{ "Event": { "analysis": "2", "date": "2017-11-06", "extends_uuid": "", "info": "OSINT - OceanLotus Blossoms: Mass Digital Surveillance and Attacks Targeting ASEAN, Asian Nations, the Media, Human Rights Groups, and Civil Society", "publish_timestamp": "1514467381", "published": true, "threat_level_id": "3", "timestamp": "1511385841", "uuid": "5a015fbc-3218-4ec8-a4e5-4622950d210f", "Orgc": { "name": "CIRCL", "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f" }, "Tag": [ { "colour": "#0088cc", "name": "misp-galaxy:threat-actor=\"APT32\"" }, { "colour": "#004646", "name": "type:OSINT" }, { "colour": "#ffffff", "name": "tlp:white" }, { "colour": "#00223b", "name": "osint:source-type=\"blog-post\"" } ], "Attribute": [ { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1510039583", "to_ids": false, "type": "link", "uuid": "5a015fde-71a4-4b05-972b-4cfe950d210f", "value": "https://www.volexity.com/blog/2017/11/06/oceanlotus-blossoms-mass-digital-surveillance-and-exploitation-of-asean-nations-the-media-human-rights-and-civil-society/", "Tag": [ { "colour": "#00223b", "name": "osint:source-type=\"blog-post\"" } ] }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1510039575", "to_ids": false, "type": "comment", "uuid": "5a01600c-8a74-44df-a3f0-434b950d210f", "value": "In May 2017, Volexity identified and started tracking a very sophisticated and extremely widespread mass digital surveillance and attack campaign targeting several Asian nations, the ASEAN organization, and hundreds of individuals and organizations tied to media, human rights and civil society causes. These attacks are being conducted through numerous strategically compromised websites and have occurred over several high-profile ASEAN summits. Volexity has tied this attack campaign to an advanced persistent threat (APT) group first identified as OceanLotus by SkyEye Labs in 2015. OceanLotus, also known as APT32, is believed to be a Vietnam-based APT group that has become increasingly sophisticated in its attack tactics, techniques, and procedures (TTPs). Volexity works closely with several human rights and civil society organizations. A few of these organizations have specifically been targeted by OceanLotus since early 2015. As a result, Volexity has been able to directly observe and investigate various attack campaigns.", "Tag": [ { "colour": "#00223b", "name": "osint:source-type=\"blog-post\"" } ] }, { "category": "Network activity", "comment": "ASEAn Compromised Sites", "deleted": false, "disable_correlation": false, "timestamp": "1510040677", "to_ids": true, "type": "url", "uuid": "5a016465-be78-4065-9553-434c950d210f", "value": "sean.org/modules/aseanmail/js/wp-mailinglist.js" }, { "category": "Network activity", "comment": "ASEAn Compromised Sites", "deleted": false, "disable_correlation": false, "timestamp": "1510040677", "to_ids": true, "type": "url", "uuid": "5a016465-17fc-4d5e-a695-4649950d210f", "value": "asean.org/modules/wordpress-popup/inc/external/wpmu-lib/js/wpmu-ui.3.min.js" }, { "category": "Network activity", "comment": "ASEAn Compromised Sites", "deleted": false, "disable_correlation": false, "timestamp": "1510040677", "to_ids": true, "type": "hostname", "uuid": "5a016465-e870-42df-a117-44fe950d210f", "value": "atr.asean.org" }, { "category": "Network activity", "comment": "ASEAn Compromised Sites", "deleted": false, "disable_correlation": false, "timestamp": "1510040677", "to_ids": true, "type": "hostname", "uuid": "5a016465-781c-403d-9c5a-4ba5950d210f", "value": "investasean.asean.org" }, { "category": "Network activity", "comment": "Cambodia Compromised Sites", "deleted": false, "disable_correlation": false, "timestamp": "1510040784", "to_ids": true, "type": "url", "uuid": "5a0164d0-ea40-4479-b64b-470b950d210f", "value": "www.mfa.gov.kh/jwplayer.js" }, { "category": "Network activity", "comment": "Cambodia Compromised Sites", "deleted": false, "disable_correlation": false, "timestamp": "1510040784", "to_ids": true, "type": "url", "uuid": "5a0164d0-2444-4a11-b873-4dac950d210f", "value": "www.moe.gov.kh/other/js/jquery/jquery.js" }, { "category": "Network activity", "comment": "Cambodia Compromised Sites", "deleted": false, "disable_correlation": false, "timestamp": "1510040784", "to_ids": true, "type": "hostname", "uuid": "5a0164d0-d4ac-4e59-a916-4866950d210f", "value": "www.mcs.gov.kh" }, { "category": "Network