Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

01 May 2008
<prev>   <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.


Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]
Time
 		Victim
OS
 		Infection
Source
 		C&C
Server
 		DNS Lookups &
Failed Connects 		Infection
Port
 		Packet
Trace
 		Detection
Signatures
 		Infection
Chatter
 		BotHunter
Analysis
 		Behavioral
Cluster
 		Forensic
Logs
 		Antivirus
Labels
 		Packed Malware_Binary Unpacked egg.exe
 		Unpacked egg.asm
 		Packer PEID
 		Data Strings
 		Syscall Trace
00:17:00 WinXP 90.189.210.154 (SNT.RU):
OJSC SIBIRTELECOM,
RU. 		67.43.236.67:8080 CA:xx.ka3ek.com
CA:nadsam0.info
US:130.107.176.98:27898 		445 pcap raw alerts
ruleset 		ftp
irc
http
30 lines 		Yeah : 1.3
profile 		none summary
tarball 		14 of 32
13 of 31
14 of 31
29 of 32		 84cf854398
[Firefox: 6 hits: 03-20 to 05-01]
91e84b3054
NEW
ab989d919b
NEW
d930d42d12
[Firefox: 2 hits: 04-30 to 05-01] 		7946093a4e [0]
none [3]
e9809758bb[0]
none [3] 		ASM:Graph
none:none
none:none
none:none
 StarForce|
none|none
none|none
ASPack| 		lines=19
none
none
none 		trace
trace
trace
trace
00:26:00 Win2K-f 85.96.201.158 (TTNET.NET.TR):
ADSL-ALC-GAYRETTEPE-STATIC POOL,
KONYA, NIGDE, TR. (DSL) 		n/a  
TR:85.96.201.158:19550 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		26 of 31 cd05c2e205
NEW 		none[4] none:none
 none|none none trace
T:00:29:00 WinXP 217.96.39.133 (-):
LIQUID SYSTEMS SP. Z O.O,
PL. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
irc
22 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
00:33:00 WinXP 88.9.48.154 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
MALAGA, ANDALUCIA, ES. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
irc
22 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:00:40:00 WinXP 213.22.217.163 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
ALMADA, SETUBAL, PT. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
irc
22 lines 		Yeah : 1.3
profile 		none summary
tarball 		13 of 31 ac33159123
NEW 		none[4] none:none
 none|none none trace
T:00:41:00 Win2K-f 213.197.10.57 (CONCEPTS.NL):
WESTBRABANT NET,
AMSTERDAM, NOORD-HOLLAND, NL. (DSL) 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
irc
23 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:00:42:00 Win2K-f 60.52.103.123 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
PUCHONG, SELANGOR, MY. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		12 of 30 76b4ab852e
[Firefox:52 hits: 04-29 to 05-17] 		none[4] none:none
 none|none none trace
00:48:00 Win2K-f 85.15.254.56 (-):
ULTRACOMS-NET,
LV. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
irc
24 lines 		Yeah : 1.3
profile 		none summary
tarball 		12 of 30 ccf7ce9bb5
[Firefox: 4 hits: 05-01 to 05-18] 		none[4] none:none
 none|none none trace
00:49:00 WinXP 220.213.33.230 (WAKWAK.NE.JP):
XEPHION-CIDR-BLK,
JP. (DIAL) 		n/a   445 pcap raw alerts
ruleset 		other
0 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
00:50:00 WinXP 87.4.236.88 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
UDINE, FRIULI-VENEZIA GIULIA, IT. 		211.96.97.44:7000 US:hail.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
irc
21 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
01:05:00 WinXP 77.37.142.253 (NCNET.RU):
NCN-INFRA,
RU. 		n/a EU:siliconfireware.ru
US:searchportal.information.com
US:spi.domainsponsor.com
:landdev1.lap.internal
:www.proxy-socks.net
:wpad
DE:212.227.111.29:80
DE:217.11.54.126:80
EU:78.47.200.154:80 		445 pcap raw alerts
ruleset 		http
http
6 lines 		Yeah : 0.8
profile 		none summary
tarball 		29 of 29 0ada72d805
[Firefox:30 hits: 05-17 to 05-08] 		239ec78f15 [0] ASM:Graph
 ASPack| lines=281
embedded dns 		trace
T:01:10:00 Win2K-f 125.162.99.172 (-):
TLKM_D1_BB_SPEEDY_PG,
PALEMBANG, SUMATERA SELATAN, ID. 		n/a  
ID:125.162.99.172:15772 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:01:22:00 WinXP 82.252.1.103 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. (DSL) 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		26 of 32 d1f07d95e4
[Firefox: 2 hits: 05-01 to 05-15] 		none[4] none:none
 none|none none trace
01:32:00 WinXP 149.225.82.103 (UU.NET):
VERIZON DEUTSCHLAND GMBH,
MUNICH, BAYERN, DE. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
15 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
01:32:00 Win2K-f 217.201.13.159 (-):
TELECOM ITALIA MOBILE,
IT. 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
15 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
01:33:00 Win2K-f 92.1.136.230 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. 		85.114.137.60:80 211.96.97.44:7000 DE:proxim.ircgalaxy.pl
US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000
DE:85.114.137.60:80 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		28 of 32 07e23ff778
[Firefox: 2 hits: 05-01 to 05-05] 		e6c4bf7726 [0] ASM:Graph
 StarForce| lines=131 trace
01:40:00 Win2K-f 62.87.142.217 (NET.PL):
STATIC BROADBAND SERVICES,
WROCLAW, DOLNOSLASKIE, PL. (DIAL) 		85.114.137.60:65520 211.96.97.44:7000 DE:proxim.ircgalaxy.pl
US:hail.dns2go.com
US:scorti1.dns2go.com
