Multiperspective Malware Analysis Page

Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

05 May 2008
<prev> <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]

Time
Victim
OS
Infection
Source
C&C
Server
DNS Lookups &
Failed Connects Infection
Port
Packet
Trace
Detection
Signatures
Infection
Chatter
BotHunter
Analysis
Behavioral
Cluster
Forensic
Logs
Antivirus
Labels
Packed Malware_Binary Unpacked egg.exe
Unpacked egg.asm
Packer PEID
Data Strings
Syscall Trace

00:19:00 WinXP 117.6.125.48 (ADSL.VIETTEL.VN):
VIETEL CORPORATION,
HANOI, HA NOI, VN. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 13 of 32 53123fadcc
[Firefox:35 hits: 01-26 to 05-07] none[4] none:none
none|none none trace

00:25:00 WinXP 221.171.136.195 (MESH.AD.JP):
BIGLOBE-CIDR-BLK,
JP. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 29 of 29 1a2c0e6130
[Firefox:372 hits: 12-31 to 05-07] 048df78048 [0] ASM:Graph
none|none lines=61 trace

01:49:00 WinXP 92.97.202.50 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a DE:proxim.ircgalaxy.pl
UA:citi-bank.ru
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 29 of 31 00c93dc3f1
[Firefox: 2 hits: 05-01 to 05-05] 8783ead907 [0] ASM:Graph
PolyEnE| lines=129 trace

01:51:00 WinXP 87.64.199.22 (ISP.BELGACOM.BE):
BELGACOM-ADSL,
DENDERMONDE, OOST-VLAANDEREN, BE. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

01:53:00 Win2K-f 196.28.248.180 (-):
AFRINIC,
BF. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

01:55:00 Win2K-f 89.146.186.231 (NET.BA):
BRAS PPPOE POOL UPGRADE,
SARAJEVO, FEDERATION OF BOSNIA AND HERZEGOVINA, BA. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 20 of 31 af98fe0c94
[Firefox:47 hits: 04-27 to 05-07] 480d076a0a [0] ASM:Graph
ASProtect| lines=422
embedded dns trace

T:01:58:00 WinXP 91.64.193.122 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. 211.96.97.44:7000 CN:scorti1.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
21 lines Yeah : 1.8
profile none summary
tarball 12 of 31 ab48a97a5d
[Firefox: 4 hits: 12-28 to 05-07] 81e9c5d188 [0] ASM:Graph
ASProtect| lines=419
embedded dns trace

02:04:00 Win2K-f 212.52.153.59 (UAPNET.UACC.BF):
ONATEL (OFFICE NATIONAL DES TELECOMMUNICATIONS PTT),
BF. n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 28 of 31 36d24c4769
NEW none[4] none:none
none|none none trace

02:15:00 WinXP 92.8.156.40 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a DE:proxim.ircgalaxy.pl
CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
DE:85.114.137.60:80 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 28 of 31 89193031d2
[Firefox: 4 hits: 05-04 to 05-06] none[4] none:none
none|none none trace

T:02:27:00 Win2K-f 220.143.48.102 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

02:28:00 WinXP 222.251.175.119 (-):
KOREA CABLE TELEVISION SUWON BROADCATING CORPORATI,
SUWON, KYONGGI-DO, KR. n/a DE:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80
DE:85.114.137.60:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 30 of 32 3f5ec58a6b
[Firefox: 9 hits: 04-24 to 05-05] 4a77430a59 [0] ASM:Graph
PolyEnE| lines=70 trace

T:02:28:00 WinXP 222.251.175.119 (-):
KOREA CABLE TELEVISION SUWON BROADCATING CORPORATI,
SUWON, KYONGGI-DO, KR. 85.114.137.60:80 DE:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
irc
3 lines Yeah : 1.8
profile none summary
tarball 30 of 32 3f5ec58a6b
[Firefox: 9 hits: 04-24 to 05-05] 4a77430a59 [0] ASM:Graph
PolyEnE| lines=70 trace

02:29:00 WinXP 92.40.29.57 (IKBCC.COM):
EU-ZZ,
UK. n/a DE:proxim.ircgalaxy.pl
DE:85.114.137.60:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 28 of 31 f58222344f
[Firefox: 9 hits: 12-31 to 05-06] 2a56436a64 [0] ASM:Graph
PolyEnE| lines=265
embedded dns trace

02:36:00 Win2K-f 212.186.30.138 (SURFER.AT):
PROVIDER LOCAL REGISTRY,
VIENNA, WIEN, AT. n/a DE:proxim.ircgalaxy.pl
CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset ftp
irc
21 lines Yeah : 0.8
profile none summary
tarball 28 of 32 3a07d0b4fb
NEW none[4] none:none
none|none none trace

02:41:00 Win2K-f 89.201.141.58 (OPTIMA-TELEKOM.HR):
OT - OPTIMA TELEKOM D.O.O,
ZAGREB, GRAD ZAGREB, HR. (DSL) 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
20 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

02:52:00 WinXP 58.107.102.32 (OPTUSNET.COM.AU):
OPTUS INTERNET - RETAIL,
SYDNEY, NEW SOUTH WALES, AU. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 29 of 29 3ae357d17b
[Firefox:697 hits: 05-01 to 05-07] 462a7be171 [0] ASM:Graph
PolyEnE| lines=73 trace

T:02:52:00 WinXP 58.107.102.32 (OPTUSNET.COM.AU):
OPTUS INTERNET - RETAIL,
SYDNEY, NEW SOUTH WALES, AU. n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 29 of 29 3ae357d17b
[Firefox:697 hits: 05-01 to 05-07] 462a7be171 [0] ASM:Graph
PolyEnE| lines=73 trace

03:00:00 Win2K-f 193.239.101.75 (SOLARME.PL):
SOLARME-NET-POLAND,
PL. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:03:08:00 Win2K-f 221.118.233.158 (NIIGATA-U.AC.JP):
JAPAN NETWORK INFORMATION CENTER,
JP. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 25 of 31 52fdb89225
NEW 901902cf1e [0] ASM:Graph
none|none lines=411
embedded dns trace

T:03:12:00 WinXP 77.192.49.114 (GAOLAND.NET):
DYNAMIC POOLS,
FR. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 21 of 31 0ca18d1183
[Firefox: 2 hits: 04-27 to 05-05] none[4] none:none
none|none none trace

T:03:22:00 WinXP 124.82.92.157 (TM.NET.MY):
TM ADSL SERVICE PROVIDER MALAYSIA,
BENTONG, PAHANG, MY. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