activity", "comment": "Cambodia Compromised Sites", "deleted": false, "disable_correlation": false, "timestamp": "1510040784", "to_ids": true, "type": "url", "uuid": "5a0164d0-9770-4fd8-8862-4889950d210f", "value": "www.police.gov.kh/wp-includes/js/jquery/jquery.js?ver=1.12.4" }, { "category": "Network activity", "comment": "Cambodia Compromised Sites", "deleted": false, "disable_correlation": false, "timestamp": "1510040784", "to_ids": true, "type": "url", "uuid": "5a0164d0-ea18-4399-ae85-40dc950d210f", "value": "wtemplates/monasri_template/js/menu/mega.js" }, { "category": "Network activity", "comment": "Cambodia Compromised Sites", "deleted": false, "disable_correlation": false, "timestamp": "1510040784", "to_ids": true, "type": "url", "uuid": "5a0164d0-3eb4-4504-951f-48ff950d210f", "value": "www.mosvy.gov.kh/public/js/default.js" }, { "category": "Network activity", "comment": "Cambodia Compromised Sites", "deleted": false, "disable_correlation": false, "timestamp": "1510040784", "to_ids": true, "type": "hostname", "uuid": "5a0164d0-43a0-438f-b5db-4286950d210f", "value": "www.necelect.org.kh" }, { "category": "Network activity", "comment": "China Compromised Sites", "deleted": false, "disable_correlation": false, "timestamp": "1510041058", "to_ids": true, "type": "domain", "uuid": "5a0165e2-dff8-478d-9d06-4470950d210f", "value": "bdstarlbs.com" }, { "category": "Network activity", "comment": "China Compromised Sites", "deleted": false, "disable_correlation": false, "timestamp": "1510041058", "to_ids": true, "type": "hostname", "uuid": "5a0165e2-78b4-4e4f-bdb7-46a3950d210f", "value": "www.navchina.com" }, { "category": "Network activity", "comment": "China Compromised Sites", "deleted": false, "disable_correlation": false, "timestamp": "1510041058", "to_ids": true, "type": "url", "uuid": "5a0165e2-59bc-4169-b93c-4904950d210f", "value": "www.chinaoil.com.cn/chinaoil/xhtml/js/jquery-1.7.2.min.js" }, { "category": "Network activity", "comment": "Laos Compromised Sites", "deleted": false, "disable_correlation": false, "timestamp": "1510041093", "to_ids": true, "type": "hostname", "uuid": "5a016605-4104-4b06-93ab-4bcb950d210f", "value": "bokeo.gov.la" }, { "category": "Network activity", "comment": "Laos Compromised Sites", "deleted": false, "disable_correlation": false, "timestamp": "1510041093", "to_ids": true, "type": "url", "uuid": "5a016605-ad48-4efb-a0f0-4972950d210f", "value": "www.mpwt.gov.la/media/system/js/mootools-core.js" }, { "category": "Network activity", "comment": "Philippines Compromised Sites", "deleted": false, "disable_correlation": false, "timestamp": "1510041131", "to_ids": true, "type": "url", "uuid": "5a01662b-dee8-446d-b841-4011950d210f", "value": "www.afp.mil.ph/modules/mod_js_flexslider/assets/js/jquery.easing.js" }, { "category": "Network activity", "comment": "Philippines Compromised Sites", "deleted": false, "disable_correlation": false, "timestamp": "1510041131", "to_ids": true, "type": "hostname", "uuid": "5a01662b-c0fc-4eaf-8bc7-4873950d210f", "value": "op-proper.gov.ph" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1510041595", "to_ids": true, "type": "url", "uuid": "5a0167fb-668c-4e55-9b2b-4336950d210f", "value": "ttps://health-ray-id.com/robot.txt" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1510041622", "to_ids": true, "type": "url", "uuid": "5a016816-e234-46dc-927d-47f3950d210f", "value": "http://ad.jqueryclick.com/assets/adv.js" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1510041659", "to_ids": true, "type": "domain", "uuid": "5a01683b-fa34-4e9c-b9ee-4170950d210f", "value": "health-ray-id.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1510041900", "to_ids": true, "type": "hostname", "uuid": "5a01692c-b234-4560-8ff2-418e950d210f", "value": "dload01.s3.amazonaws.com" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1510041900", "to_ids": true, "type": "hostname", "uuid": "5a01692c-7450-414a-83c4-442a950d210f", "value": "download-attachments.s3.amazonaws.com" }, { "category": "Network activity", "comment": "sinkholed", "deleted": false, "disable_correlation": false, "timestamp": "1510049097", "to_ids": true, "type": "hostname", "uuid": "5a018549-d3e8-4157-a870-452d950d210f", "value": "api.fbconnect.net" } ], "Object": [ { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510047094", "uuid": "5a017d76-bcd0-4731-a3af-4088950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510047094", "to_ids": true, "type": "ip-dst", "uuid": "5a017d76-fc84-4435-a746-4f5c950d210f", "value": "2001:19f0:4400:48ea:5400:ff:fe71:3201" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510047094", "to_ids": true, "type": "ip-dst", "uuid": "5a017d76-fb88-4b1e-bbf4-453e950d210f", "value": "45.76.147.201" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510047094", "to_ids": true, "type": "domain", "uuid": "5a017d76-e87c-49d8-832a-430c950d210f", "value": "a.doulbeclick.org" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510047202", "uuid": "5a017de2-7cbc-4681-b527-4be0950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510047202", "to_ids": true, "type": "ip-dst", "uuid": "5a017de2-7a6c-4a96-9739-42b3950d210f", "value": "2001:19f0:4400:48fd:5400:ff:fe71:3202" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510047202", "to_ids": true, "type": "ip-dst", "uuid": "5a017de2-7508-49e5-aac2-4f58950d210f", "value": "45.77.39.101" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510047202", "to_ids": true, "type": "domain", "uuid": "5a017de2-73ac-4e4b-853a-40c0950d210f", "value": "ad.adthis.org" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510047245", "uuid": "5a017e0d-6040-4ac6-81cb-46f3950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510047245", "to_ids": true, "type": "ip-dst", "uuid": "5a017e0d-ba40-466c-9d67-4392950d210f", "value": "64.62.174.146" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510047245", "to_ids": true, "type": "domain", "uuid": "5a017e0d-c7a4-42ae-a0dd-41c2950d210f", "value": "ad.jqueryclick.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510047371", "uuid": "5a017e8b-7a68-4226-abac-0d33950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510047371", "to_ids": true, "type": "ip-dst", "uuid": "5a017e8b-5afc-4dd0-9ea1-0d33950d210f", "value": "64.62.174.41" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510047372", "to_ids": true, "type": "domain", "uuid": "5a017e8c-5294-40ef-b9f2-0d33950d210f", "value": "api.querycore.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510047390", "uuid": "5a017e9e-bf84-4203-bd90-0eb2950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510047391", "to_ids": true, "type": "ip-dst", "uuid": "5a017e9f-6110-43ae-b1eb-0eb2950d210f", "value": "79.143.87.174" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510047391", "to_ids": true, "type": "domain", "uuid": "5a017e9f-bc78-4792-bb6e-0eb2950d210f", "value": "browser-extension.jdfkmiabjpfjacifcmihfdjhpnjpiick.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510047439", "uuid": "5a017ecf-d338-4c0e-82ed-459e950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510047439", "to_ids": true, "type": "ip-dst", "uuid": "5a017ecf-25c4-4a4d-a334-4cdb950d210f", "value": "128.199.227.80" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510047439", "to_ids": true, "type": "domain", "uuid": "5a017ecf-a86c-4273-a713-4be5950d210f", "value": "cdn-js.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510047479", "uuid": "5a017ef7-2614-4aca-9e99-1703950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510047479", "to_ids": true, "type": "ip-dst", "uuid": "5a017ef7-5f24-4aaf-8218-1703950d210f", "value": "45.32.100.179" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510047479", "to_ids": true, "type": "ip-dst", "uuid": "5a017ef7-ea04-4e4c-8309-1703950d210f", "value": "2001:19f0:4400:4798:5400:ff:fe71:3200" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510047479", "to_ids": true, "type": "domain", "uuid": "5a017ef7-ab98-45f7-b832-1703950d210f", "value": "cdn.adsfly.co" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510047514", "uuid": "5a017f1a-4ed4-4b6a-9be9-4325950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510047514", "to_ids": true, "type": "ip-dst", "uuid": "5a017f1a-7c68-462c-99fa-4394950d210f", "value": "45.76.179.28" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510047514", "to_ids": true, "type": "ip-dst", "uuid": "5a017f1a-fc18-453c-91fc-4e0d950d210f", "value": "2001:19f0:4400:4989:5400:ff:fe71:3204" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510047514", "to_ids": true, "type": "domain", "uuid": "5a017f1a-0050-4a87-97f6-4765950d210f", "value": "cdn.disqusapi.