11-15] |
eb7546c600 [0] | ASM:Graph |
none|none | lines=61 | trace | |
| T:17:10:00 | WinXP | 4.155.15.231 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, BALTIMORE, MARYLAND, US. (DIAL) |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 15 lines |
Yeah : 1.3 profile |
none | summary tarball |
31 of 32 | 741e3b03b3 [Firefox:549 hits: 04-15 to 11-16] |
e0197e8a64 [0] | ASM:Graph |
none|none | lines=62 | trace | |
| 17:12:00 | WinXP | 68.93.134.98 (SWBELL.NET): PPPOX POOL - RBACK7 AUSTTX, AUSTIN, TEXAS, US. (DSL) |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 15 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | 1a2c0e6130 [Firefox:436 hits: 12-31 to 11-16] |
048df78048 [0] | ASM:Graph |
none|none | lines=61 | trace | |
| 17:26:00 | WinXP | 130.13.134.181 (QWEST.NET): QWEST BROADBAND SERVICES INC, PHOENIX, ARIZONA, US. |
194.54.90.246:80 | EU:proxim.ircgalaxy.pl UA:citi-bank.ru EU:79.132.211.24:65520 |
445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
35 of 36 | 542616a8fe [Firefox: 2 hits: 10-20 to 10-20] |
none[none] | none:none |
none|none | none | none |
| 17:34:00 | Win2K-f | 72.174.65.214 (BRESNAN.NET): BRESNAN COMMUNICATIONS LLC, PURCHASE, NEW YORK, US. |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:4017 hits: 06-17 to 11-17] 73f1082158 [Firefox:1992 hits: 06-18 to 11-17] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:18:03:00 | WinXP | 89.195.196.106 (-): ORANGE, UK. |
n/a | EU:proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | 7ecf59459a NEW |
none[none] | none:none |
none|none | none | none |
| 18:25:00 | Win2K-f | 70.182.94.50 (COX.NET): COX COMMUNICATIONS, OKLAHOMA CITY, OKLAHOMA, US. |
79.132.211.24:65520 | EU:proxim.ircgalaxy.pl US:microsoft.com EU:79.132.211.24:65520 |
135 | pcap | raw alerts ruleset |
irc 131 lines |
Yeah : 1.8 profile |
none | summary tarball |
32 of 33 29 of 33 |
87e1117f2a [Firefox:33 hits: 07-18 to 11-08] b4fe4581c3 [Firefox:33 hits: 07-18 to 11-08] |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| T:18:32:00 | WinXP | 70.183.236.110 (COX.NET): COX COMMUNICATIONS, PENSACOLA, FLORIDA, US. |
n/a | EU:proxim.ircgalaxy.pl US:microsoft.com EU:79.132.211.24:65520 |
135 | pcap | raw alerts ruleset |
other 113 lines |
Yeah : 1.3 profile |
none | summary tarball |
34 of 36 28 of 33 |
da00a8e7a1 [Firefox:36 hits: 08-05 to 11-03] f685f8e027 [Firefox:40 hits: 06-18 to 11-03] |
none[none] f685f8e027[1] |
none:none ASM:Graph |
none|none Armadillo| |
none lines=82 |
none trace |
| T:18:42:00 | Win2K-f | 200.182.55.6 (STERLINGSTUDENTS.NET): COMITE GESTOR DA INTERNET NO BRASIL, BR. (DSL) |
n/a | CA:xx.ka3ek.com CA:alwayssam.com CA:zonetech.info |
135 | pcap | raw alerts ruleset |
irc http 341 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 36 31 of 36 15 of 36 |
41b9df60db [Firefox:10 hits: 11-03 to 11-16] a09e03283d NEW cada8d5adf [Firefox: 9 hits: 11-03 to 11-16] |
none[none] none [none] none [none] |
none:none none:none none:none |
none|none none|none none|none |
none none none |
none none none |
| T:18:45:00 | WinXP | 24.86.15.102 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, NORTH VANCOUVER, BRITISH COLUMBIA, CA. (DSL) |
n/a | UA:citi-bank.ru :parex-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 289d74b4ce [Firefox:17 hits: 11-03 to 11-16] |
none[none] | none:none |
none|none | none | none |