DE:dl2.teenpassage.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000
DE:85.114.137.60:65520
DE:85.114.143.2:80 		445 pcap raw alerts
ruleset 		ftp
irc
17 lines 		Yeah : 1.3
profile 		none summary
tarball 		27 of 32 f7a2e2c5f9
NEW 		none[4] none:none
 none|none none trace
01:50:00 Win2K-f 116.75.169.208 (JWS.COM):
HATHWAY IP OVER CABLE INTERNET ACCESS SERVICE,
IN. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
irc
22 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
01:52:00 WinXP 79.126.25.228 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:01:54:00 Win2K-f 90.189.150.81 (SNT.RU):
NOVOSIBIRSK LOCAL TELEPHONE COMPANY (NGTS) IS STRUCTURAL DIVISION,
NOVOSIBIRSK, NOVOSIBIRSKAYA OBLAST', RU. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
01:55:00 Win2K-f 92.97.27.91 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		n/a   445 pcap raw alerts
ruleset 		other
0 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
01:57:00 WinXP 89.24.66.87 (4GINTERNET.CZ):
GPRS/UMTS CUSTOMER NETWORK,
CZ. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:02:00:00 WinXP 78.156.192.84 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		26 of 30 fd3d613e8b
NEW 		none[4] none:none
 none|none none trace
T:02:01:00 Win2K-f 79.138.191.182 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:02:05:00 WinXP 89.146.158.18 (NET.BA):
BRAS PPPOE POOL UPGRADE,
SARAJEVO, FEDERATION OF BOSNIA AND HERZEGOVINA, BA. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
02:13:00 WinXP 79.163.12.64 (-):
IDEA,
PL. 		85.114.137.60:65520 211.96.97.44:7000 DE:proxim.ircgalaxy.pl
US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000
DE:85.114.137.60:65520 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		26 of 31 9c9c104141
NEW 		none[4] none:none
 none|none none trace
02:23:00 WinXP 82.131.131.101 (INVITEL.HU):
ADSL-PPPOE-(BORS-ADSL0),
BUDAPEST, BUDAPEST, HU. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
irc
25 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
02:27:00 Win2K-f 92.46.24.190 (IKBCC.COM):
EU-ZZ,
UK. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		none 91e43fc14a
[Firefox: 6 hits: 05-01 to 05-21] 		none[4] none:none
 Obsidium| none trace
02:28:00 Win2K-f 118.100.129.77 (-):
. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
T:02:39:00 Win2K-f 125.162.101.246 (-):
TLKM_D1_BB_SPEEDY_PG,
PALEMBANG, SUMATERA SELATAN, ID. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com 		445 pcap raw alerts
ruleset 		ftp
irc
22 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:02:57:00 Win2K-f 78.61.231.158 (ZEBRA.LT):
LIETUVOS,
LT. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		28 of 31 d556805322
NEW 		none[4] none:none
 none|none none trace
03:06:00 WinXP 89.218.107.153 (ADSL.ONLINE.KZ):
KAZAKHTELECOM DATA NETWORK ADMINISTRATION,
KZ. 		n/a US:scorti1.dns2go.com
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
irc
21 lines 		Yeah : 0.8
profile 		none summary
tarball 		19 of 31 608d4c1595
[Firefox: 2 hits: 05-01 to 05-09] 		none[4] none:none
 none|none none trace
03:09:00 Win2K-f 88.171.246.33 (PROXAD.NET):
PROXAD / FREE SAS,
FR. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		24 of 29 85ec5058b0
NEW 		none[4] none:none
 none|none none trace
03:11:00 Win2K-f 190.49.248.245 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:03:14:00 Win2K-f 125.162.103.175 (-):
TLKM_D1_BB_SPEEDY_PG,
PALEMBANG, SUMATERA SELATAN, ID. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
03:16:00 Win2K-f 62.99.36.32 (CLIENTES.EUSKALTEL.ES):
GLOBAL TELECOMMUNICATION SERVICE PROVIDER,
ES. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
03:25:00 Win2K-f 89.124.86.12 (IRISHBROADBAND.IE):
ESB ORANMORE CUSTOMER EXPANSION,
IE. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
irc
22 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:03:27:00 WinXP 89.169.109.184 (-):
MOSINFOLINE,
RU. 		n/a US:scorti1.dns2go.com
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 31 c1f12e0109
[Firefox:21 hits: 04-28 to 05-17] 		none[4] none:none
 none|none none trace
03:30:00 WinXP 79.138.155.145 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
irc
25 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
03:32:00 Win2K-f 85.24.132.49 (BAHNHOF.SE):
CUSTOMERS CONNECTED VIA TERACOM IN SWEDEN,
SE. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
03:35:00 WinXP 85.24.168.156 (BAHNHOF.SE):
BAHNHOF INTERNET AB,
SE. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
03:42:00 Win2K-f 60.50.103.55 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:03:44:00 WinXP 41.210.205.110 (-):
. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
irc
23 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
03:46:00 WinXP 88.25.222.66 (RIMA-TDE.NET):
TELEFONICA DE ESPANA (NCC#2006112951),
DE BILT, UTRECHT, NL. 		n/a   445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
03:53:00 WinXP 92.96.208.197 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:04:04:00 WinXP 200.157.73.118 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
15 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
04:05:00 Win2K-f 87.97.127.22 (INVITEL.HU):