03:25:00 WinXP 218.208.194.212 (TM.NET.MY):
ADSL-STREAMYX-TMNET,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:03:28:00 WinXP 91.156.24.36 (ELISA-LAAJAKAISTA.FI):
ELISA,
FI. 211.96.97.44:7000 CN:scorti1.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
21 lines Yeah : 1.8
profile none summary
tarball 25 of 31 f7f5cc3214
[Firefox: 2 hits: 04-27 to 05-05] 10e5f5c242 [0] ASM:Graph
ASProtect| lines=389
embedded dns trace

03:32:00 Win2K-f 85.241.53.96 (DSL.TELEPAC.PT):
PT.COM - COMUNICACOES INTERACTIVAS S.A,
PT. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:03:39:00 Win2K-f 125.233.241.129 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAINAN, KAO-HSIUNG, TW. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:03:41:00 Win2K-f 92.46.15.38 (IKBCC.COM):
EU-ZZ,
UK. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 31 c1f12e0109
[Firefox:10 hits: 04-28 to 05-07] none[4] none:none
none|none none trace

T:03:44:00 WinXP 62.11.116.189 (DIALUP.TISCALI.IT):
TISCALI ITALIA SPA,
IT. (DIAL) n/a RU:www.bbin.ru
EU:siliconfireware.ru
:wpad
US:searchportal.information.com
RU:195.200.213.52:80
US:208.73.212.12:80
DE:212.227.111.29:80
DE:217.11.54.126:80 445 pcap raw alerts
ruleset http
http
2 lines Yeah : 0.8
profile none summary
tarball 29 of 29 df17a625ee
[Firefox:438 hits: 05-04 to 05-06] none[3] none:none
ASPack| none trace

03:45:00 Win2K-f 87.18.108.41 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
AUGUSTA, SICILIA, IT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

03:48:00 Win2K-f 92.46.135.34 (IKBCC.COM):
EU-ZZ,
UK. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 20 of 31 af98fe0c94
[Firefox:47 hits: 04-27 to 05-07] 480d076a0a [0] ASM:Graph
ASProtect| lines=422
embedded dns trace

03:56:00 WinXP 124.105.133.222 (PLDT.NET):
BNKC7300I04_CONSUMER,
PH. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

04:00:00 Win2K-f 89.107.81.184 (VNTC.RU):
JSK NTC (NEW TELEPHONE COMPANY),
VLADIVOSTOK, PRIMORSKIY KRAY, RU. (DIAL) n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 8f367186c3
[Firefox:61 hits: 12-27 to 05-05] 01a06977c4 [0] ASM:Graph
TXT2COM| lines=0 trace

04:09:00 WinXP 89.111.221.174 (TEOL.NET):
TEOL-NET-DIALUP-POOL,
BANJA LUKA, REPUBLIKA SRPSKA, BA. (DIAL) 85.114.137.60:80 DE:proxim.ircgalaxy.pl
CN:scorti1.dns2go.com
DE:dl2.teenpassage.com
CN:211.96.97.44:7000
DE:85.114.137.60:80 445 pcap raw alerts
ruleset ftp
irc
http
32 lines Yeah : 1.3
profile none summary
tarball 27 of 31 e3ab8df7fb
NEW none[4] none:none
none|none none trace

04:11:00 Win2K-f 213.242.233.198 (-):
PPTP CONNECTIONS,
EKATERINBURG, SVERDLOVSKAYA OBLAST', RU. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
23 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:04:14:00 WinXP 92.10.161.88 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. 211.96.97.44:7000 85.114.137.60:80 DE:proxim.ircgalaxy.pl
CN:hail.dns2go.com
DE:dl2.teenpassage.com
IL:ymq.a1001186.wrs.mcboo.com
IL:194.90.224.86:80
DE:85.114.137.60:80 445 pcap raw alerts
ruleset ftp
irc
http
118 lines Yeah : 1.3
profile none summary
tarball 28 of 32
22 of 31 07e23ff778
[Firefox: 2 hits: 05-01 to 05-05]
11db3f85ed
NEW e6c4bf7726 [0]
11db3f85ed[1] ASM:Graph
ASM:Graph
StarForce|
StarForce| lines=131
lines=6 trace
trace

04:15:00 WinXP 82.200.245.33 (-):
ALMATYTELECOM,
ALMATY, ALMATY, KZ. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 17 of 31 9071196480
NEW bae94e6177 [0] ASM:Graph
ASProtect| lines=422
embedded dns trace

04:18:00 Win2K-f 92.9.138.16 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 25 of 31 8a133be75e
NEW none[4] none:none
none|none none trace

T:04:36:00 Win2K-f 122.126.131.106 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2587 hits: 12-31 to 05-07] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

04:36:00 WinXP 41.234.47.252 (TEDATA.NET):
PROVIDER LOCAL REGISTRY,
EG. n/a 445 pcap raw alerts
ruleset ftp
11 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

04:38:00 Win2K-f 85.186.2.65 (-):
ASTRAL GALATI CPE,
GALATI, GALATI, RO. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
23 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

04:46:00 Win2K-f 91.82.64.249 (INVITEL.HU):
ADSL-PPPOE-(GOD-ADSL2),
HU. 211.96.97.44:7000 CN:scorti1.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 20 of 31 bfab284e67
[Firefox: 3 hits: 05-01 to 05-05] 13a0c147f5 [0] ASM:Graph
ASProtect| lines=420
embedded dns trace

04:50:00 WinXP 89.214.53.214 (-):
GPRS COSTUMERS,
PT. n/a DE:proxim.ircgalaxy.pl
CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
DE:85.114.137.60:80 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 26 of 31 84396f240a
NEW none[4] none:none
none|none none trace

T:05:01:00 WinXP 80.52.34.167 (TPNET.PL):
STRAWCZYN-SDI,
KIELCE, SWIETOKRZYSKIE, PL. (100Mbps) 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
27 lines Yeah : 1.8
profile none summary
tarball 15 of 31 4b90ef16d1
NEW none[4] none:none
none|none none trace

05:06:00 Win2K-f 91.64.74.91 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
18 lines Yeah : 0.8
profile none summary
tarball 28 of 32 a4da27f5aa
[Firefox: 2 hits: 05-05 to 05-06] none[4] none:none
none|none none trace

05:09:00 Win2K-f 117.198.99.56 (-):
. n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 28 of 31 304bcbf014
NEW none[4] none:none
none|none none trace

