Multiperspective Malware Analysis Page

Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

06 May 2008
<prev> <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]

Time
Victim
OS
Infection
Source
C&C
Server
DNS Lookups &
Failed Connects Infection
Port
Packet
Trace
Detection
Signatures
Infection
Chatter
BotHunter
Analysis
Behavioral
Cluster
Forensic
Logs
Antivirus
Labels
Packed Malware_Binary Unpacked egg.exe
Unpacked egg.asm
Packer PEID
Data Strings
Syscall Trace

00:18:00 Win2K-f 82.137.19.85 (RDSNET.RO):
TEREZVAROS CABLE TELEVISION LTD,
BUDAPEST, BUDAPEST, HU. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

00:23:00 Win2K-f 117.74.123.60 (-):
CN. n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:00:25:00 Win2K-f 41.234.20.225 (TEDATA.NET):
PROVIDER LOCAL REGISTRY,
EG. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

00:29:00 WinXP 41.214.129.81 (-):
. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

00:30:00 Win2K-f 78.57.120.213 (ZEBRA.LT):
LIETUVOS,
VILNIUS, VILNIAUS APSKRITIS, LT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

00:34:00 WinXP 116.206.54.219 (-):
MOBIF WIRELESS BROADBAND SDN. BHD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:00:34:00 WinXP 88.56.85.68 (BUSINESS.TELECOMITALIA.IT):
INTERBUSINESS,
ROME, LAZIO, IT. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 12 of 30 76b4ab852e
[Firefox:29 hits: 04-29 to 05-07] none[4] none:none
none|none none trace

T:00:36:00 Win2K-f 80.243.38.51 (KM3.DE):
KM3 TELEDIENST CABLEMODEMS,
DE. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 12 of 30 76b4ab852e
[Firefox:29 hits: 04-29 to 05-07] none[4] none:none
none|none none trace

T:00:36:00 Win2K-f 81.211.127.179 (SPB.RU):
SOVINTEL-MP1-SPB-POOL,
RU. (DIAL) n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 20 of 31 af98fe0c94
[Firefox:47 hits: 04-27 to 05-07] 480d076a0a [0] ASM:Graph
ASProtect| lines=422
embedded dns trace

00:52:00 WinXP 91.64.183.226 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 27 of 31 1881995236
NEW none[4] none:none
StarForce| none trace

00:53:00 WinXP 124.43.248.192 (-):
INTERNET SERVICE PROVIDER IN SRI LANKA,
COLOMBO, CENTRAL, LK. (DIAL) n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

01:00:00 Win2K-f 92.47.83.106 (IKBCC.COM):
EU-ZZ,
UK. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 16 of 30 254cceafc9
NEW 474a9f7196 [0] ASM:Graph
ASProtect| lines=428
embedded dns trace

01:07:00 Win2K-f 89.146.172.99 (NET.BA):
BRAS PPPOE POOL UPGRADE,
SARAJEVO, FEDERATION OF BOSNIA AND HERZEGOVINA, BA. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 20 of 31 af98fe0c94
[Firefox:47 hits: 04-27 to 05-07] 480d076a0a [0] ASM:Graph
ASProtect| lines=422
embedded dns trace

01:20:00 Win2K-f 85.70.44.95 (IOL.CZ):
XDSL NETWORK-ADSL,
PRAGUE, HLAVNI MESTO PRAHA, CZ. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

01:39:00 Win2K-f 213.63.200.41 (NET.ARTELECOM.PT):
ARTELECOM,
PT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 1.3
profile none summary
tarball 15 of 31 a973fc1184
[Firefox: 2 hits: 05-02 to 05-06] none[2] none:none
none|none none trace

T:01:40:00 WinXP 70.65.193.39 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
LETHBRIDGE, ALBERTA, CA. (DSL) n/a DE:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80
DE:85.114.137.60:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 30 of 32 0c74913012
NEW 29d969a15e [0] ASM:Graph
PolyEnE| lines=76 trace

01:50:00 Win2K-f 92.3.145.149 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

01:51:00 WinXP 77.241.142.158 (DATA.3.DK):
3 CUSTOMER DYNAMIC ADDRESS POOL,
DK. n/a 445 pcap raw alerts
ruleset shell
ftp
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:01:51:00 Win2K-f 85.94.254.195 (WWW.MOSKITO.LU):
LUXCOMMUNICATIONS,
LU. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 12 of 30 76b4ab852e
[Firefox:29 hits: 04-29 to 05-07] none[4] none:none
none|none none trace