ADSL-PPPOE-(GOD-ADSL1),
HU. 		n/a US:scorti1.dns2go.com
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		20 of 31 bfab284e67
[Firefox: 3 hits: 05-01 to 05-05] 		13a0c147f5 [0] ASM:Graph
 ASProtect| lines=420
embedded dns 		trace
04:08:00 WinXP 78.37.83.200 (LSI.RU):
OJSC NORTH-WEST TELECOM,
RU. 		n/a US:scorti1.dns2go.com
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		9 of 32 2cbd59e102
[Firefox:12 hits: 12-29 to 05-17] 		a3aefdb837 [0] ASM:Graph
 ASPack| lines=607
embedded dns 		trace
04:12:00 Win2K-f 60.53.162.139 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
SHAH ALAM, SELANGOR, MY. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
irc
20 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:04:18:00 Win2K-f 60.242.3.32 (TPGI.COM.AU):
AUSTRALIAN ISP,
AU. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
04:23:00 WinXP 92.40.2.88 (IKBCC.COM):
EU-ZZ,
UK. 		85.114.137.60:80 DE:proxim.ircgalaxy.pl
DE:85.114.137.60:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 1.3
profile 		none summary
tarball 		29 of 31 6fd562b88c
NEW 		none[3] none:none
 ASPack| none trace
04:36:00 WinXP 89.35.187.39 (-):
SC NOR ATLANTIS PREST SRL,
PLOIESTI, PRAHOVA, RO. 		85.114.137.60:65520 DE:proxim.ircgalaxy.pl
UA:citi-bank.ru
DE:85.114.137.60:65520 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 1.3
profile 		none summary
tarball 		31 of 32 fde6753cd2
[Firefox: 2 hits: 04-16 to 05-01] 		ca2ee8500c [0] ASM:Graph
 PolyEnE| lines=136 trace
T:04:42:00 Win2K-f 77.202.72.17 (GAOLAND.NET):
DYNAMIC POOLS,
FR. 		n/a   445 pcap raw alerts
ruleset 		ftp
13 lines 		Yeah : 0.8
profile 		none summary
tarball 		20 of 32 29f0569b6b
[Firefox: 7 hits: 02-04 to 05-01] 		025d039154 [0] ASM:Graph
 PEEncrypt| lines=485
embedded dns 		trace
04:43:00 Win2K-f 82.200.247.19 (-):
ALMATYTELECOM,
KZ. 		n/a   445 pcap raw alerts
ruleset 		ftp
11 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
05:01:00 Win2K-f 78.96.100.115 (ASTRAL.RO):
ASTRAL TELECOM SA,
RO. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
15 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:05:16:00 WinXP 62.61.44.63 (-):
AD-PUBLIC,
DE. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
05:25:00 Win2K-f 79.138.253.209 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
05:30:00 Win2K-f 92.47.82.70 (IKBCC.COM):
EU-ZZ,
UK. 		n/a US:scorti1.dns2go.com
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		20 of 31 af98fe0c94
[Firefox:71 hits: 04-27 to 05-21] 		480d076a0a [0] ASM:Graph
 ASProtect| lines=422
embedded dns 		trace
05:38:00 WinXP 88.75.38.117 (ARCOR-IP.NET):
ARCOR-DSL-NET,
DE. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		none 91e43fc14a
[Firefox: 6 hits: 05-01 to 05-21] 		none[4] none:none
 Obsidium| none trace
T:05:45:00 WinXP 89.166.166.102 (OSNANET.DE):
OSNATEL-SUBNET FOR ADSL DIAL-UP,
DE. (DSL) 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
irc
24 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:05:46:00 Win2K-f 82.51.114.184 (POOL8251.INTERBUSINESS.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
CHIETI, ABRUZZI, IT. 		211.96.97.44:7000 US:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
irc
28 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
05:52:00 Win2K-f 82.242.54.83 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. (DSL) 		n/a   445 pcap raw alerts
ruleset 		ftp
12 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
05:55:00 Win2K-f 60.53.119.40 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:06:04:00 WinXP 79.184.46.85 (TPNET.PL):
TPSA,
PL. 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		29 of 29 1a2c0e6130
[Firefox:393 hits: 12-31 to 05-21] 		048df78048 [0] ASM:Graph
 none|none lines=61 trace
06:07:00 Win2K-f 78.130.153.116 (-):
ITD,
BG. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
06:12:00 WinXP 89.28.16.110 (89-28-0-10.STARNET.MD):
STARNET,
CHISINAU, CHISINAU, MD. 		n/a   445 pcap raw alerts
ruleset 		other
0 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:06:13:00 WinXP 86.142.124.68 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
UK. 		n/a   445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		10 of 32 639a247ece
[Firefox:32 hits: 04-28 to 05-18] 		29d53eec72 [0] ASM:Graph
 StarForce| lines=132 trace
06:46:00 Win2K-f 81.193.95.163 (DSL.TELEPAC.PT):
TELEPAC - COMUNICACOES INTERACTIVAS SA,
MAIA, PORTO, PT. (DSL) 		211.96.97.44:7000 US:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
irc
24 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:07:04:00 Win2K-f 201.76.244.147 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
07:08:00 WinXP 85.243.36.174 (DSL.TELEPAC.PT):
PT.COM - COMUNICACOES INTERACTIVAS S.A,
LEIRIA, LEIRIA, PT. (DSL) 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
07:11:00 Win2K-f 217.96.39.133 (-):
LIQUID SYSTEMS SP. Z O.O,
PL. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:07:15:00 WinXP 78.37.83.200 (LSI.RU):
OJSC NORTH-WEST TELECOM,
RU. 		n/a   445 pcap raw alerts
ruleset 		other
0 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
07:15:00 Win2K-f 92.236.145.201 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