05:19:00 WinXP 4.239.36.45 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
PHILADELPHIA, PENNSYLVANIA, US. (DIAL) n/a 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:05:22:00 Win2K-f 83.132.232.204 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
LISBON, LISBOA, PT. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
20 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:05:22:00 WinXP 89.230.188.15 (MM.PL):
SZEL-SAT,
PL. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 15 of 31 6367f5788d
NEW none[4] none:none
none|none none trace

05:25:00 Win2K-f 200.86.235.224 (VTR.NET):
VTR BANDA ANCHA S.A,
PATERSON, NEW JERSEY, US. n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 10 of 32 639a247ece
[Firefox:24 hits: 04-28 to 05-06] 29d53eec72 [0] ASM:Graph
StarForce| lines=132 trace

05:29:00 Win2K-f 92.46.26.108 (IKBCC.COM):
EU-ZZ,
UK. n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 28 of 32 f55795b9d2
NEW none[4] none:none
none|none none trace

05:29:00 WinXP 77.199.12.107 (GAOLAND.NET):
DYNAMIC POOLS,
FR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

05:38:00 Win2K-f 93.120.130.179 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 19 of 30 93282471f7
[Firefox: 9 hits: 04-28 to 05-07] 95951dee58 [0] ASM:Graph
ASProtect| lines=0 trace

T:05:42:00 WinXP 82.242.180.71 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. 85.114.137.60:65520 DE:proxim.ircgalaxy.pl
CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset ftp
irc
21 lines Yeah : 1.3
profile none summary
tarball 27 of 32 b38a7b19d3
[Firefox: 2 hits: 05-01 to 05-05] none[4] none:none
none|none none trace

T:05:43:00 Win2K-f 80.181.119.182 (POOL80181.INTERBUSINESS.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
SPOLETO, UMBRIA, IT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

05:43:00 Win2K-f 79.113.73.49 (RDSNET.RO):
RDS,
BUCHAREST, BUCURESTI, RO. 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
21 lines Yeah : 1.3
profile none summary
tarball 22 of 31 2cf72f62c6
[Firefox: 3 hits: 05-02 to 05-06] none[4] none:none
none|none none trace

05:54:00 Win2K-f 212.120.231.100 (GIBCONNECT.COM):
GIBTEL DYNAMIC ADSL POOL,
GIBRALTAR, GIBRALTAR, GI. (DSL) n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 8f367186c3
[Firefox:61 hits: 12-27 to 05-05] 01a06977c4 [0] ASM:Graph
TXT2COM| lines=0 trace

T:05:56:00 Win2K-f 92.112.222.149 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 12 of 30 76b4ab852e
[Firefox:29 hits: 04-29 to 05-07] none[4] none:none
none|none none trace

T:06:02:00 WinXP 91.66.143.23 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. 211.96.97.44:7000 CN:scorti1.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.3
profile none summary
tarball 28 of 31 e9622e1b8c
NEW b708e83743 [0] ASM:Graph
TXT2COM| lines=406
embedded dns trace

T:06:04:00 Win2K-f 78.3.86.204 (T-COM.HR):
T-COM CROATIA INTERNET NETWORK,
ZAGREB, GRAD ZAGREB, HR. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:06:16:00 Win2K-f 85.15.246.37 (-):
LATBUVSERVISS,
LV. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

06:19:00 Win2K-f 194.246.107.12 (DATACOMSA.PL):
DATACOM S.A,
PL. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

06:21:00 WinXP 88.56.85.68 (BUSINESS.TELECOMITALIA.IT):
INTERBUSINESS,
ROME, LAZIO, IT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 12 of 30 76b4ab852e
[Firefox:29 hits: 04-29 to 05-07] none[4] none:none
none|none none trace

06:25:00 Win2K-f 125.230.173.40 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

06:27:00 Win2K-f 92.47.129.222 (IKBCC.COM):
EU-ZZ,
UK. n/a CN:scorti1.dns2go.com 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 20 of 31 af98fe0c94
[Firefox:47 hits: 04-27 to 05-07] 480d076a0a [0] ASM:Graph
ASProtect| lines=422
embedded dns trace

06:30:00 Win2K-f 200.184.4.172 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
16 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

06:46:00 Win2K-f 157.25.234.160 (IPARTNERS.PL):
GTS POLAND,
PL. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:06:47:00 Win2K-f 87.17.155.109 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
IT. n/a 445 pcap raw alerts
ruleset other
0 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

06:52:00 WinXP 62.180.24.158 (IGNITE.NET):
BT (GERMANY) GMBH & CO. OHG,
DE. (DIAL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 15 of 31 0eceeeb0e0
[Firefox: 2 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

07:05:00 WinXP 75.143.200.7 (CHARTER.COM):
CHARTER COMMUNICATIONS,
US. 217.170.244.2:443 445 pcap raw alerts
ruleset shell
ftp
irc
29 lines Yeah : 1.8
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2587 hits: 12-31 to 05-07] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

07:14:00 Win2K-f 89.180.157.122 (NET.NOVIS.PT):
IPGLOBAL,
LISBON, LISBOA, PT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

07:18:00 Win2K-f 92.47.131.174 (IKBCC.COM):
EU-ZZ,
UK. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 20 of 31 af98fe0c94
[Firefox:47 hits: 04-27 to 05-07] 480d076a0a [0] ASM:Graph
ASProtect| lines=422
embedded dns trace

07:20:00 WinXP 89.207.69.124 (-):
JOINT STOCK COMPANY SVYAZIST,
RU. n/a DE:proxima.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 30 of 32 bfa308b13a
[Firefox:11 hits: 02-29 to 05-05] 7586a2002b [0] ASM:Graph
PolyEnE| lines=0 trace

T:07:20:00 Win2K-f 124.43.206.215 (-):
INTERNET SERVICE PROVIDER IN SRI LANKA,
COLOMBO, CENTRAL, LK. (DIAL) 211.96.97.44:7000 CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
19 lines Yeah : 1.3
profile none summary
tarball 27 of 31 2e557d2c7e
NEW none[4] none:none
none|none none trace

T:07:22:00 Win2K-f 87.18.213.8 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
ROME, LAZIO, IT. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 12 of 30 76b4ab852e
[Firefox:29 hits: 04-29 to 05-07] none[4] none:none
none|none none trace

07:34:00 WinXP 88.20.154.88 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
ES. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

07:35:00 WinXP 90.137.24.154 (SWIP.NET):
SWIPNET,
SE. n/a 445 pcap raw alerts
ruleset ftp
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