01:53:00 Win2K-f 61.231.40.203 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. (100Mbps) n/a
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 29 of 29 4a96c36552
[Firefox: 8 hits: 07-15 to 05-06] 0816671a99 [0] ASM:Graph
none|none lines=1969
embedded dns trace

02:01:00 Win2K-f 78.172.136.201 (-):
TT ADSL-HUWAEI TTNET DYNAMIC_ACI,
ANKARA, ANKARA, TR. n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 28 of 31 4d2be535ec
NEW 46108e8e2d [0] ASM:Graph
ASPack| lines=470
embedded dns trace

02:04:00 Win2K-f 78.96.76.190 (ASTRAL.RO):
ASTRAL TELECOM SA,
RO. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

02:14:00 WinXP 91.124.158.0 (UKRTEL.NET):
UKRTELECOM,
BROVARY, KYYIVS'KA OBLAST', UA. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

02:15:00 WinXP 88.156.90.162 (VECTRANET.PL):
NETWORK IN BIALYSTOK GDYNIA SKIERNIEWICE KOSCIERZYNA BELCHATOW,
'S-HERTOGENBOSCH, NOORD-BRABANT, NL. n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

02:17:00 Win2K-f 212.200.178.238 (ODISEJ-VRRPP.TELEKOM.YU):
TELEKOM SRBIJA,
CS. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
17 lines Yeah : 0.8
profile none summary
tarball 21 of 31 c1f12e0109
[Firefox:10 hits: 04-28 to 05-07] none[4] none:none
none|none none trace

02:23:00 Win2K-f 213.238.80.245 (INETIA.PL):
NETIA SA ADSL NETWORK,
KATOWICE, SLASKIE, PL. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

02:29:00 WinXP 81.215.254.240 (TTNET.NET.TR):
ADSL-MET-IZMIR-DYNAMIC POOL,
IZMIR, IZMIR, TR. (DSL) n/a DE:proxim.ircgalaxy.pl
CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
DE:85.114.137.60:80 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 27 of 31 e376398720
NEW none[4] none:none
none|none none trace

T:02:45:00 Win2K-f 194.246.107.46 (DATACOMSA.PL):
DATACOM S.A,
PL. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

02:47:00 WinXP 89.104.30.62 (BNET.AT):
B.NET BURGENLAND TELEKOM GMBH,
GRAZ, STEIERMARK, AT. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
17 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

02:52:00 Win2K-f 62.162.76.16 (-):
MOBI IP SUBNET,
OHRID, OHRID, MK. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 20 of 31 03d714d33d
[Firefox: 2 hits: 05-06 to 05-06] none[4] none:none
none|none none trace

02:56:00 WinXP 89.24.253.219 (4GINTERNET.CZ):
RADIOMOBIL,
CZ. n/a 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

02:57:00 Win2K-f 122.21.225.167 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

03:08:00 Win2K-f 60.54.37.112 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

03:08:00 WinXP 92.113.79.83 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 31 c1f12e0109
[Firefox:10 hits: 04-28 to 05-07] none[4] none:none
none|none none trace

03:16:00 WinXP 125.228.41.154 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

03:16:00 WinXP 78.8.107.248 (NET.PL):
DIALOG,
WROCLAW, DOLNOSLASKIE, PL. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:03:24:00 Win2K-f 117.195.18.137 (-):
. 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:03:33:00 WinXP 89.43.148.99 (TVSATRM.RO):
SC TV SAT 2002 SRL,
BUZAU, BUZAU, RO. 211.96.97.44:7000 DE:proxim.ircgalaxy.pl
CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 27 of 31 1523406fa9
NEW none[4] none:none
none|none none trace

03:41:00 Win2K-f 82.207.11.88 (UKRTEL.NET):
UKRTELNET,
UA. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 20 of 31 af98fe0c94
[Firefox:47 hits: 04-27 to 05-07] 480d076a0a [0] ASM:Graph
ASProtect| lines=422
embedded dns trace