irc
22 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
07:27:00 WinXP 92.97.54.210 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		211.96.97.44:7000 US:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
irc
30 lines 		Yeah : 1.3
profile 		none summary
tarball 		none 91e43fc14a
[Firefox: 6 hits: 05-01 to 05-21] 		none[4] none:none
 Obsidium| none trace
07:27:00 Win2K-f 190.136.219.101 (NET.AR):
APOLO -GOLD-TELECOM-PER,
AR. 		211.96.97.44:7000 US:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
21 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
07:30:00 WinXP 190.17.140.69 (COM.AR):
CABLEVISION S.A,
BUENOS AIRES, BUENOS AIRES, AR. 		n/a RU:moscow-advokat.ru
US:lia.zanet.net
:brussels.be.eu.undernet.org
:flanders.be.eu.undernet.org
AT:graz.at.eu.undernet.org
:gaspode.zanet.org.za
NL:diemen.nl.eu.undernet.org
SE:coins.dal.net
SE:ozbytes.dal.net
SE:vancouver.dal.net
SE:broadway.ny.us.dal.net
NO:london.uk.eu.undernet.org
SE:viking.dal.net 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 1.3
profile 		none summary
tarball 		25 of 25 7f60162c2c
[Firefox:1294 hits: 12-31 to 05-20] 		1aad8e4632 [0] ASM:Graph
 PolyEnE| lines=93
embedded dns 		trace
07:36:00 Win2K-f 82.200.231.229 (-):
JSC KAZAKHTELECOM URALSK AFFILIATE,
KZ. 		n/a US:scorti1.dns2go.com
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		20 of 31 af98fe0c94
[Firefox:71 hits: 04-27 to 05-21] 		480d076a0a [0] ASM:Graph
 ASProtect| lines=422
embedded dns 		trace
07:40:00 Win2K-f 85.26.69.171 (217-117-34-10.TELEDISNET.BE):
TELEDISNET ISP,
BE. 		n/a   445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		30 of 32 18b909f0ea
NEW 		none[4] none:none
 none|none none trace
07:44:00 WinXP 92.112.208.220 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
07:49:00 Win2K-f 190.90.108.198 (EQUITEL.COM.CO):
INTERNEXA S.A. E.S.P,
CO. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:07:57:00 Win2K-f 87.11.46.150 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
IT. (DSL) 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
irc
22 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
07:59:00 WinXP 91.35.127.136 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
DE. (DIAL) 		n/a US:scorti1.dns2go.com
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		14 of 32 f515fcc0f7
[Firefox:14 hits: 12-28 to 05-14] 		dc7696e295 [0] ASM:Graph
 ASProtect| lines=422
embedded dns 		trace
T:08:02:00 Win2K-f 88.230.30.206 (TTNET.NET.TR):
TT ADSL-ALCATEL DYNAMIC_ULUS,
ISTANBUL, ISTANBUL, TR. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
16 lines 		Yeah : 1.3
profile 		none summary
tarball 		27 of 31 0aecd734ef
NEW 		none[4] none:none
 none|none none trace
08:04:00 WinXP 190.188.81.61 (NET.AR):
PRIMA S.A,
AR. 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
08:08:00 Win2K-f 200.160.82.211 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		211.96.97.44:7000 US:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:08:09:00 WinXP 59.117.169.203 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		217.170.244.2:443  
CZ:217.170.244.2:443 		445 pcap raw alerts
ruleset 		shell
ftp
irc
27 lines 		Yeah : 1.3
profile 		none summary
tarball 		25 of 28 7fdfe363d5
[Firefox:2633 hits: 12-31 to 05-19] 		10862ea8b8 [0] ASM:Graph
 FSG| lines=1933
embedded dns 		trace
08:17:00 Win2K-f 220.129.119.48 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
KAOHSIUNG, KAO-HSIUNG, TW. 		n/a   445 pcap raw alerts
ruleset 		other
0 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:08:22:00 Win2K-f 92.47.81.29 (IKBCC.COM):
EU-ZZ,
UK. 		n/a   445 pcap raw alerts
ruleset 		ftp
11 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
08:35:00 Win2K-f 24.39.10.129 (RR.COM):
ROAD RUNNER HOLDCO LLC,
SACO, MAINE, US. 		n/a US:scorti1.dns2go.com
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		22 of 32 dc8e1c63cd
[Firefox:95 hits: 12-27 to 05-21] 		e0eb8646ee [0] ASM:Graph
 none|none lines=601
embedded dns 		trace
08:52:00 WinXP 82.247.150.58 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. 		211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
irc
22 lines 		Yeah : 1.3
profile 		none summary
tarball 		none 91e43fc14a
[Firefox: 6 hits: 05-01 to 05-21] 		none[4] none:none
 Obsidium| none trace
08:54:00 Win2K-f 125.162.101.167 (-):
TLKM_D1_BB_SPEEDY_PG,
PALEMBANG, SUMATERA SELATAN, ID. 		211.96.97.44:7000 CN:hail.dns2go.com
US:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
08:58:00 WinXP 213.63.202.184 (NET.ARTELECOM.PT):
ARTELECOM,
PT. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
08:59:00 WinXP 88.157.104.183 (REV-82-102-32-10.TVTEL.PT):
TVTEL - GRANDE PORTO COMUNICACOES SA,
PORTO, PORTO, PT. (DSL) 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:09:08:00 Win2K-f 213.25.114.223 (OSLINK.PL):
OSLINK SP. Z O.O,
WROCLAW, DOLNOSLASKIE, PL. (DIAL) 		n/a   445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		29 of 32 ab6c69927d
NEW 		none[4] none:none
 none|none none trace
09:10:00 Win2K-f 87.196.181.148 (NET.NOVIS.PT):
NOVIS TELECOM S.A,
PORTO, PORTO, PT. (DSL) 		211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