07:37:00 WinXP 84.4.91.168 (CEGETEL.NET):
INTERNET RESIDENTIEL CEGETEL FRANCE,
PARIS, ILE-DE-FRANCE, FR. n/a 445 pcap raw alerts
ruleset ftp
11 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

07:48:00 WinXP 75.177.2.54 (RR.COM):
ROAD RUNNER HOLDCO LLC,
GREENSBORO, NORTH CAROLINA, US. n/a DE:siliconfireware.ru
GB:new.egg.com
:wpad
DE:212.227.111.29:80
DE:217.11.54.126:80
GB:217.145.225.22:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 0ada72d805
[Firefox:29 hits: 05-17 to 05-05] 239ec78f15 [0] ASM:Graph
ASPack| lines=281
embedded dns trace

07:54:00 Win2K-f 190.137.13.109 (NET.AR):
TELECOM ARGENTINA S.A,
AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

07:56:00 Win2K-f 118.169.35.194 (-):
. n/a DE:proxim.ircgalaxy.pl
CZ:217.170.244.2:443
CZ:82.114.64.251:443
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 28 of 31 0b8d225034
[Firefox: 2 hits: 05-04 to 05-05] d602884c66 [0] ASM:Graph
FSG| lines=1993
embedded dns trace

T:07:58:00 Win2K-f 118.166.219.204 (-):
. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2587 hits: 12-31 to 05-07] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

08:05:00 WinXP 118.166.10.19 (-):
. 217.170.244.2:443 445 pcap raw alerts
ruleset shell
ftp
irc
37 lines Yeah : 1.8
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2587 hits: 12-31 to 05-07] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

08:07:00 WinXP 84.181.211.115 (T-DIALIN.NET):
DEUTSCHE TELEKOM AG,
ZITTAU, SACHSEN, DE. (DIAL) n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 18 of 31 f9b37a5ae8
[Firefox: 2 hits: 05-02 to 05-05] 77bf267d4e [0] ASM:Graph
ASProtect| lines=422
embedded dns trace

08:10:00 WinXP 88.102.42.171 (IOL.CZ):
XDSL NETWORK-ADSL,
DECIN, USTECKY KRAJ, CZ. 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
20 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:08:10:00 Win2K-f 60.50.179.159 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
PUCHONG, SELANGOR, MY. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
21 lines Yeah : 1.3
profile none summary
tarball 12 of 30 76b4ab852e
[Firefox:29 hits: 04-29 to 05-07] none[4] none:none
none|none none trace

T:08:18:00 Win2K-f 92.46.13.184 (IKBCC.COM):
EU-ZZ,
UK. 211.96.97.44:7000 CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
24 lines Yeah : 1.3
profile none summary
tarball 20 of 31 af98fe0c94
[Firefox:47 hits: 04-27 to 05-07] 480d076a0a [0] ASM:Graph
ASProtect| lines=422
embedded dns trace

08:26:00 WinXP 84.129.122.190 (T-DIALIN.NET):
DEUTSCHE TELEKOM AG,
BREMEN, BREMEN, DE. (DIAL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 28 of 32 8b10abd5e9
NEW none[4] none:none
none|none none trace

08:43:00 Win2K-f 201.19.98.27 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

08:50:00 WinXP 79.126.29.92 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 17 of 31 49181cdddf
NEW none[4] none:none
none|none none trace

08:55:00 Win2K-f 220.141.11.154 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 13 of 32 285af12d33
[Firefox: 3 hits: 04-28 to 05-05] none[4] none:none
none|none none trace

T:09:05:00 Win2K-f 85.232.214.177 (MALTANET.NET):
MALTANET-RETAIL-DSL,
LUQA, MALTA, MT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:09:07:00 WinXP 213.133.10.196 (-):
SPINN INTERNATIONAL APS,
DK. n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

09:12:00 WinXP 12.226.242.197 (MCHSI.COM):
MEDIACOM COMMUNICATIONS CORP,
PITTSBURGH, PENNSYLVANIA, US. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:2956 hits: 12-31 to 05-07] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:09:14:00 Win2K-f 79.101.16.106 (G-M-I.NET):
EU-ZZ,
UK. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

09:15:00 Win2K-f 85.103.174.156 (TTNET.NET.TR):
TURK TELEKOM ADSL-ALCATEL,
ISTANBUL, ISTANBUL, TR. n/a 445 pcap raw alerts
ruleset ftp
16 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

09:21:00 WinXP 79.138.199.93 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 1.3
profile none summary
tarball 15 of 32 bcbb337622
NEW none[4] none:none
none|none none trace

09:22:00 Win2K-f 85.176.157.38 (ALICEDSL.DE):
HANSENET-ADSL,
LUBECK, SCHLESWIG-HOLSTEIN, DE. (DSL) n/a DE:proxim.ircgalaxy.pl
CZ:217.170.244.2:443
CZ:82.114.64.251:443
DE:85.114.137.60:80 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 27 of 31 d110ead8f3
NEW 37249e39e5 [0] ASM:Graph
FSG| lines=1935
embedded dns trace

09:35:00 WinXP 91.196.55.140 (-):
PP KOM I TEX,
LVIV, L'VIVS'KA OBLAST', UA. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 12 of 30 76b4ab852e
[Firefox:29 hits: 04-29 to 05-07] none[4] none:none
none|none none trace

09:39:00 WinXP 87.20.150.143 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
IT. n/a 445 pcap raw alerts
ruleset shell
ftp
26 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

09:48:00 WinXP 79.170.249.6 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:09:48:00 Win2K-f 122.120.132.122 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

09:49:00 Win2K-f 85.93.187.22 (WSC.CZ):
WINSOFT COMPANY S.R.O,
OLOMOUC, OLOMOUCKY KRAJ, CZ. n/a 445 pcap raw alerts
ruleset ftp
19 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

09:52:00 Win2K-f 41.245.85.140 (FAUXTEL.COM):
AFRINIC,
ZA. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 12 of 30 76b4ab852e
[Firefox:29 hits: 04-29 to 05-07] none[4] none:none
none|none none trace

09:56:00 WinXP 84.13.99.63 (84.IN-ADDR.ARPA):
OPAL TELECOM DSL NETWORK,
UK. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

10:02:00 Win2K-f 84.119.40.238 (SWIPNET.SE):
PROVIDER LOCAL REGISTRY,
SE. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 12 of 30 76b4ab852e
[Firefox:29 hits: 04-29 to 05-07] none[4] none:none
none|none none trace