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510047794", "uuid": "5a018032-c934-4a40-8ecd-474a950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510047795", "to_ids": true, "type": "ip-dst", "uuid": "5a018033-a198-4349-a3dd-4355950d210f", "value": "45.32.105.45" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510047795", "to_ids": true, "type": "domain", "uuid": "5a018033-f7c4-48d1-9f67-486c950d210f", "value": "cloudflare-api.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510047820", "uuid": "5a01804c-f5f4-4d3d-9500-483a950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510047820", "to_ids": true, "type": "ip-dst", "uuid": "5a01804c-2184-4101-8241-4617950d210f", "value": "139.59.223.191" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510047820", "to_ids": true, "type": "domain", "uuid": "5a01804c-0c80-4d13-bf04-4d2a950d210f", "value": "cory.ns.webjzcnd.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510047883", "uuid": "5a01808b-1128-4b84-9613-45bd950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510047883", "to_ids": true, "type": "ip-dst", "uuid": "5a01808b-d21c-4684-812b-4367950d210f", "value": "45.114.117.164" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510047883", "to_ids": true, "type": "domain", "uuid": "5a01808b-e88c-42ad-a4f5-4ebb950d210f", "value": "googlescripts.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510047915", "uuid": "5a0180ab-574c-4bb7-9de7-43f8950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510047915", "to_ids": true, "type": "ip-dst", "uuid": "5a0180ab-b6c8-4682-8bf5-48e3950d210f", "value": "2604:a880:2:d0::378c:e001" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510047915", "to_ids": true, "type": "ip-dst", "uuid": "5a0180ab-aa3c-47dc-aef5-4072950d210f", "value": "138.197.236.215" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510047915", "to_ids": true, "type": "domain", "uuid": "5a0180ab-3d88-40f8-9dcb-42cb950d210f", "value": "health-ray-id.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510047943", "uuid": "5a0180c7-4214-4ec2-b646-48ae950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510047943", "to_ids": true, "type": "ip-dst", "uuid": "5a0180c7-7864-40d8-8012-43c8950d210f", "value": "45.32.114.49" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510047943", "to_ids": true, "type": "domain", "uuid": "5a0180c7-67f4-4b31-af1f-47d4950d210f", "value": "hit.asmung.net" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510047972", "uuid": "5a0180e4-946c-4205-8b20-0d8d950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510047972", "to_ids": true, "type": "ip-dst", "uuid": "5a0180e4-99f8-4022-af14-0d8d950d210f", "value": "45.32.105.45" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510047972", "to_ids": true, "type": "domain", "uuid": "5a0180e4-becc-46d9-9729-0d8d950d210f", "value": "jquery.google-script.org" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510048026", "uuid": "5a01811a-0d64-4ab9-b38e-40af950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510048026", "to_ids": true, "type": "ip-dst", "uuid": "5a01811a-1a74-4416-a35c-4838950d210f", "value": "45.76.179.151" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510048026", "to_ids": true, "type": "ip-dst", "uuid": "5a01811a-f8a8-4f07-9f54-472e950d210f", "value": "2001:19f0:4400:48fd:5400:ff:fe71:3202" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510048026", "to_ids": true, "type": "domain", "uuid": "5a01811a-ef84-4e3d-8ecb-4f92950d210f", "value": "js.ecommer.org" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510048060", "uuid": "5a01813c-4ed0-4613-9fac-47ea950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510048060", "to_ids": true, "type": "ip-dst", "uuid": "5a01813c-aac0-4dc0-a1c0-4d4b950d210f", "value": "64.62.174.17" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510048060", "to_ids": true, "type": "domain", "uuid": "5a01813c-9e44-4c4d-b931-4c9a950d210f", "value": "s.jscore-group.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510048142", "uuid": "5a01818e-ce74-42d4-8113-4559950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510048142", "to_ids": true, "type": "ip-dst", "uuid": "5a01818e-61c8-4b55-b745-4af2950d210f", "value": "103.28.44.112" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510048143", "to_ids": true, "type": "domain", "uuid": "5a01818f-3b0c-46c9-b1eb-4de9950d210f", "value": "s1.gridsumcontent.