0.0 |
n/a |
66.152.103.73 |
80 |
172.16.4.193 |
49168 |
Generic Protocol Command Decode |
SURICATA HTTP |
unable to match response to request |
3 |
94.0 |
2678 |
104.28.18.74 |
80 |
172.16.4.193 |
49195 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
Evil Redirector Leading to EK Jul 12 2016 |
1 |
94.0 |
2678 |
104.28.18.74 |
80 |
172.16.4.193 |
49195 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
Evil Redirector Leading to EK March 15 2017 |
1 |
95.0 |
2914 |
172.16.4.193 |
49202 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI struct Oct 24 2016 (RIG-v) |
1 |
95.0 |
2914 |
172.16.4.193 |
49202 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 |
1 |
95.0 |
2914 |
172.16.4.193 |
49202 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 M2 |
1 |
95.0 |
2918 |
172.16.4.193 |
49203 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI struct Oct 24 2016 (RIG-v) |
1 |
95.0 |
2918 |
172.16.4.193 |
49203 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 |
1 |
95.0 |
2918 |
172.16.4.193 |
49203 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 M2 |
1 |
96.0 |
2945 |
172.16.4.193 |
49203 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI struct Oct 24 2016 (RIG-v) |
1 |
96.0 |
2945 |
172.16.4.193 |
49203 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 |
1 |
96.0 |
2945 |
172.16.4.193 |
49203 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 M2 |
1 |
96.0 |
2962 |
172.16.4.193 |
49202 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI struct Oct 24 2016 (RIG-v) |
1 |
96.0 |
2962 |
172.16.4.193 |
49202 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 |
1 |
96.0 |
2962 |
172.16.4.193 |
49202 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 M2 |
1 |
116.0 |
3110 |
194.87.234.129 |
80 |
172.16.4.193 |
49202 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK Landing Sep 12 2016 T2 |
1 |
116.0 |
3111 |
194.87.234.129 |
80 |
172.16.4.193 |
49203 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK Landing Sep 12 2016 T2 |
1 |
117.0 |
3116 |
172.16.4.193 |
49202 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI struct Oct 24 2016 (RIG-v) |
1 |
117.0 |
3116 |
172.16.4.193 |
49202 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 |
1 |
117.0 |
3116 |
172.16.4.193 |
49202 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 M2 |
1 |
117.0 |
3134 |
172.16.4.193 |
49203 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI struct Oct 24 2016 (RIG-v) |
1 |
117.0 |
3134 |
172.16.4.193 |
49203 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 |
1 |
117.0 |
3134 |
172.16.4.193 |
49203 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 M2 |
1 |
120.0 |
3193 |
172.16.4.193 |
49209 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI struct Oct 24 2016 (RIG-v) |
1 |
120.0 |
3193 |
172.16.4.193 |
49209 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 |
1 |
120.0 |
3193 |
172.16.4.193 |
49209 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 M2 |
1 |
121.0 |
3293 |
172.16.4.193 |
49208 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI struct Oct 24 2016 (RIG-v) |
1 |
121.0 |
3293 |
172.16.4.193 |
49208 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 |
1 |
121.0 |
3293 |
172.16.4.193 |
49208 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 M2 |
1 |
139.0 |
5163 |
172.16.4.193 |
57124 |
172.16.4.1 |
53 |
A Network Trojan was detected |
ET MALWARE |
Ransomware/Cerber Onion Domain Lookup |
1 |
139.0 |
5163 |
172.16.4.193 |
57124 |
172.16.4.1 |
53 |
Potentially Bad Traffic |
ET DNS |
Query to a *.top domain - Likely Hostile |
2 |
159.0 |
5192 |
139.59.160.143 |
80 |
172.16.4.193 |
49200 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
Evil Redirector Leading to EK March 15 2017 |
1 |
163.0 |
5287 |
172.16.4.193 |
49215 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI struct Oct 24 2016 (RIG-v) |
1 |
163.0 |
5287 |
172.16.4.193 |
49215 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 |
1 |
163.0 |
5287 |
172.16.4.193 |
49215 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 M2 |
1 |
163.0 |
5291 |
172.16.4.193 |
49216 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI struct Oct 24 2016 (RIG-v) |
1 |
163.0 |
5291 |
172.16.4.193 |
49216 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 |
1 |
163.0 |
5291 |
172.16.4.193 |
49216 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 M2 |
1 |
164.0 |
5303 |
172.16.4.193 |
49215 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI struct Oct 24 2016 (RIG-v) |
1 |
164.0 |
5303 |
172.16.4.193 |
49215 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 |
1 |
164.0 |
5303 |
172.16.4.193 |
49215 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 M2 |
1 |
164.0 |
5322 |
172.16.4.193 |
49216 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI struct Oct 24 2016 (RIG-v) |
1 |
164.0 |
5322 |
172.16.4.193 |
49216 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 |
1 |
164.0 |
5322 |
172.16.4.193 |
49216 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 M2 |
1 |
183.0 |
5460 |
172.16.4.193 |
49220 |
198.105.121.50 |
80 |
Generic Protocol Command Decode |
SURICATA HTTP |
gzip decompression failed |
3 |
183.0 |
5462 |
198.105.121.50 |
80 |
172.16.4.193 |
49220 |
Generic Protocol Command Decode |
SURICATA HTTP |
gzip decompression failed |
3 |
184.0 |
5504 |
172.16.4.193 |
49221 |
198.105.121.50 |
80 |
Potentially Bad Traffic |
ET INFO |
HTTP Request to a *.top domain |
2 |
185.0 |
5523 |
194.87.234.129 |
80 |
172.16.4.193 |
49215 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK Landing Sep 12 2016 T2 |
1 |
185.0 |
5524 |
194.87.234.129 |
80 |
172.16.4.193 |
49216 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK Landing Sep 12 2016 T2 |
1 |
185.0 |
5553 |
172.16.4.193 |
49216 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI struct Oct 24 2016 (RIG-v) |
1 |
185.0 |
5553 |
172.16.4.193 |
49216 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 |
1 |
185.0 |
5553 |
172.16.4.193 |
49216 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 M2 |
1 |
185.0 |
5573 |
172.16.4.193 |
49215 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI struct Oct 24 2016 (RIG-v) |
1 |
185.0 |
5573 |
172.16.4.193 |
49215 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 |
1 |
185.0 |
5573 |
172.16.4.193 |
49215 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 M2 |
1 |
188.0 |
5624 |
172.16.4.193 |
49223 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI struct Oct 24 2016 (RIG-v) |
1 |
188.0 |
5624 |
172.16.4.193 |
49223 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 |
1 |
188.0 |
5624 |
172.16.4.193 |
49223 |
194.87.234.129 |
80 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
RIG EK URI Struct Mar 13 2017 M2 |
1 |
208.0 |
5935 |
104.28.18.74 |
80 |
172.16.4.193 |
49214 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
Evil Redirector Leading to EK Jul 12 2016 |
1 |
208.0 |
5935 |
104.28.18.74 |
80 |
172.16.4.193 |
49214 |
Exploit Kit Activity Detected |
ET EXPLOIT_KIT |
Evil Redirector Leading to EK March 15 2017 |
1 |
227.0 |
5992 |
172.16.4.193 |
49224 |
198.105.121.50 |
80 |
Potentially Bad Traffic |
ET INFO |
HTTP Request to a *.top domain |
2 |