T:10:10:00 WinXP 193.250.23.131 (ABO.WANADOO.FR):
FRANCE TELECOM,
LYON, RHONE-ALPES, FR. n/a 445 pcap raw alerts
ruleset ftp
13 lines Yeah : 1.3
profile none summary
tarball 29 of 29 1a2c0e6130
[Firefox:372 hits: 12-31 to 05-07] 048df78048 [0] ASM:Graph
none|none lines=61 trace

T:10:10:00 Win2K-f 41.210.214.197 (-):
. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
16 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

10:19:00 WinXP 41.233.178.228 (TEDATA.NET):
PROVIDER LOCAL REGISTRY,
EG. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

10:27:00 Win2K-f 85.120.146.206 (-):
SC-A-AND-D-INFOCOM-SRL,
RO. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:10:32:00 WinXP 189.61.38.53 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

10:35:00 WinXP 78.57.108.218 (ZEBRA.LT):
LIETUVOS,
VILNIUS, VILNIAUS APSKRITIS, LT. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
18 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

10:36:00 Win2K-f 213.25.104.57 (COM.PL):
PPHU EXPONET ALEKSANDER URBANCZYK,
BIELSKO-BIALA, SLASKIE, PL. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

10:37:00 WinXP 82.210.162.217 (WAW.PL):
OTN MIANOWSKIEGO IP ASSIGNMENT,
WARSAW, MAZOWIECKIE, PL. 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

10:38:00 Win2K-f 92.97.247.200 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

T:10:48:00 Win2K-f 83.176.87.216 (CUST.TELE2.IT):
TELE2 ITALY S.A,
IT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

10:59:00 Win2K-f 89.109.2.129 (MTS-NN.RU):
NETWORK FOR PPPOE CLIENTS TERMINATIONS IN,
NOVGOROD, NOVGORODSKAYA OBLAST', RU. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:10:59:00 Win2K-f 218.160.246.202 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2587 hits: 12-31 to 05-07] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

11:07:00 WinXP 194.212.32.208 (CONTACTEL.NET):
GTS NOVERA A.S,
KRALUPY NAD VLTAVOU, STREDOCESKY KRAJ, CZ. n/a 445 pcap raw alerts
ruleset ftp
11 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

11:10:00 Win2K-f 79.185.173.227 (TPNET.PL):
TPSA,
PL. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:11:11:00 WinXP 200.171.73.72 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

11:12:00 Win2K-f 84.135.108.143 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
COLOGNE, NORDRHEIN-WESTFALEN, DE. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 26 of 31 81a0bf5f43
NEW none[4] none:none
none|none none trace

11:12:00 WinXP 75.90.28.8 (ALLTEL.NET):
WINDSTREAM - COMMERCE,
ATHENS, GEORGIA, US. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 30 of 32 43306fc684
[Firefox: 6 hits: 12-28 to 05-05] 59fc5b2b93 [0] ASM:Graph
PolyEnE| lines=60 trace

11:13:00 WinXP 78.159.89.77 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

11:28:00 Win2K-f 89.254.244.104 (-):
JSC VOLGATELECOM,
RU. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
22 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:11:38:00 WinXP 41.210.193.226 (-):
. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 27 of 32 38965f526d
[Firefox: 2 hits: 04-27 to 05-05] none[4] none:none
none|none none trace

11:41:00 WinXP 41.210.199.1 (-):
. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:11:46:00 Win2K-f 87.12.162.9 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
LIVORNO, TOSCANA, IT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

T:11:52:00 Win2K-f 85.113.151.52 (-):
INTERCON JSC NETWORK,
RU. n/a 445 pcap raw alerts
ruleset ftp
18 lines Yeah : 0.8
profile none summary
tarball 25 of 30 8bf4df7f2c
NEW none[4] none:none
none|none none trace

11:55:00 Win2K-f 86.99.13.161 (NET.AE):
EMIRATES TELECOMMUNICATIONS CORPORATION,
DUBAI, DUBAI, AE. 211.96.97.44:7000 CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.8
profile none summary
tarball 20 of 31 af98fe0c94
[Firefox:47 hits: 04-27 to 05-07] 480d076a0a [0] ASM:Graph
ASProtect| lines=422
embedded dns trace

11:56:00 WinXP 213.76.25.202 (TPNET.PL):
TELEKOMUNIKACJA POLSKA S.A. CST,
GDANSK, POMORSKIE, PL. (DIAL) n/a DE:siliconfireware.ru
RU:www.bbin.ru
:wpad
RU:195.200.213.52:80
DE:212.227.111.29:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 a12cab51ef
[Firefox:1008 hits: 05-01 to 05-07] 40f7f463c4 [0] ASM:Graph
ASPack| lines=281
embedded dns trace

T:11:56:00 WinXP 77.253.84.216 (COM.PL):
NETIA,
PL. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

T:12:11:00 Win2K-f 93.81.112.140 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 10 of 32 639a247ece
[Firefox:24 hits: 04-28 to 05-06] 29d53eec72 [0] ASM:Graph
StarForce| lines=132 trace

T:12:13:00 WinXP 201.38.167.11 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

12:20:00 WinXP 87.60.79.215 (IP.TELE.DK):
TDC-TELEDANMARK-BREDBAANDSADSL-NET,
DK. n/a DE:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 30 of 32 a41d9d371e
[Firefox: 3 hits: 04-21 to 05-05] c2640d398b [0] ASM:Graph
PolyEnE| lines=129 trace

T:12:22:00 WinXP 88.103.112.42 (IOL.CZ):
XDSL NETWORK-ADSL,
PRAGUE, HLAVNI MESTO PRAHA, CZ. 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
25 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

12:23:00 Win2K-f 58.70.35.143 (EONET.NE.JP):
K-OPTICOM CORPORATION,
OSAKA, OSAKA, JP. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

12:26:00 Win2K-f 190.50.53.116 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 27 of 31 d204807364
NEW none[4] none:none
none|none none trace

T:12:32:00 Win2K-f 91.64.161.168 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
BERLIN, BERLIN, DE. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 22 of 31 9ecf7bf3a7
NEW 628cb0224e [0] ASM:Graph
ASProtect| lines=4 trace

T:12:35:00 WinXP 92.40.27.68 (IKBCC.COM):
EU-ZZ,
UK. 217.170.244.2:443
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
irc
27 lines Yeah : 1.8
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2587 hits: 12-31 to 05-07] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

12:35:00 WinXP 89.241.179.66 (-):
OPAL TELECOM DSL,
UK. (100Mbps) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

12:39:00 WinXP 62.61.34.161 (-):
AD-PUBLIC,
DE. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