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510048164", "uuid": "5a0181a4-5514-47c0-80cd-4ec7950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510048165", "to_ids": true, "type": "ip-dst", "uuid": "5a0181a5-a1c4-43e3-a9fc-483b950d210f", "value": "64.62.174.145" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510048165", "to_ids": true, "type": "domain", "uuid": "5a0181a5-c728-4d4d-a8c8-4c78950d210f", "value": "s1.jqueryclick.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510048189", "uuid": "5a0181bd-c558-40fb-8162-4cfa950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510048189", "to_ids": true, "type": "ip-dst", "uuid": "5a0181bd-6ca0-4b5a-80a3-4fb0950d210f", "value": "37.59.198.131" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510048189", "to_ids": true, "type": "domain", "uuid": "5a0181bd-4250-424e-bbb3-4083950d210f", "value": "ssl.security.akamaihd-d.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510048317", "uuid": "5a01823d-e308-4c1e-a533-0eb2950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510048317", "to_ids": true, "type": "ip-dst", "uuid": "5a01823d-6e10-4383-92ad-0eb2950d210f", "value": "203.114.75.22" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510048317", "to_ids": true, "type": "domain", "uuid": "5a01823d-77b8-45f0-86c4-0eb2950d210f", "value": "stat.cdnanalytic.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510048342", "uuid": "5a018256-7ca4-429e-8842-4419950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510048343", "to_ids": true, "type": "ip-dst", "uuid": "5a018257-b2d8-4bbb-a890-4df5950d210f", "value": "64.62.174.99" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510048343", "to_ids": true, "type": "domain", "uuid": "5a018257-617c-4ee7-8bf1-4c28950d210f", "value": "stats.widgetapi.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510048370", "uuid": "5a018272-5dbc-441f-a8a5-4d25950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510048370", "to_ids": true, "type": "ip-dst", "uuid": "5a018272-d0ec-46fa-8c43-4d34950d210f", "value": "203.114.75.73" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510048370", "to_ids": true, "type": "domain", "uuid": "5a018272-9758-4503-ab16-4e7d950d210f", "value": "track-google.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510048394", "uuid": "5a01828a-6370-4449-9de8-0ab1950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510048395", "to_ids": true, "type": "ip-dst", "uuid": "5a01828b-0110-43d4-b131-0ab1950d210f", "value": "89.33.64.207" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510048395", "to_ids": true, "type": "domain", "uuid": "5a01828b-93b0-4d73-8076-0ab1950d210f", "value": "update.security.akamaihd-d.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510048431", "uuid": "5a0182af-e47c-4284-a567-487a950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510048431", "to_ids": true, "type": "ip-dst", "uuid": "5a0182af-6428-4ae1-915d-426c950d210f", "value": "188.166.219.18" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510048431", "to_ids": true, "type": "ip-dst", "uuid": "5a0182af-4cec-4b4e-ae2c-46a8950d210f", "value": "2400:6180:0:d0::4315:d001" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510048431", "to_ids": true, "type": "domain", "uuid": "5a0182af-0250-4064-8d91-48c1950d210f", "value": "update.webfontupdate.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510048728", "uuid": "5a0183d8-9dc8-496a-a5b2-4681950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510048728", "to_ids": true, "type": "ip-dst", "uuid": "5a0183d8-4c24-4a14-85be-462e950d210f", "value": "2001:19f0:4400:4798:5400:ff:fe71:3200" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510048728", "to_ids": true, "type": "ip-dst", "uuid": "5a0183d8-ef74-4e98-9e4f-4715950d210f", "value": "45.32.100.179" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510048728", "to_ids": true, "type": "domain", "uuid": "5a0183d8-8194-4819-bcfd-4e54950d210f", "value": "wiget.adsfly.co" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510048757", "uuid": "5a0183f5-8144-446c-bfd2-425d950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510048757", "to_ids": true, "type": "ip-dst", "uuid": "5a0183f5-916c-470e-a0cb-43b9950d210f", "value": "139.59.217.207" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510048757", "to_ids": true, "type": "ip-dst", "uuid": "5a0183f5-b6f0-48bd-b843-45c4950d210f", "value": "2400:6180:0:d0::4315:7001" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510048758", "to_ids": true, "type": "domain", "uuid": "5a0183f6-8f68-4049-86b8-4049950d210f", "value": "www.googleuserscontent.org" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510048862", "uuid": "5a01845e-d6bc-49a5-be8f-4c76950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510048862", "to_ids": true, "type": "ip-dst", "uuid": "5a01845e-4774-4714-a11f-42b7950d210f", "value": "64.62.174.16" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510048862", "to_ids": true, "type": "domain", "uuid": "5a01845e-6068-4ff4-9aba-46a4950d210f", "value": "ad.linksys-analytic.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510048902", "uuid": "5a018486-4088-4256-90f9-6986950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510048902", "to_ids": true, "type": "ip-dst", "uuid": "5a018486-a33c-4068-9890-6986950d210f", "value": "45.77.39.101" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510048902", "to_ids": true, "type": "ip-dst", "uuid": "5a018486-402c-42f6-81c0-6986950d210f", "value": "2001:19f0:4400:48fd:5400:ff:fe71:3202" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510048902", "to_ids": true, "type": "domain", "uuid": "5a018486-5efc-425c-8035-6986950d210f", "value": "ads.alternativeads.net" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510048946", "uuid": "5a0184b2-6714-47db-b3c4-0ab1950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510048946", "to_ids": true, "type": "ip-dst", "uuid": "5a0184b2-9d04-4808-aa59-0ab1950d210f", "value": "64.62.174.146" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510048946", "to_ids": true, "type": "domain", "uuid": "5a0184b2-0140-40b3-b108-0ab1950d210f", "value": "api.2nd-weibo.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510049001", "uuid": "5a0184e9-de84-4278-adce-6995950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510049001", "to_ids": true, "type": "ip-dst", "uuid": "5a0184e9-27b4-4e2b-8355-6995950d210f", "value": "64.62.174.41" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510049001", "to_ids": true, "type": "domain", "uuid": "5a0184e9-37f4-41ac-9db7-6995950d210f", "value": "api.analyticsearch.org" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510049050", "uuid": "5a01851a-4c40-41b6-a5ce-460e950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510049050", "to_ids": true, "type": "ip-dst", "uuid": "5a01851a-4e08-4954-a312-4646950d210f", "value": "79.143.87.174" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510049050", "to_ids": true, "type": "domain", "uuid": "5a01851a-1a90-4717-8358-4aa9950d210f", "value": "api.baiduusercontent.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510049074", "uuid": "5a018532-1c78-4347-ab34-49c8950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510049074", "to_ids": true, "type": "ip-dst", "uuid": "5a018532-c4c0-479f-b4e0-4ad8950d210f", "value": "128.199.227.80" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510049074", "to_ids": true, "type": "domain", "uuid": "5a018532-870c-4ba4-9e04-48fa950d210f", "value": "api.disquscore.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510049128", "uuid": "5a018568-8b80-4ccf-a093-6bc1950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510049128", "to_ids": true, "type": "ip-dst", "uuid": "5a018568-1594-407c-860e-6bc1950d210f", "value": "89.33.64.232" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510049128", "to_ids": true, "type": "domain", "uuid": "5a018568-ad88-42a2-9ae3-6bc1950d210f", "value": "cache.akamaihd-d.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510049265", "uuid": "5a0185f1-31d8-4801-8a7a-45ba950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510049265", "to_ids": true, "type": "ip-dst", "uuid": "5a0185f1-f6c4-4297-b2dc-4e8c950d210f", "value": "139.59.217.207" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510049265", "to_ids": true, "type": "ip-dst", "uuid": "5a0185f1-0c30-4fc7-bfec-4cd4950d210f", "value": "2400:6180:0:d0::4315:7001" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510049265", "to_ids": true, "type": "domain", "uuid": "5a0185f1-e354-4530-9b45-4532950d210f", "value": "cloud.corewidget.