irc
21 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
09:11:00 WinXP 190.133.143.123 (-):
. 		211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
irc
21 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
09:15:00 Win2K-f 189.58.245.83 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. 		n/a   445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:09:19:00 WinXP 62.61.33.156 (-):
AD-PUBLIC,
DE. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
irc
22 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
09:23:00 Win2K-f 92.112.35.63 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		11 of 31 4620861e2d
[Firefox:15 hits: 04-27 to 05-17] 		none[4] none:none
 StarForce| none trace
09:26:00 Win2K-f 189.23.48.95 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. 		n/a   445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		27 of 30 58cf19dc17
NEW 		none[4] none:none
 none|none none trace
09:36:00 Win2K-f 89.82.183.97 (DSL.CLUB-INTERNET.FR):
T-ONLINE (ADSL),
FR. 		85.114.137.60:65520 DE:proxim.ircgalaxy.pl
CN:scorti1.dns2go.com
CN:218.93.14.236:7000
DE:85.114.137.60:65520 		445 pcap raw alerts
ruleset 		ftp
irc
16 lines 		Yeah : 1.3
profile 		none summary
tarball 		26 of 31 eb0866b6cc
NEW 		none[4] none:none
 none|none none trace
T:09:43:00 Win2K-f 78.1.148.138 (T-COM.HR):
HPTNET,
HR. (DSL) 		85.114.137.60:65520 DE:proxima.ircgalaxy.pl
CN:scorti1.dns2go.com
CN:218.93.14.236:7000
DE:85.114.137.60:65520 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		29 of 31 7d01c17927
NEW 		none[4] none:none
 none|none none trace
09:44:00 Win2K-f 91.42.229.22 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
DE. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
irc
25 lines 		Yeah : 1.3
profile 		none summary
tarball 		25 of 31 e7adb438c8
NEW 		none[4] none:none
 none|none none trace
09:55:00 Win2K-f 89.24.243.136 (4GINTERNET.CZ):
RADIOMOBIL,
CZ. 		211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
irc
22 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:09:58:00 Win2K-f 85.141.114.106 (MTU-NET.RU):
ZAO MTU-INTEL,
MOSCOW, MOSKVA, RU. (DIAL) 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
09:58:00 Win2K-f 190.160.65.4 (VTR.NET):
VTR BANDA ANCHA S.A,
SANTIAGO, REGION METROPOLITANA, CL. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
US:209.250.232.240:7000 		445 pcap raw alerts
ruleset 		ftp
irc
24 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
10:01:00 WinXP 88.85.18.69 (NET2000.CH):
BROADBAND CUSTOMER,
NEUCHATEL, NEUCHATEL, CH. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
10:08:00 WinXP 189.92.3.50 (-):
. 		n/a UA:citi-bank.ru
:parex-bank.ru
UA:194.54.90.246:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		26 of 28 7d99b0e910
[Firefox:2992 hits: 12-31 to 05-20] 		7a70e1b592 [0] ASM:Graph
 PolyEnE| lines=68 trace
T:10:10:00 WinXP 201.75.166.210 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
20 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:14:53:00 Win2K-f 88.156.90.43 (VECTRANET.PL):
NETWORK IN BIALYSTOK GDYNIA SKIERNIEWICE KOSCIERZYNA BELCHATOW,
'S-HERTOGENBOSCH, NOORD-BRABANT, NL. 		211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
irc
22 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:15:01:00 WinXP 81.131.9.240 (BTOPENWORLD.COM):
BT-WEBPORT,
LONDON, ENGLAND, UK. (DIAL) 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
17 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
15:05:00 Win2K-f 190.60.110.236 (IFXNETWORKS.COM):
IFX NETWORKS COLOMBIA,
CO. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
irc
22 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
15:10:00 Win2K-f 190.160.69.202 (VTR.NET):
VTR BANDA ANCHA S.A,
PATERSON, NEW JERSEY, US. 		211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
irc
29 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
15:12:00 WinXP 118.243.130.193 (-):
. 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		30 of 32 8ae058b2d0
NEW 		e6a9383b75 [0] ASM:Graph
 none|none lines=59 trace
15:29:00 Win2K-f 201.213.220.9 (NET.AR):
PRIMA S.A,
AR. 		211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
irc
23 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
15:36:00 Win2K-f 213.63.200.91 (NET.ARTELECOM.PT):
ARTELECOM,
PT. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
irc
20 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
15:40:00 WinXP 190.189.35.234 (NET.AR):
PRIMA S.A,
AR. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
irc
28 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
15:45:00 Win2K-f 189.15.222.89 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
irc
22 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
15:55:00 WinXP 83.59.54.121 (RIMA-TDE.NET):
TELEFONICA DE ESPANA(NCC#2005070725),
LAS PALMAS, CANARY ISLANDS, ES. 		n/a RU:moscow-advokat.ru
SE:ozbytes.dal.net
SE:ced.dal.net
:flanders.be.eu.undernet.org
SE:qis.md.us.dal.net
:washington.dc.us.undernet.org
:gaspode.zanet.org.za
SE:coins.dal.net
:los-angeles.ca.us.undernet.org
US:lia.zanet.net
SE:vancouver.dal.net
SE:broadway.ny.us.dal.net
:brussels.be.eu.undernet.org