| T:19:11:00 | Win2K-f | 172.190.37.204 (AOL.COM): AMERICA ONLINE, RESTON, VIRGINIA, US. (DIAL) |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 226 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:4017 hits: 06-17 to 11-17] 73f1082158 [Firefox:1992 hits: 06-18 to 11-17] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:19:22:00 | WinXP | 72.64.30.16 (VERIZON.NET): VERIZON INTERNET SERVICES INC, CHARLESTON, WEST VIRGINIA, US. |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:4017 hits: 06-17 to 11-17] 73f1082158 [Firefox:1992 hits: 06-18 to 11-17] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 19:42:00 | WinXP | 24.197.132.129 (CHARTER.COM): CHARTER COMMUNICATIONS, NORTH CAROLINA, US. |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
34 of 36 | c91dfdf79a [Firefox: 8 hits: 10-20 to 11-10] |
none[none] | none:none |
none|none | none | none |
| 19:43:00 | WinXP | 4.225.5.227 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, US. (DIAL) |
194.54.90.246:80 79.132.211.24:65520 | EU:proxim.ircgalaxy.pl UA:citi-bank.ru CN:fleshkatera.cn |
445 | pcap | raw alerts ruleset |
http irc 13 lines |
Yeah : 1.3 profile |
none | summary tarball |
35 of 36 | 1e3cef226f [Firefox:14 hits: 11-04 to 11-16] |
none[none] | none:none |
none|none | none | none |
| T:19:44:00 | WinXP | 4.225.5.227 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, US. (DIAL) |
n/a | EU:proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 EU:79.132.211.24:65520 |
445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | 1e3cef226f [Firefox:14 hits: 11-04 to 11-16] |
none[none] | none:none |
none|none | none | none |
| 19:53:00 | WinXP | 24.174.13.12 (CARRERACOMMUNICATIONS.NET): ROAD RUNNER HOLDCO LLC, HOUSTON, TEXAS, US. |
n/a | DE:siliconfireware.ru US:searchportal.information.com US:spi.domainsponsor.com EU:ebookfinaltrash.ru :wpad |
445 | pcap | raw alerts ruleset |
http http http http 25 lines |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | a12cab51ef [Firefox:396 hits: 04-01 to 11-16] |
40f7f463c4 [0] | ASM:Graph |
ASPack| | lines=281 embedded dns |
trace |
| 20:19:00 | WinXP | 72.215.54.126 (COX.NET): COX COMMUNICATIONS, ATLANTA, GEORGIA, US. |
n/a | 135 | pcap | raw alerts ruleset |
other 2 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 20:19:00 | Win2K-f | 61.218.7.86 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TAIPEI, T'AI-PEI, TW. (DSL) |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:4017 hits: 06-17 to 11-17] 57ce4acac2 [Firefox:352 hits: 06-17 to 11-16] |
none[4] 57ce4acac2[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:20:28:00 | Win2K-f | 61.237.20.105 (HERBALQC.COM): CHINA RAILWAY TELECOMMUNICATIONS CENTER, CN. |
n/a | 135 | pcap | raw alerts ruleset |
other 52 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 33 | a08f3b74a4 [Firefox:1441 hits: 06-18 to 11-16] |
a08f3b74a4 [1] | ASM:Graph |
Armadillo| | lines=81 | trace | |
| 20:36:00 | WinXP | 125.174.213.185 (OCN.NE.JP): OPEN COMPUTER NETWORK, YOKOHAMA, KANAGAWA, JP. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 14 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | 831f4ee0a7 [Firefox:488 hits: 04-01 to 11-15] |
eb7546c600 [0] | ASM:Graph |
none|none | lines=61 | trace | |
| T:20:50:00 | WinXP | 76.244.147.157 (PACBELL.NET): AT&T INTERNET SERVICES, US. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 12 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 21:02:00 | WinXP | 118.15.54.237 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 15 lines |
Yeah : 1.3 profile |
none | summary tarball |