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510049297", "uuid": "5a018611-d4f8-46b1-a553-4d8a950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510049297", "to_ids": true, "type": "ip-dst", "uuid": "5a018611-65d8-4799-8103-4554950d210f", "value": "2400:6180:0:d0::4315:9001" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510049297", "to_ids": true, "type": "ip-dst", "uuid": "5a018611-c9ac-44ea-9180-4a98950d210f", "value": "139.59.220.12" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510049297", "to_ids": true, "type": "domain", "uuid": "5a018611-fafc-491d-ae8c-4721950d210f", "value": "core.alternativeads.net" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510049317", "uuid": "5a018625-d738-409f-bd65-6bc1950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510049317", "to_ids": true, "type": "ip-dst", "uuid": "5a018625-b2e4-40a5-9484-6bc1950d210f", "value": "139.59.223.191" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510049318", "to_ids": true, "type": "domain", "uuid": "5a018626-4778-43cc-93f8-6bc1950d210f", "value": "d3.advertisingbaidu.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510049337", "uuid": "5a018639-8798-441f-955c-6bc1950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510049337", "to_ids": true, "type": "ip-dst", "uuid": "5a018639-d774-4864-9781-6bc1950d210f", "value": "64.62.174.21" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510049337", "to_ids": true, "type": "domain", "uuid": "5a018639-478c-4369-a9d1-6bc1950d210f", "value": "eclick.analyticsearch.org" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510049361", "uuid": "5a018651-f3bc-4fea-b802-0ab1950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510049361", "to_ids": true, "type": "ip-dst", "uuid": "5a018651-5dd8-47c1-b2f9-0ab1950d210f", "value": "45.32.105.45" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510049362", "to_ids": true, "type": "domain", "uuid": "5a018652-8258-4fe2-93cb-0ab1950d210f", "value": "google-js.net" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510049383", "uuid": "5a018667-7df8-4954-a883-4ef1950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510049383", "to_ids": true, "type": "ip-dst", "uuid": "5a018667-560c-4a56-86b6-4396950d210f", "value": "45.32.105.45" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510049383", "to_ids": true, "type": "domain", "uuid": "5a018667-cc18-41e7-88bd-4c48950d210f", "value": "google-js.org" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510049654", "uuid": "5a018776-959c-496b-aa29-4840950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510049654", "to_ids": true, "type": "ip-dst", "uuid": "5a018776-2e60-4286-9808-4147950d210f", "value": "45.32.105.45" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510049655", "to_ids": true, "type": "domain", "uuid": "5a018777-dd48-47e0-b76b-4b3f950d210f", "value": "google-script.net" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510049687", "uuid": "5a018797-1064-4946-855d-0ab1950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510049687", "to_ids": true, "type": "ip-dst", "uuid": "5a018797-e048-44c0-a0d2-0ab1950d210f", "value": "103.28.44.115" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510049687", "to_ids": true, "type": "domain", "uuid": "5a018797-c1c4-4251-9390-0ab1950d210f", "value": "gs.baidustats.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510049776", "uuid": "5a0187f0-d8e0-4745-9043-4572950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510049776", "to_ids": true, "type": "ip-dst", "uuid": "5a0187f0-6414-4607-8fb4-47c7950d210f", "value": "139.59.220.10" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510049777", "to_ids": true, "type": "ip-dst", "uuid": "5a0187f1-3be0-4e30-abd4-458b950d210f", "value": "2400:6180:0:d0::4315:8001" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510049777", "to_ids": true, "type": "domain", "uuid": "5a0187f1-12dc-43d4-b299-4526950d210f", "value": "linked.livestreamanalytic.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510049827", "uuid": "5a018824-4bdc-45df-9260-6a36950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510049828", "to_ids": true, "type": "ip-dst", "uuid": "5a018824-5100-464a-a2f7-6a36950d210f", "value": "64.62.174.17" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510049828", "to_ids": true, "type": "domain", "uuid": "5a018824-ee9c-45db-858e-6a36950d210f", "value": "linksys-analytic.