13:00:00 Win2K-f 91.127.53.198 (T-COM.SK):
BLOCK OF DYNAMIC IPS FOR BROADBAND CUSTOMERS,
POPRAD, PRESOVSKY, SK. 211.96.97.44:7000 CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 20 of 31 af98fe0c94
[Firefox:47 hits: 04-27 to 05-07] 480d076a0a [0] ASM:Graph
ASProtect| lines=422
embedded dns trace

13:02:00 Win2K-f 85.68.152.229 (BDX.MODULONET.FR):
BORDEAUX CABLE MODEM USERS,
BORDEAUX, AQUITAINE, FR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:13:03:00 WinXP 81.246.189.69 (ISP.BELGACOM.BE):
SKYNET-ADSL,
DENDERMONDE, OOST-VLAANDEREN, BE. (DSL) 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
24 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

13:05:00 Win2K-f 79.202.212.3 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
DE. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 1.3
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

13:08:00 Win2K-f 41.210.207.220 (-):
. n/a 445 pcap raw alerts
ruleset ftp
11 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

13:09:00 WinXP 84.216.75.103 (-):
SPRAY-DIALUP-NET,
SE. n/a EU:siliconfireware.ru
GB:welcome3.smile.co.uk
:wpad
US:master-x.com
GB:195.92.84.198:80
DE:212.227.111.29:80
DE:217.11.54.126:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 a12cab51ef
[Firefox:1008 hits: 05-01 to 05-07] 40f7f463c4 [0] ASM:Graph
ASPack| lines=281
embedded dns trace

13:13:00 WinXP 85.243.16.220 (DSL.TELEPAC.PT):
PT.COM - COMUNICACOES INTERACTIVAS S.A,
AVEIRO, AVEIRO, PT. (DSL) n/a DE:proxim.ircgalaxy.pl
CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
DE:85.114.137.60:80 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 28 of 32 54b9e74b5f
NEW none[4] none:none
none|none none trace

13:16:00 WinXP 89.214.2.44 (-):
GPRS COSTUMERS,
ALMADA, SETUBAL, PT. n/a DE:proxim.ircgalaxy.pl
CZ:217.170.244.2:443
CZ:82.114.64.251:443
DE:85.114.137.60:80 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 28 of 31 b2ed8e74f3
NEW 9a1f4a83e4 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

T:13:30:00 Win2K-f 83.157.74.248 (PPP.TISCALI.FR):
TELECOM ITALIA FRANCE BROADBAND POOLS,
PARIS, ILE-DE-FRANCE, FR. (DIAL) n/a
CZ:217.170.244.2:443
CZ:82.114.90.2:443 445 pcap raw alerts
ruleset shell
ftp
111 lines Yeah : 1.3
profile none summary
tarball 29 of 29 a5ebd4c20f
[Firefox:15 hits: 09-03 to 05-05] aa077ce2e6 [0] ASM:Graph
PeCompact| lines=2094
embedded dns trace

13:31:00 Win2K-f 87.19.199.142 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
IT. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

13:39:00 WinXP 92.40.198.43 (IKBCC.COM):
EU-ZZ,
UK. 217.170.244.2:443 85.114.137.60:80 DE:proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
CZ:217.170.244.2:443
DE:85.114.137.60:80 445 pcap raw alerts
ruleset shell
shell
ftp
irc
32 lines Yeah : 1.8
profile none summary
tarball 28 of 31 b92a35e93d
NEW 2d221cfbcc [0] ASM:Graph
FSG| lines=1934
embedded dns trace

13:48:00 WinXP 62.235.150.235 (DSL.SCARLET.BE):
UNISOURCE,
HASSELT, LIMBURG, BE. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 24 of 32 8fb9548a47
[Firefox: 2 hits: 04-30 to 05-05] none[4] none:none
none|none none trace

13:48:00 Win2K-f 78.131.24.29 (-):
EMKTV BUDAPEST VLAN 06 DOCSIS,
BUDAPEST, BUDAPEST, HU. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

13:49:00 WinXP 81.242.143.184 (ISP.BELGACOM.BE):
SKYNET-ADSL,
ANTWERP, ANTWERPEN, BE. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

13:53:00 WinXP 89.214.21.165 (-):
GPRS COSTUMERS,
ALMADA, SETUBAL, PT. n/a 445 pcap raw alerts
ruleset ftp
6 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

13:55:00 Win2K-f 190.31.13.104 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:14:01:00 Win2K-f 194.212.33.48 (CONTACTEL.NET):
GTS NOVERA A.S,
CZ. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

14:04:00 Win2K-f 79.126.37.231 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 19 of 30 93282471f7
[Firefox: 9 hits: 04-28 to 05-07] 95951dee58 [0] ASM:Graph
ASProtect| lines=0 trace

14:20:00 WinXP 41.214.150.35 (-):
. 211.96.97.44:7000 CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
27 lines Yeah : 1.3
profile none summary
tarball 23 of 31 3a65749370
[Firefox: 3 hits: 05-05 to 05-07] c0e04edf74 [0] ASM:Graph
TXT2COM| lines=407
embedded dns trace

14:31:00 WinXP 85.15.254.35 (-):
ULTRACOMS-NET,
LV. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 1.3
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

T:14:41:00 Win2K-f 189.5.166.234 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
GOIâNIA, GOIáS, BR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

14:43:00 Win2K-f 41.233.181.152 (TEDATA.NET):
PROVIDER LOCAL REGISTRY,
EG. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
16 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

14:55:00 Win2K-f 91.66.125.37 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 26 of 32 24058b237a
[Firefox: 2 hits: 05-03 to 05-05] none[4] none:none
none|none none trace

15:03:00 Win2K-f 151.21.61.79 (21-151.LIBERO.IT):
FREE INTERNET DIAL-UP SERVICES,
ROME, LAZIO, IT. (DIAL) 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

15:03:00 Win2K-f 212.66.81.192 (CUST.TELE2.LU):
TELE2 LUXEMBOURG S.A,
LUXEMBOURG, LUXEMBOURG, LU. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 27 of 30 b6d843862c
NEW none[4] none:none
none|none none trace

T:15:13:00 WinXP 172.131.31.113 (AOL.COM):
AMERICA ONLINE,
RESTON, VIRGINIA, US. (DSL) n/a 135 pcap raw alerts
ruleset ftp
20 lines Yeah : 0.8
profile none summary
tarball 31 of 31 4e4f880828
NEW f51803bfc5 [0] ASM:Graph
FSG| lines=49 trace

T:15:18:00 Win2K-f 151.21.61.79 (21-151.LIBERO.IT):
FREE INTERNET DIAL-UP SERVICES,
ROME, LAZIO, IT. (DIAL) 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