T:03:42:00 WinXP 91.65.138.154 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 27 of 30 1021fe5610
NEW 587e6b49c8 [0] ASM:Graph
ASProtect| lines=423
embedded dns trace

T:03:53:00 Win2K-f 82.137.19.85 (RDSNET.RO):
TEREZVAROS CABLE TELEVISION LTD,
BUDAPEST, BUDAPEST, HU. n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 26 of 30 f914515fdd
NEW none[4] none:none
none|none none trace

T:04:02:00 WinXP 124.43.58.123 (-):
INTERNET SERVICE PROVIDER IN SRI LANKA,
LK. 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
24 lines Yeah : 1.8
profile none summary
tarball 21 of 30 6bd16b7a95
[Firefox: 2 hits: 05-05 to 05-06] none[4] none:none
none|none none trace

04:03:00 WinXP 190.50.208.213 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

04:06:00 WinXP 41.236.35.107 (TEDATA.NET):
PROVIDER LOCAL REGISTRY,
EG. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:04:12:00 Win2K-f 201.94.168.61 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:04:17:00 Win2K-f 190.51.62.49 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
21 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

04:24:00 WinXP 124.154.18.31 (NTTPC.NE.JP):
INFOSPHERE (NTTPC COMMUNICATIONS INC.),
JP. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 27 of 31 bdfea2fcbe
NEW 80aeea81b0 [0] ASM:Graph
StarForce| lines=132 trace

04:28:00 WinXP 89.180.176.163 (NET.NOVIS.PT):
IPGLOBAL,
LISBON, LISBOA, PT. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 20 of 31 af98fe0c94
[Firefox:47 hits: 04-27 to 05-07] 480d076a0a [0] ASM:Graph
ASProtect| lines=422
embedded dns trace

04:31:00 Win2K-f 89.218.220.40 (ADSL.ONLINE.KZ):
KAZAKHTELECOM DATA NETWORK ADMINISTRATION,
KZ. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

04:41:00 Win2K-f 122.120.211.227 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
16 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

04:44:00 WinXP 88.156.84.113 (VECTRANET.PL):
NETWORK IN BIALYSTOK GDYNIA SKIERNIEWICE KOSCIERZYNA BELCHATOW,
'S-HERTOGENBOSCH, NOORD-BRABANT, NL. 72.10.172.218:9283 CA:munirah.nagitiriheiwu.net
CA:abc.ihshsd8.com
CA:72.10.169.26:80
CA:72.10.172.218:3029 445 pcap raw alerts
ruleset ftp
irc
21 lines Yeah : 1.3
profile none summary
tarball 28 of 32 39b81ab576
[Firefox: 3 hits: 05-02 to 05-06] 7b8b096e8e [0] ASM:Graph
EXECrypto| line=1 trace

04:53:00 WinXP 79.113.153.133 (RDSNET.RO):
RDS,
BUCHAREST, BUCURESTI, RO. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 22 of 31 2cf72f62c6
[Firefox: 3 hits: 05-02 to 05-06] none[4] none:none
none|none none trace

04:56:00 Win2K-f 87.204.92.244 (COM.PL):
NETIA,
PL. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:05:03:00 Win2K-f 79.138.179.115 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

05:08:00 Win2K-f 212.45.75.136 (ISTAR-LINK.COM):
ISTAR LINK COSTUMERS IN SILISTRA,
BG. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

05:23:00 Win2K-f 60.51.113.213 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
MALACCA, MELAKA, MY. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

05:25:00 Win2K-f 78.8.84.188 (NET.PL):
DIALOG,
WROCLAW, DOLNOSLASKIE, PL. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

05:28:00 WinXP 122.52.69.190 (PLDT.NET):
IPG,
PH. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:05:32:00 Win2K-f 200.89.144.170 (COM.AR):
CABLEVISION S.A,
BUENOS AIRES, BUENOS AIRES, AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:05:35:00 Win2K-f 78.57.85.200 (ZEBRA.LT):
LIETUVOS,
VILNIUS, VILNIAUS APSKRITIS, LT. n/a CN:hail.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

05:40:00 Win2K-f 92.8.53.227 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:05:44:00 WinXP 124.13.86.34 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
MY. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:05:52:00 WinXP 217.23.200.150 (RSKOMING.NET):
KOMTEL D.O.O. - RSKOMING.NET,
GRADISKA, REPUBLIKA SRPSKA, BA. (100Mbps) 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
25 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