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510050167", "uuid": "5a018977-3c60-4952-bcd3-4826950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510050167", "to_ids": true, "type": "ip-dst", "uuid": "5a018977-d008-4878-979e-4f1a950d210f", "value": "2400:6180:0:d0::4315:d001" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510050167", "to_ids": true, "type": "ip-dst", "uuid": "5a018977-a668-493d-81b0-414f950d210f", "value": "188.166.219.18" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510050167", "to_ids": true, "type": "domain", "uuid": "5a018977-0c48-466d-9d3e-4077950d210f", "value": "live.webfontupdate.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510050198", "uuid": "5a018996-4060-4f22-aed8-6995950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510050198", "to_ids": true, "type": "ip-dst", "uuid": "5a018996-3e18-4b87-937b-6995950d210f", "value": "2400:6180:0:d0::4315:8001" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510050199", "to_ids": true, "type": "ip-dst", "uuid": "5a018997-23b4-4bbb-be4f-6995950d210f", "value": "139.59.220.10" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510050199", "to_ids": true, "type": "domain", "uuid": "5a018997-3dcc-419d-9ab3-6995950d210f", "value": "static.livestreamanalytic.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510050236", "uuid": "5a0189bc-5860-4bcf-af54-445f950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510050237", "to_ids": true, "type": "ip-dst", "uuid": "5a0189bd-a488-499c-9e02-4e37950d210f", "value": "2400:6180:0:d0::4315:7001" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510050237", "to_ids": true, "type": "ip-dst", "uuid": "5a0189bd-c5fc-43d1-aa09-40eb950d210f", "value": "139.59.217.207" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510050237", "to_ids": true, "type": "domain", "uuid": "5a0189bd-11cc-4956-957c-42e7950d210f", "value": "stats.corewidget.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510050259", "uuid": "5a0189d3-546c-494a-b9cc-6bc1950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510050259", "to_ids": true, "type": "ip-dst", "uuid": "5a0189d3-b2a4-4b7d-8a2a-6bc1950d210f", "value": "37.59.198.130" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510050259", "to_ids": true, "type": "domain", "uuid": "5a0189d3-f448-4682-aea0-6bc1950d210f", "value": "update.akamaihd-d.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510050298", "uuid": "5a0189fa-7200-434b-9183-4336950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510050298", "to_ids": true, "type": "ip-dst", "uuid": "5a0189fa-ef6c-4a20-b464-4830950d210f", "value": "2400:6180:0:d0::4315:d001" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510050299", "to_ids": true, "type": "ip-dst", "uuid": "5a0189fb-8300-4721-9e94-46ad950d210f", "value": "188.166.219.18" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510050299", "to_ids": true, "type": "domain", "uuid": "5a0189fb-90f4-416f-89e7-46c5950d210f", "value": "update.webfontupdate.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510050335", "uuid": "5a018a1f-8458-40f4-9065-0d8d950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510050335", "to_ids": true, "type": "ip-dst", "uuid": "5a018a1f-9ba4-4a2b-af81-0d8d950d210f", "value": "2400:6180:0:d0::4315:c001" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510050335", "to_ids": true, "type": "ip-dst", "uuid": "5a018a1f-787c-431a-97e4-0d8d950d210f", "value": "128.199.90.216" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510050335", "to_ids": true, "type": "domain", "uuid": "5a018a1f-6034-41dd-8237-0d8d950d210f", "value": "upgrade.liveupdateplugins.com" } ] }, { "comment": "", "deleted": false, "description": "A domain and IP address seen as a tuple in a specific time frame.", "meta-category": "network", "name": "domain-ip", "template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734", "template_version": "4", "timestamp": "1510050359", "uuid": "5a018a37-0c94-40d9-9b07-42dd950d210f", "Attribute": [ { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ip", "timestamp": "1510050359", "to_ids": true, "type": "ip-dst", "uuid": "5a018a37-6180-49c2-b4c9-4e39950d210f", "value": "64.62.174.9" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "domain", "timestamp": "1510050359", "to_ids": true, "type": "domain", "uuid": "5a018a37-a448-4e01-8f14-4b9e950d210f", "value": "widget.jscore-group.com" } ] } ] } }