31 of 32 | 741e3b03b3 [Firefox:549 hits: 04-15 to 11-16] |
e0197e8a64 [0] | ASM:Graph |
none|none | lines=62 | trace | |
| 21:06:00 | Win2K-f | 211.176.9.123 (HANANET.NET): HANARO TELECOM INC, SEOUL, KYONGGI-DO, KR. |
79.132.211.24:65520 | US:microsoft.com EU:proxima.ircgalaxy.pl |
135 | pcap | raw alerts ruleset |
irc 112 lines |
Yeah : 1.8 profile |
none | summary tarball |
0 of 33 30 of 33 |
4c3df24b32 [Firefox:250 hits: 06-17 to 11-16] ff2150aa95 [Firefox: 9 hits: 07-03 to 11-14] |
4c3df24b32 [1] none [none] |
ASM:Graph none:none |
Armadillo| none|none |
lines=81 none |
trace none |
| T:21:11:00 | WinXP | 94.137.0.159 (-): . |
n/a | EU:proxim.ircgalaxy.pl RU:moscow-advokat.ru EU:79.132.211.24:65520 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | 8838a477a0 NEW |
none[none] | none:none |
none|none | none | none |
| T:21:13:00 | WinXP | 4.130.136.36 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, LOS ANGELES, CALIFORNIA, US. (DIAL) |
n/a | 135 | pcap | raw alerts ruleset |
other 3 lines |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 21:17:00 | Win2K-f | 71.106.30.228 (VERIZON.NET): VERIZON INTERNET SERVICES INC, LOS ANGELES, CALIFORNIA, US. (DSL) |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:4017 hits: 06-17 to 11-17] a08f3b74a4 [Firefox:1441 hits: 06-18 to 11-16] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 21:22:00 | WinXP | 76.189.27.207 (RR.COM): ROAD RUNNER HOLDCO LLC, WESTLAKE, OHIO, US. |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 [Firefox:4017 hits: 06-17 to 11-17] 73f1082158 [Firefox:1992 hits: 06-18 to 11-17] |
none[4] 73f1082158[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| 21:37:00 | WinXP | 70.66.70.187 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, NANAIMO, BRITISH COLUMBIA, CA. (DSL) |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
34 of 36 | d10f05f78a NEW |
none[none] | none:none |
none|none | none | none |
| T:21:37:00 | WinXP | 70.66.70.187 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, NANAIMO, BRITISH COLUMBIA, CA. (DSL) |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | d10f05f78a NEW |
none[none] | none:none |
none|none | none | none |
| T:21:43:00 | WinXP | 71.109.1.139 (VERIZON.NET): VERIZON INTERNET SERVICES INC, GLENDORA, CALIFORNIA, US. (DSL) |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 [Firefox:4017 hits: 06-17 to 11-17] a08f3b74a4 [Firefox:1441 hits: 06-18 to 11-16] |
none[4] a08f3b74a4[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=81 |
trace trace |
| T:21:45:00 | WinXP | 124.13.121.251 (TM.NET.MY): TELEKOM MALAYSIA BERHAD, MY. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:1116 hits: 12-31 to 11-16] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 21:45:00 | WinXP | 74.214.47.11 (METROCAST.NET): GMP CABLE TV, BERWICK, PENNSYLVANIA, US. |
194.109.11.65:6556 | :0x80.my-secure.name NL:0x80.my1x1.com NL:0x80.martiansong.com |
135 | pcap | raw alerts ruleset |
other 231 lines |
Yeah : 1.8 profile |
none | summary tarball |
32 of 33 | fe22b8315f [Firefox:14 hits: 06-19 to 11-10] |
none[4] | none:none |
StarForce| | none | trace |
| 21:51:00 | WinXP | 114.48.143.113 (-): . |
n/a | RU:moscow-advokat.ru RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 36 | 6b1c6d0395 [Firefox:10 hits: 09-18 to 11-12] |
none[none] | none:none |
none|none | none | none |
| T:21:57:00 | WinXP | 130.13.23.75 (QWEST.NET): QWEST BROADBAND SERVICES INC, PHOENIX, ARIZONA, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