05:55:00 WinXP 190.68.162.13 (TELECOM.COM.CO):
COLOMBIA TELECOMUNICACIONES S.A. ESP,
CO. 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
25 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

05:57:00 WinXP 87.229.38.203 (SAGHYSAT.HU):
SAGHYSAT-DUNASZEKCSO,
HU. 211.96.97.44:7000 DE:proxima.ircgalaxy.pl
CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 29 of 31 79560e1553
NEW none[4] none:none
none|none none trace

T:06:07:00 Win2K-f 90.155.138.35 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
21 lines Yeah : 1.3
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

06:07:00 Win2K-f 117.199.112.161 (-):
. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

06:11:00 WinXP 88.0.119.12 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
MADRID, MADRID, ES. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

06:23:00 Win2K-f 125.232.74.21 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a 445 pcap raw alerts
ruleset shell
3 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

06:24:00 WinXP 190.48.222.202 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 23 of 31 14ef234ad3
[Firefox: 7 hits: 04-29 to 05-07] none[4] none:none
none|none none trace

T:06:27:00 Win2K-f 78.130.87.188 (REV.OPTIMUS.PT):
OPTIMUS TELECOMUNICAGUES S.A,
PT. n/a DE:proxim.ircgalaxy.pl
CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 28 of 32 867a214b24
NEW none[4] none:none
none|none none trace

T:06:34:00 Win2K-f 77.209.124.232 (AIRTEL.NET):
VODAFONE ESPANA S.A,
ES. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 12 of 32 d94d21fc29
[Firefox: 4 hits: 12-28 to 05-06] 9deff996b5 [0] ASM:Graph
ASProtect| lines=423
embedded dns trace

06:40:00 Win2K-f 61.228.152.55 (PRESTONAUTO.COM):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
20 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2587 hits: 12-31 to 05-07] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

06:49:00 Win2K-f 194.228.76.135 (IOL.CZ):
DIAL-IN NETWORK,
PRAGUE, HLAVNI MESTO PRAHA, CZ. (DIAL) n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
18 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2587 hits: 12-31 to 05-07] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

07:03:00 Win2K-f 92.112.30.151 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 20 of 32 fd0bf48a75
[Firefox: 7 hits: 04-28 to 05-07] none[3] none:none
ASProtect| none trace

07:05:00 WinXP 207.203.96.217 (BELLSOUTH.NET):
BELLSOUTH.NET INC,
DECATUR, MISSISSIPPI, US. 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

T:07:12:00 WinXP 92.11.194.8 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 28 of 31 efd8da3c6e
NEW none[4] none:none
none|none none trace

T:07:22:00 WinXP 85.35.202.115 (BUSINESS.TELECOMITALIA.IT):
COMUNEDIPALMAMONTECHIARO,
IT. (100Mbps) n/a DE:proxima.ircgalaxy.pl
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 1.3
profile none summary
tarball 31 of 32 02d323380b
[Firefox: 3 hits: 10-23 to 05-06] none[4] none:none
none|none none trace

07:28:00 WinXP 190.49.20.54 (COM.AR):
TELEFONICA DE ARGENTINA,
CIPOLLETTI, NEUQUEN, AR. n/a DE:proxim.ircgalaxy.pl
CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
DE:85.114.137.60:80 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 27 of 31 75e3565fdc
NEW none[4] none:none
none|none none trace

T:07:31:00 WinXP 79.115.86.78 (RDSNET.RO):
RDS,
BUCHAREST, BUCURESTI, RO. n/a DE:proxim.ircgalaxy.pl
RU:moscow-advokat.ru
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 30 of 31 62258fc1b9
[Firefox: 3 hits: 05-04 to 05-06] 673798df40 [0] ASM:Graph
PolyEnE| lines=154
embedded dns trace

07:33:00 WinXP 79.115.86.78 (RDSNET.RO):
RDS,
BUCHAREST, BUCURESTI, RO. n/a DE:proxim.ircgalaxy.pl
RU:moscow-advokat.ru
RU:194.6.222.11:6667
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 30 of 31 62258fc1b9
[Firefox: 3 hits: 05-04 to 05-06] 673798df40 [0] ASM:Graph
PolyEnE| lines=154
embedded dns trace