AT:graz.at.eu.undernet.org 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 1.3
profile 		none summary
tarball 		25 of 25 7f60162c2c
[Firefox:1294 hits: 12-31 to 05-20] 		1aad8e4632 [0] ASM:Graph
 PolyEnE| lines=93
embedded dns 		trace
T:15:55:00 WinXP 83.59.54.121 (RIMA-TDE.NET):
TELEFONICA DE ESPANA(NCC#2005070725),
LAS PALMAS, CANARY ISLANDS, ES. 		n/a RU:moscow-advokat.ru
RU:194.6.222.11:6667 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		25 of 25 7f60162c2c
[Firefox:1294 hits: 12-31 to 05-20] 		1aad8e4632 [0] ASM:Graph
 PolyEnE| lines=93
embedded dns 		trace
15:57:00 WinXP 84.4.44.233 (CEGETEL.NET):
INTERNET RESIDENTIEL CEGETEL FRANCE,
ELANCOURT, ILE-DE-FRANCE, FR. 		n/a DE:siliconfireware.ru
DE:ebookfinaltrash.ru
:wpad
DE:212.227.111.29:80
EU:78.47.200.154:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		29 of 29 0ada72d805
[Firefox:30 hits: 05-17 to 05-08] 		239ec78f15 [0] ASM:Graph
 ASPack| lines=281
embedded dns 		trace
T:16:01:00 WinXP 213.5.234.157 (ACN.GR):
ACN ALTEC COMMUNICATIONS NETWORK S.A,
ARGOSTOLI, KEFALLINIA, GR. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
irc
22 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
16:02:00 Win2K-f 201.9.217.184 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		10 of 32 639a247ece
[Firefox:32 hits: 04-28 to 05-18] 		29d53eec72 [0] ASM:Graph
 StarForce| lines=132 trace
16:12:00 Win2K-f 82.241.132.221 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
irc
20 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:16:15:00 Win2K-f 41.208.223.64 (WBS.CO.ZA):
AFRINIC,
PRETORIA, GAUTENG, ZA. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
16:17:00 WinXP 201.69.217.228 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		n/a DE:siliconfireware.ru
:www.proxy-socks.net
:wpad
EU:ebookfinaltrash.ru
DE:217.11.54.126:80
EU:78.47.200.154:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		23 of 31 1e131df055
NEW 		none[4] none:none
 ASPack| none trace
16:20:00 Win2K-f 201.15.149.209 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
16:20:00 Win2K-f 81.84.85.244 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
CASCAIS, LISBOA, PT. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
16 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
16:26:00 WinXP 41.210.196.10 (-):
. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		22 of 31 f2db9507a5
[Firefox: 3 hits: 04-27 to 05-01] 		none[4] none:none
 none|none none trace
16:34:00 WinXP 86.99.1.207 (NET.AE):
EMIRATES TELECOMMUNICATIONS CORPORATION,
DUBAI, DUBAI, AE. 		85.114.137.60:65520 DE:proxim.ircgalaxy.pl
UA:citi-bank.ru
US:adult-empire.com
DE:85.114.137.60:65520 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 1.3
profile 		none summary
tarball 		29 of 31 00c93dc3f1
[Firefox: 2 hits: 05-01 to 05-05] 		8783ead907 [0] ASM:Graph
 PolyEnE| lines=129 trace
T:16:55:00 Win2K-f 87.103.222.240 (KUZBASS.NET):
ALLOCATION FOR KEMEROVO REGIONAL BRANCH OF THE JSC SIBIRTELECOM,
OMSK, OMSKAYA OBLAST', RU. (DIAL) 		n/a CN:scorti1.dns2go.com
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		10 of 32 6c9c940a07
NEW 		none[4] none:none
 none|none none trace
16:59:00 WinXP 90.133.61.91 (SWIP.NET):
SWIPNET,
SE. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
20 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:17:02:00 WinXP 83.132.16.134 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
LISBON, LISBOA, PT. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		25 of 28 43aaa8723f
NEW 		none[4] none:none
 none|none none trace
17:02:00 WinXP 189.171.236.34 (PROD-INFINITUM.COM.MX):
UNINET S.A. DE C.V,
JUAREZ, CHIHUAHUA, MX. (DSL) 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
17:12:00 WinXP 189.64.75.124 (-):
. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
irc
29 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
17:17:00 Win2K-f 218.168.60.139 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAOYUAN, T'AI-WAN, TW. 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
17 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
17:22:00 WinXP 213.63.206.32 (NET.ARTELECOM.PT):
ARTELECOM,
PT. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
17:23:00 Win2K-f 12.74.163.243 (ATT.NET):
AT&T WORLDNET SERVICES,
MORRISTOWN, NEW JERSEY, US. (DIAL) 		12.74.163.243:21   445 pcap raw alerts
ruleset 		shell
ftp
18 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
17:25:00 Win2K-f 190.135.188.42 (-):
. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
17:29:00 WinXP 190.32.218.39 (MARPESCA.COM):
CABLE & WIRELESS PANAMA,
PA. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:17:35:00 Win2K-f 82.241.132.221 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
17:43:00 WinXP 212.106.17.124 (POLBOX.PL):
POLBOX,
PL. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
irc
26 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:17:47:00 Win2K-f 69.176.177.32 (MONARCH.NET):
CITY WEST CABLE & TELEPHONE CORP,
PRINCE RUPERT, BRITISH COLUMBIA, CA. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:17:56:00 WinXP 190.31.229.67 (NET.AR):
APOLO -GOLD-TELECOM-PER,