35 of 36 | cce8ebff69 [Firefox: 2 hits: 10-11 to 10-27] |
none[none] | none:none |
none|none | none | none |
| T:22:00:00 | Win2K-f | 219.254.242.215 (HANANET.NET): HANARO TELECOM INC, SEOUL, KYONGGI-DO, KR. |
79.132.211.24:65520 | US:microsoft.com EU:proxim.ircgalaxy.pl |
135 | pcap | raw alerts ruleset |
irc 123 lines |
Yeah : 1.8 profile |
none | summary tarball |
30 of 33 28 of 33 |
533d15b5ce [Firefox:46 hits: 06-21 to 11-15] 58c343a8d8 [Firefox:50 hits: 06-21 to 11-15] |
none[4] 58c343a8d8[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=82 |
trace trace |
| 22:00:00 | Win2K-f | 219.254.242.215 (HANANET.NET): HANARO TELECOM INC, SEOUL, KYONGGI-DO, KR. |
79.132.211.24:65520 | US:microsoft.com EU:proxim.ircgalaxy.pl |
135 | pcap | raw alerts ruleset |
irc 115 lines |
Yeah : 1.8 profile |
none | summary tarball |
30 of 33 28 of 33 |
533d15b5ce [Firefox:46 hits: 06-21 to 11-15] 58c343a8d8 [Firefox:50 hits: 06-21 to 11-15] |
none[4] 58c343a8d8[1] |
none:none ASM:Graph |
tElock| Armadillo| |
none lines=82 |
trace trace |
| 22:24:00 | Win2K-f | 220.130.83.3 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 95 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 33 29 of 32 |
57ce4acac2 [Firefox:352 hits: 06-17 to 11-16] 83f26f5044 [Firefox:40 hits: 06-20 to 11-15] |
57ce4acac2 [1] none [4] |
ASM:Graph none:none |
Armadillo| tElock| |
lines=81 none |
trace trace |
| 22:36:00 | Win2K-f | 115.83.107.74 (-): . |
79.132.211.24:65520 | EU:proxim.ircgalaxy.pl US:microsoft.com |
135 | pcap | raw alerts ruleset |
irc 251 lines |
Yeah : 1.8 profile |
none | summary tarball |
32 of 36 34 of 36 |
141fdddae5 NEW 79ffce1bee NEW |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| T:22:38:00 | WinXP | 115.83.107.74 (-): . |
n/a | EU:proxim.ircgalaxy.pl US:microsoft.com EU:79.132.211.24:65520 |
135 | pcap | raw alerts ruleset |
other 238 lines |
Yeah : 1.3 profile |
none | summary tarball |
32 of 36 34 of 36 |
141fdddae5 NEW 79ffce1bee NEW |
none[none] none [none] |
none:none none:none |
none|none none|none |
none none |
none none |
| 22:44:00 | WinXP | 218.228.28.116 (CTT.NE.JP): CABLE TELEVISION TOYAMA INCORPORETED, TOKYO, TOKYO, JP. |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
35 of 36 | f74a5dfcc8 NEW |
none[none] | none:none |
none|none | none | none |
| 23:06:00 | Win2K-f | 78.106.74.107 (CORBINA.NET): INVESTELEKTROSVIAZ LTD, RU. |
79.132.211.24:65520 | EU:proxim.ircgalaxy.pl | 445 | pcap | raw alerts ruleset |
irc 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 23:14:00 | WinXP | 76.188.43.228 (RR.COM): ROAD RUNNER HOLDCO LLC, NEW PHILADELPHIA, OHIO, US. |
n/a | 135 | pcap | raw alerts ruleset |
other 10 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 23:22:00 | Win2K-f | 166.164.175.153 (MYVZW.COM): SERVICE PROVIDER CORPORATION, FARMINGTON, NEW MEXICO, US. |
n/a | 135 | pcap | raw alerts ruleset |
other 4 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 23:24:00 | Win2K-f | 67.150.8.90 (MDSG-PACWEST.COM): PAC-WEST MANAGED MODEM NAS POOL, LOS ANGELES, CALIFORNIA, US. |
n/a | 135 | pcap | raw alerts ruleset |
other 13 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 23:52:00 | WinXP | 87.110.154.38 (-): ADDRESS POOL FOR LTC-HOME CUSTOMERS, RIGA, RIGA, LV. |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
34 of 35 | 985b9b9708 [Firefox: 4 hits: 10-25 to 11-10] |
none[none] | none:none |
none|none | none | none |