15:21:00 WinXP 59.103.11.104 (-):
. n/a DE:proxim.ircgalaxy.pl
UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 30 of 32 3f5ec58a6b
[Firefox: 9 hits: 04-24 to 05-05] 4a77430a59 [0] ASM:Graph
PolyEnE| lines=70 trace

T:15:24:00 WinXP 59.103.11.104 (-):
. n/a DE:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80
DE:85.114.137.60:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 30 of 32 3f5ec58a6b
[Firefox: 9 hits: 04-24 to 05-05] 4a77430a59 [0] ASM:Graph
PolyEnE| lines=70 trace

15:25:00 Win2K-f 200.99.242.239 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

15:36:00 Win2K-f 213.48.230.23 (BLUEYONDER.CO.UK):
TELEWEST DIALUP PLATFORM,
PRESTON, ENGLAND, UK. (DIAL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

15:48:00 WinXP 89.24.54.114 (4GINTERNET.CZ):
GPRS/UMTS CUSTOMER NETWORK,
CZ. 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
25 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:16:08:00 Win2K-f 201.250.205.1 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

16:13:00 Win2K-f 82.56.118.182 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
MILANO, LOMBARDIA, IT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

16:17:00 Win2K-f 189.39.158.149 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
16 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

16:21:00 WinXP 201.250.157.203 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:16:24:00 WinXP 189.5.183.72 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
21 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:16:31:00 WinXP 190.135.184.33 (-):
. 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

16:31:00 Win2K-f 118.167.56.167 (-):
. 217.170.244.2:443
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
irc
28 lines Yeah : 1.8
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2587 hits: 12-31 to 05-07] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

16:32:00 Win2K-f 190.136.230.165 (NET.AR):
APOLO -GOLD-TELECOM-PER,
AR. 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

16:38:00 WinXP 41.233.183.4 (TEDATA.NET):
PROVIDER LOCAL REGISTRY,
EG. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
19 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

16:40:00 WinXP 189.176.43.228 (PROD-INFINITUM.COM.MX):
UNINET S.A. DE C.V,
JUAREZ, CHIHUAHUA, MX. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:16:42:00 Win2K-f 85.138.56.165 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
PT. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

16:44:00 WinXP 41.210.236.110 (-):
. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

16:49:00 Win2K-f 200.165.11.120 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

16:50:00 Win2K-f 77.54.17.201 (REV.VODAFONE.PT):
GPRS POOLS,
PT. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 9 of 32 9345b57563
[Firefox:11 hits: 12-27 to 05-07] none[4] none:none
none|none none trace

T:16:55:00 WinXP 12.73.151.41 (ATT.NET):
AT&T WORLDNET SERVICES,
MILWAUKEE, WISCONSIN, US. (DIAL) n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:2956 hits: 12-31 to 05-07] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

16:56:00 WinXP 12.73.151.41 (ATT.NET):
AT&T WORLDNET SERVICES,
MILWAUKEE, WISCONSIN, US. (DIAL) n/a UA:citi-bank.ru
US:adult-empire.com 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 19 of 29 1763adf0a8
[Firefox: 4 hits: 07-16 to 05-05] none[4] none:none
PolyEnE| none trace

17:22:00 Win2K-f 4.156.102.202 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
BOSTON, MASSACHUSETTS, US. (DIAL) n/a 445 pcap raw alerts
ruleset shell
ftp
18 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

17:45:00 Win2K-f 189.63.1.249 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

17:57:00 Win2K-f 190.9.80.44 (UNIWEB.NET.CO):
UNITEL S.A E.S.P,
CALI, VALLE DEL CAUCA, CO. n/a 445 pcap raw alerts
ruleset ftp
16 lines Yeah : 0.8
profile none summary
tarball 25 of 30 9b2502c4c5
NEW none[4] none:none
none|none none trace

T:18:05:00 Win2K-f 190.186.6.19 (COTAS.COM.BO):
COTAS LTDA,
BO. 211.96.97.44:7000 CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 20 of 31 af98fe0c94
[Firefox:47 hits: 04-27 to 05-07] 480d076a0a [0] ASM:Graph
ASProtect| lines=422
embedded dns trace

T:18:17:00 Win2K-f 190.135.150.123 (-):
. 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
23 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

18:31:00 Win2K-f 189.23.212.163 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

18:33:00 WinXP 125.192.91.158 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 29 of 31 9ab0223fe6
NEW f01d1c59cf [0] ASM:Graph
none|none lines=59 trace

T:18:38:00 Win2K-f 41.210.232.80 (-):
. n/a DE:proxim.ircgalaxy.pl
CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 28 of 32 195cff1d64
NEW none[4] none:none
none|none none trace

18:50:00 Win2K-f 124.43.34.91 (-):
INTERNET SERVICE PROVIDER IN SRI LANKA,
LK. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
17 lines Yeah : 0.8
profile none summary
tarball 21 of 30 6bd16b7a95
[Firefox: 2 hits: 05-05 to 05-06] none[4] none:none
none|none none trace

19:00:00 WinXP 201.212.179.217 (NET.AR):
PRIMA S.A,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:19:09:00 Win2K-f 189.23.212.163 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

19:09:00 WinXP 201.236.234.107 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

19:11:00 WinXP 190.135.150.123 (-):
. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

19:13:00 Win2K-f 189.7.166.81 (VIRTUA.COM.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

19:15:00 Win2K-f 200.89.144.170 (COM.AR):
CABLEVISION S.A,
BUENOS AIRES, BUENOS AIRES, AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

19:34:00 WinXP 85.241.165.125 (DSL.TELEPAC.PT):
PT.COM - COMUNICACOES INTERACTIVAS S.A,
AVEIRO, AVEIRO, PT. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

19:42:00 WinXP 61.124.211.42 (INFOWEB.NE.JP):
INFOWEB(FUJITSU LTD.),
TOKYO, TOKYO, JP. (DIAL) n/a RU:moscow-advokat.ru
:gaspode.zanet.org.za
SE:broadway.ny.us.dal.net
SE:qis.md.us.dal.net
NO:london.uk.eu.undernet.org
NL:diemen.nl.eu.undernet.org
SE:ozbytes.dal.net 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:1274 hits: 12-31 to 05-07] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

19:53:00 Win2K-f 200.175.106.115 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:20:13:00 WinXP 190.92.21.107 (-):
CABLECOLOR S.A,
TEGUCIGALPA, FRANCISCO MORAZAN, HN. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