07:41:00 Win2K-f 189.90.176.230 (-):
. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
16 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

07:51:00 Win2K-f 90.133.93.19 (SWIP.NET):
SWIPNET,
SE. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
20 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

07:52:00 Win2K-f 88.9.90.160 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
ES. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:07:56:00 WinXP 190.50.112.80 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
22 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

07:57:00 Win2K-f 92.236.1.222 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

07:59:00 WinXP 91.124.23.57 (UKRTEL.NET):
UKRTELECOM,
BROVARY, KYYIVS'KA OBLAST', UA. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:07:59:00 Win2K-f 92.12.156.125 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. 85.114.137.60:80 DE:proxim.ircgalaxy.pl
CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
16 lines Yeah : 1.3
profile none summary
tarball 28 of 31 89193031d2
[Firefox: 4 hits: 05-04 to 05-06] none[4] none:none
none|none none trace

T:08:05:00 WinXP 70.182.242.126 (COX.NET):
COX COMMUNICATIONS,
GREAT BEND, KANSAS, US. n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:2956 hits: 12-31 to 05-07] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

08:09:00 WinXP 70.182.242.126 (COX.NET):
COX COMMUNICATIONS,
GREAT BEND, KANSAS, US. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:2956 hits: 12-31 to 05-07] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:08:10:00 WinXP 221.251.49.172 (UCOM.NE.JP):
TK,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 0.8
profile none summary
tarball 31 of 32 741e3b03b3
[Firefox:25 hits: 09-28 to 05-07] e0197e8a64 [0] ASM:Graph
none|none lines=62 trace

08:16:00 Win2K-f 122.26.172.186 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
21 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

08:23:00 Win2K-f 89.24.71.230 (4GINTERNET.CZ):
GPRS/UMTS CUSTOMER NETWORK,
PRAGUE, HLAVNI MESTO PRAHA, CZ. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 10 of 32 639a247ece
[Firefox:24 hits: 04-28 to 05-06] 29d53eec72 [0] ASM:Graph
StarForce| lines=132 trace

08:24:00 Win2K-f 79.23.57.39 (SRC.ORG):
TELECOM ITALIA NET,
ROME, LAZIO, IT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

08:31:00 Win2K-f 88.66.250.210 (ARCOR-IP.NET):
ARCOR-DSL-NET,
DE. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 27 of 31 e37555c26e
[Firefox: 2 hits: 05-06 to 05-07] none[4] none:none
Xtreme-Pr| none trace

08:35:00 WinXP 91.66.101.222 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. 211.96.97.44:7000 CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 28 of 31 57802172a4
[Firefox: 2 hits: 05-03 to 05-06] 638ec51ab7 [0] ASM:Graph
ASProtect| lines=439
embedded dns trace

08:39:00 WinXP 89.109.29.155 (MTS-NN.RU):
NETWORK FOR VPDN SESSION TERMINATIONS ON UAC`S FOR,
RU. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
26 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:08:44:00 WinXP 91.90.218.50 (PTVTELECOM.COM):
PROCONO S.A,
CóRDOBA, ANDALUCIA, ES. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 23 of 31 40803c27ae
NEW ee3395ef30 [0] none:none
ASPack| none trace

T:08:50:00 Win2K-f 151.54.112.101 (38-151.NET24.IT):
IUNET-BNET,
PERUGIA, UMBRIA, IT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

T:08:51:00 Win2K-f 116.75.167.45 (JWS.COM):
HATHWAY IP OVER CABLE INTERNET ACCESS SERVICE,
IN. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
16 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

09:02:00 WinXP 87.12.134.36 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
PALERMO, SICILIA, IT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

09:07:00 Win2K-f 92.46.21.203 (IKBCC.COM):
EU-ZZ,
UK. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 20 of 31 af98fe0c94
[Firefox:47 hits: 04-27 to 05-07] 480d076a0a [0] ASM:Graph
ASProtect| lines=422
embedded dns trace

09:08:00 Win2K-f 89.136.96.125 (-):
ASTRAL SUCEAVA,
RO. n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 28 of 31 fa0359dfff
NEW none[4] none:none
none|none none trace