NEW YORK, NEW YORK, US. 		211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
irc
20 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:17:57:00 WinXP 190.137.95.135 (NET.AR):
TELECOM ARGENTINA S.A,
AR. 		211.96.97.44:7000 218.93.14.236:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
irc
24 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
18:15:00 WinXP 59.115.208.102 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a  
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		shell
ftp
18 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:18:28:00 Win2K-f 69.77.159.225 (SKYBEST.COM):
SKYBEST COMMUNICATIONS INC,
NEW BERN, NORTH CAROLINA, US. 		n/a   445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		27 of 31 56ae35572e
[Firefox: 3 hits: 05-01 to 05-10] 		none[4] none:none
 none|none none trace
18:41:00 WinXP 189.69.237.69 (-):
. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:18:55:00 Win2K-f 116.206.9.227 (-):
MOBIF WIRELESS BROADBAND SDN. BHD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
19:04:00 WinXP 200.125.45.206 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. (DIAL) 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
19:22:00 WinXP 60.54.118.2 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
irc
22 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
19:29:00 Win2K-f 189.65.181.214 (-):
. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
irc
17 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:19:35:00 WinXP 218.111.17.170 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
PETALING JAYA, SELANGOR, MY. 		211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
irc
20 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
19:36:00 WinXP 200.104.128.244 (VTR.NET):
VTR BANDA ANCHA S.A,
SANTIAGO, REGION METROPOLITANA, CL. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
15 lines 		Yeah : 1.3
profile 		none summary
tarball 		13 of 31 408aea2aae
NEW 		none[4] none:none
 none|none none trace
19:48:00 Win2K-f 195.116.239.136 (JRBNET.COM):
JRB FIRMA CONSULTINGOWO-HANDLOWA,
WARSAW, MAZOWIECKIE, PL. 		211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
irc
22 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:19:50:00 Win2K-f 201.253.245.9 (NET.AR):
APOLO -GOLD-TELECOM-PER,
AR. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
irc
20 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
19:52:00 Win2K-f 200.184.34.12 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		n/a   445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		27 of 31 dfc9c1cbbb
NEW 		none[4] none:none
 none|none none trace
20:02:00 WinXP 201.250.57.61 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. 		211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
irc
28 lines 		Yeah : 1.3
profile 		none summary
tarball 		18 of 32 7e28dac8de
[Firefox:24 hits: 04-27 to 05-21] 		none[4] none:none
 none|none none trace
T:20:06:00 Win2K-f 118.169.83.90 (-):
. 		217.170.244.2:443  
CZ:217.170.244.2:443
CZ:82.114.64.251:443 		445 pcap raw alerts
ruleset 		shell
ftp
irc
19 lines 		Yeah : 1.3
profile 		none summary
tarball 		25 of 28 7fdfe363d5
[Firefox:2633 hits: 12-31 to 05-19] 		10862ea8b8 [0] ASM:Graph
 FSG| lines=1933
embedded dns 		trace
20:10:00 Win2K-f 87.103.220.149 (KUZBASS.NET):
ALLOCATION FOR KEMEROVO REGIONAL BRANCH OF THE JSC SIBIRTELECOM,
KEMEROVO, KEMEROVSKAYA OBLAST', RU. (DIAL) 		n/a CN:scorti1.dns2go.com
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		9 of 32 9345b57563
[Firefox:15 hits: 12-27 to 05-21] 		none[4] none:none
 none|none none trace
20:11:00 Win2K-f 190.48.1.169 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		23 of 31 14ef234ad3
[Firefox:15 hits: 04-29 to 05-17] 		none[4] none:none
 none|none none trace
20:34:00 Win2K-f 218.111.17.170 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
PETALING JAYA, SELANGOR, MY. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
20:45:00 Win2K-f 118.100.84.34 (-):
. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
17 lines 		Yeah : 1.3
profile 		none summary
tarball 		22 of 30 01506e22fa
[Firefox: 2 hits: 05-01 to 05-01] 		none[4] none:none
 none|none none trace
20:45:00 WinXP 75.63.144.32 (SBCGLOBAL.NET):
PPPOX ADSL - BRAS1.SNANTX,
DALLAS, TEXAS, US. (DSL) 		n/a UA:citi-bank.ru
UA:194.54.90.246:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		26 of 28 7d99b0e910
[Firefox:2992 hits: 12-31 to 05-20] 		7a70e1b592 [0] ASM:Graph
 PolyEnE| lines=68 trace
20:49:00 WinXP 190.139.247.218 (NET.AR):
TELECOM ARGENTINA S.A,
AR. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:20:55:00 WinXP 60.50.110.145 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. 		85.114.137.60:65520 211.96.97.44:7000 DE:proxim.ircgalaxy.pl
CN:hail.dns2go.com
DE:85.114.137.60:65520 		445 pcap raw alerts
ruleset 		ftp
irc
20 lines 		Yeah : 1.3
profile 		none summary
tarball 		27 of 30 a107502d71
[Firefox: 2 hits: 05-01 to 05-07] 		none[4] none:none
 none|none none trace
20:56:00 WinXP 190.128.69.174 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
21:04:00 Win2K-f 189.48.224.51 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