20:35:00 Win2K-f 75.63.169.140 (SBCGLOBAL.NET):
PPPOX POOL - BRAS6.STLSMO,
SOUTH FORK, MISSOURI, US. (DSL) n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
18 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2587 hits: 12-31 to 05-07] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

T:20:39:00 Win2K-f 201.214.74.125 (VTR.NET):
VTR BANDA ANCHA S.A,
PATERSON, NEW JERSEY, US. n/a 445 pcap raw alerts
ruleset other
8 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

20:48:00 Win2K-f 189.48.15.181 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a CN:hail.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

20:50:00 WinXP 85.174.4.85 (RUNEXT.COM):
PROVIDER LOCAL REGISTRY,
RU. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

21:05:00 Win2K-f 189.48.142.20 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

21:06:00 Win2K-f 117.1.185.39 (ADSL.VIETTEL.VN):
VIETEL CORPORATION,
HANOI, HA NOI, VN. n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 27 of 31 cf827b3059
NEW 4987c90660 [0] ASM:Graph
none|none lines=411
embedded dns trace

21:07:00 WinXP 201.170.4.55 (TELNOR.NET):
TELEFONOS DEL NOROESTE S.A. DE C.V,
MX. 211.96.97.44:7000 CN:scorti1.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
23 lines Yeah : 1.3
profile none summary
tarball 13 of 32 53123fadcc
[Firefox:35 hits: 01-26 to 05-07] none[4] none:none
none|none none trace

T:21:11:00 Win2K-f 219.95.209.227 (TM.NET.MY):
ADSL-STREAMYX-TMNET,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:21:15:00 WinXP 216.68.38.140 (FUSE.NET):
FUSE INTERNET ACCESS,
CINCINNATI, OHIO, US. n/a DE:siliconfireware.ru
US:searchportal.information.com
:wpad
US:spi.domainsponsor.com
:landdev1.lap.internal
US:208.73.212.12:80
DE:217.11.54.126:80 445 pcap raw alerts
ruleset http
http
http
7 lines Yeah : 0.8
profile none summary
tarball 23 of 31 050e40db58
NEW none[4] none:none
ASPack| none trace

21:33:00 WinXP 67.150.174.9 (MDSG-PACWEST.COM):
PAC-WEST MANAGED MODEM NAS POOL,
LOS ANGELES, CALIFORNIA, US. n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 29 of 29 476f161838
[Firefox: 4 hits: 09-08 to 05-05] fae7a2a270 [0] ASM:Graph
PolyEnE| lines=68 trace

21:35:00 Win2K-f 125.233.97.161 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

21:40:00 WinXP 116.75.9.204 (JWS.COM):
HATHWAY IP OVER CABLE INTERNET ACCESS SERVICE,
IN. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 27 of 31 05f92b3186
NEW none[4] none:none
none|none none trace

21:43:00 Win2K-f 122.126.3.248 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

21:44:00 WinXP 200.117.172.50 (NET.AR):
APOLO -GOLD-TELECOM-PER,
SAN ISIDRO, BUENOS AIRES, AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:22:02:00 WinXP 218.169.226.60 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
21 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

22:50:00 Win2K-f 72.175.145.155 (BRESNAN.NET):
BRESNAN COMMUNICATIONS LLC,
PURCHASE, NEW YORK, US. n/a DE:proxim.ircgalaxy.pl
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 28 of 31 f6a904d6fd
NEW 843d9d5131 [0] ASM:Graph
none|none lines=411
embedded dns trace

22:58:00 WinXP 71.115.102.202 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
PLANO, TEXAS, US. (DSL) n/a RU:moscow-advokat.ru
RU:irc.tsk.ru
:caen.fr.eu.undernet.org
:los-angeles.ca.us.undernet.org
US:lia.zanet.net
:irc.kar.net 445 pcap raw alerts
ruleset other
0 lines Yeah : 1.3
profile none summary
tarball 29 of 29 492957db81
[Firefox:66 hits: 05-01 to 05-05] 064e4d7742 [0] ASM:Graph
PolyEnE| lines=69
embedded dns trace

23:03:00 Win2K-f 203.213.57.36 (TPGI.COM.AU):
TPG INTERNET PTY LTD,
SYDNEY, NEW SOUTH WALES, AU. n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

23:18:00 Win2K-f 87.103.216.63 (KUZBASS.NET):
ALLOCATION FOR KEMEROVO REGIONAL BRANCH OF THE JSC SIBIRTELECOM,
KEMEROVO, KEMEROVSKAYA OBLAST', RU. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 9 of 32 9345b57563
[Firefox:11 hits: 12-27 to 05-07] none[4] none:none
none|none none trace

23:23:00 Win2K-f 79.185.189.171 (TPNET.PL):
TPSA,
PL. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

23:24:00 Win2K-f 87.16.173.54 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
CALTANISSETTA, SICILIA, IT. 211.96.97.44:7000 CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
23 lines Yeah : 1.8
profile none summary
tarball 18 of 32 b4ad631671
[Firefox: 5 hits: 04-29 to 05-05] 5890f017cc [0] ASM:Graph
StarForce| lines=28 trace

23:30:00 Win2K-f 60.48.32.179 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

23:31:00 WinXP 117.200.54.76 (-):
. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 23 of 32 a4b5c44a74
NEW none[4] none:none
none|none none trace

23:46:00 Win2K-f 92.112.117.40 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a 445 pcap raw alerts
ruleset other
0 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:23:50:00 Win2K-f 217.202.99.110 (-):
TELECOM ITALIA MOBILE,
IT. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
21 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2587 hits: 12-31 to 05-07] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

23:51:00 WinXP 125.162.100.56 (-):
TLKM_D1_BB_SPEEDY_PG,
PALEMBANG, SUMATERA SELATAN, ID. n/a 445 pcap raw alerts
ruleset ftp
18 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

23:52:00 WinXP 92.113.94.220 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 211.96.97.44:7000 CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
21 lines Yeah : 1.3
profile none summary
tarball 21 of 31 c1f12e0109
[Firefox:10 hits: 04-28 to 05-07] none[4] none:none
none|none none trace

T:23:54:00 Win2K-f 77.42.27.26 (VICENZAWIRELESS.COM):
E4A,
IT. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

23:54:00 Win2K-f 118.100.132.167 (-):
. 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
24 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

23:54:00 WinXP 87.174.200.36 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
LANDSBERG AM LECH, BAYERN, DE. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 23 of 31 910d190921
[Firefox: 3 hits: 05-03 to 05-05] none[4] none:none
none|none none trace