16 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
21:09:00 WinXP 60.50.68.122 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
15 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
21:09:00 WinXP 220.143.61.86 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
21:20:00 Win2K-f 67.101.159.7 (COVAD.NET):
COVAD COMMUNICATIONS CO,
NEW YORK, NEW YORK, US. (100Mbps) 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		27 of 31 db591d7cae
NEW 		none[4] none:none
 none|none none trace
21:25:00 Win2K-f 116.206.3.148 (-):
MOBIF WIRELESS BROADBAND SDN. BHD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
US:204.13.161.51:80
US:208.73.212.12:80
DE:212.227.111.29:80
DE:217.11.54.126:80
EU:77.37.142.253:81
EU:78.47.200.154:80 		445 pcap raw alerts
ruleset 		ftp
16 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
21:32:00 WinXP 118.100.138.152 (-):
. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
15 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
21:37:00 WinXP 91.125.97.31 (BRIGHTVIEW.COM):
BRIGHTVIEW GROUP LIMITED,
LONDON, ENGLAND, UK. 		n/a   445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:21:43:00 Win2K-f 125.230.35.97 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a CN:scorti1.dns2go.com
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
irc
21 lines 		Yeah : 0.8
profile 		none summary
tarball 		19 of 32 890fb4fa10
[Firefox:43 hits: 12-27 to 05-10] 		b9c7f08a57 [0] ASM:Graph
 ASProtect| lines=393
embedded dns 		trace
T:21:49:00 WinXP 24.95.132.226 (RR.COM):
ROAD RUNNER HOLDCO LLC,
HORSEHEADS, NEW YORK, US. 		n/a EU:siliconfireware.ru
US:searchportal.information.com
US:spi.domainsponsor.com
:landdev1.lap.internal
:www.proxy-socks.net
:wpad
US:sptc.information.com
GB:new.egg.com
US:204.13.161.51:80
DE:217.11.54.126:80
EU:78.47.200.154:80 		445 pcap raw alerts
ruleset 		http
http
http
http
33 lines 		Yeah : 0.8
profile 		none summary
tarball 		29 of 29 a12cab51ef
[Firefox:1025 hits: 05-01 to 05-21] 		40f7f463c4 [0] ASM:Graph
 ASPack| lines=281
embedded dns 		trace
21:50:00 Win2K-f 91.66.185.98 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
15 lines 		Yeah : 1.3
profile 		none summary
tarball 		26 of 31 d5fc85ade1
NEW 		none[4] none:none
 none|none none trace
T:21:53:00 Win2K-f 200.227.49.203 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		211.96.97.44:7000 CN:hail.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
22:00:00 Win2K-f 125.0.63.216 (INFOWEB.NE.JP):
FUJITSU LIMITED,
TOKYO, TOKYO, JP. (DIAL) 		n/a CN:scorti1.dns2go.com
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		22 of 32 dc8e1c63cd
[Firefox:95 hits: 12-27 to 05-21] 		e0eb8646ee [0] ASM:Graph
 none|none lines=601
embedded dns 		trace
22:19:00 Win2K-f 78.57.35.36 (ZEBRA.LT):
LIETUVOS,
KAUNAS, KAUNO APSKRITIS, LT. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		25 of 30 9bc965e365
NEW 		none[4] none:none
 none|none none trace
T:22:23:00 WinXP 89.237.198.250 (-):
ISFANA-NIMATOVA,
KG. (100Mbps) 		218.93.14.236:7000 CN:scorti1.dns2go.com
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
irc
25 lines 		Yeah : 1.3
profile 		none summary
tarball 		20 of 31 af98fe0c94
[Firefox:71 hits: 04-27 to 05-21] 		480d076a0a [0] ASM:Graph
 ASProtect| lines=422
embedded dns 		trace
22:32:00 WinXP 79.138.194.189 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:22:35:00 WinXP 82.245.159.91 (PROXAD.NET):
PROXAD / FREE SAS,
LE BOURGET, ILE-DE-FRANCE, FR. 		211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
irc
22 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:22:54:00 Win2K-f 189.58.244.113 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. 		n/a   445 pcap raw alerts
ruleset 		ftp
13 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
23:05:00 WinXP 190.174.129.115 (-):
. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
15 lines 		Yeah : 1.3
profile 		none summary
tarball 		24 of 30 206797614d
[Firefox: 3 hits: 05-01 to 05-17] 		none[4] none:none
 Obsidium| none trace
23:09:00 Win2K-f 125.162.96.190 (-):
TLKM_D1_BB_SPEEDY_PG,
PALEMBANG, SUMATERA SELATAN, ID. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
15 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
23:13:00 Win2K-f 86.133.43.113 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
SHEFFIELD, ENGLAND, UK. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:23:22:00 Win2K-f 92.47.244.241 (IKBCC.COM):
EU-ZZ,
UK. 		211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
irc
22 lines 		Yeah : 1.3
profile 		none summary
tarball 		12 of 30 76b4ab852e
[Firefox:52 hits: 04-29 to 05-17] 		none[4] none:none
 none|none none trace
23:54:00 WinXP 190.30.167.221 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1414 hits: 04-27 to 05-21] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:23:59:00 Win2K-f 92.113.94.63 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		n/a CN:scorti1.dns2go.com
CN:218.93.14.236:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		20 of 31 af98fe0c94
[Firefox:71 hits: 04-27 to 05-21] 		480d076a0a [0] ASM:Graph
 ASProtect| lines=422
embedded dns 		trace