09:08:00 WinXP 79.7.197.206 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA NET,
ROME, LAZIO, IT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:09:12:00 Win2K-f 218.171.248.106 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 27 of 31 d349189ee2
NEW none[4] none:none
none|none none trace

09:12:00 Win2K-f 87.103.217.124 (KUZBASS.NET):
ALLOCATION FOR KEMEROVO REGIONAL BRANCH OF THE JSC SIBIRTELECOM,
BARNAUL, ALTAYSKIY KRAY, RU. (DIAL) n/a DE:proxim.ircgalaxy.pl
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 23 of 28 46dbeecaf1
NEW none[4] none:none
none|none none trace

T:09:15:00 Win2K-f 116.75.9.42 (JWS.COM):
HATHWAY IP OVER CABLE INTERNET ACCESS SERVICE,
IN. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
20 lines Yeah : 1.3
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

T:09:21:00 WinXP 86.8.86.88 (NTL.COM):
NTLI,
LINCOLN, ENGLAND, UK. 85.114.137.60:80 DE:proxim.ircgalaxy.pl
DE:85.114.137.60:80 445 pcap raw alerts
ruleset http
irc
50 lines Yeah : 1.3
profile none summary
tarball 28 of 31 f58222344f
[Firefox: 9 hits: 12-31 to 05-06] 2a56436a64 [0] ASM:Graph
PolyEnE| lines=265
embedded dns trace

09:22:00 Win2K-f 122.126.143.203 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:09:32:00 WinXP 66.50.0.143 (PRTC.NET):
PRTC RAS,
SAN JUAN, PUERTO RICO, PR. n/a DE:proxim.ircgalaxy.pl
UA:citi-bank.ru
DE:85.114.137.60:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 31 of 32 7ef46e4e16
[Firefox:13 hits: 11-28 to 05-06] ef2e743fd2 [0] ASM:Graph
PolyEnE| lines=74 trace

09:33:00 WinXP 117.194.96.221 (-):
. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

09:34:00 WinXP 66.50.0.143 (PRTC.NET):
PRTC RAS,
SAN JUAN, PUERTO RICO, PR. n/a DE:proxim.ircgalaxy.pl
UA:citi-bank.ru
DE:kidos-bank.ru
UA:194.54.90.246:80
DE:85.114.137.60:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 31 of 32 7ef46e4e16
[Firefox:13 hits: 11-28 to 05-06] ef2e743fd2 [0] ASM:Graph
PolyEnE| lines=74 trace

T:09:35:00 Win2K-f 62.5.164.84 (-):
MTU-CUST-2EEA,
MOSCOW, MOSKVA, RU. (100Mbps) 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
25 lines Yeah : 1.3
profile none summary
tarball 12 of 31 6a08d9e276
[Firefox: 2 hits: 05-06 to 05-07] none[4] none:none
none|none none trace

09:36:00 Win2K-f 60.50.243.90 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

09:44:00 WinXP 78.61.225.43 (ZEBRA.LT):
LIETUVOS,
LT. n/a DE:proxim.ircgalaxy.pl
CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 26 of 31 82d7a8cb3b
NEW none[4] none:none
none|none none trace

T:09:48:00 WinXP 62.162.76.16 (-):
MOBI IP SUBNET,
OHRID, OHRID, MK. 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
23 lines Yeah : 1.3
profile none summary
tarball 20 of 31 03d714d33d
[Firefox: 2 hits: 05-06 to 05-06] none[4] none:none
none|none none trace

09:58:00 WinXP 124.82.14.222 (TM.NET.MY):
TM ADSL SERVICE PROVIDER MALAYSIA,
SHAH ALAM, SELANGOR, MY. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

10:15:00 Win2K-f 193.110.61.121 (HDSNET.HU):
TEREZVAROS CABLE TELEVISION LTD,
BUDAPEST, BUDAPEST, HU. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
20 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

10:17:00 Win2K-f 88.244.90.57 (TTNET.NET.TR):
TT ADSL-ALCATEL DYNAMIC_ACI,
ISTANBUL, ISTANBUL, TR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:10:18:00 WinXP 212.171.128.170 (POOL212171.INTERBUSINESS.IT):
TELECOM ITALIA S.P.A,
BRESCIA, LOMBARDIA, IT. n/a DE:siliconfireware.ru
US:searchportal.information.com
:wpad
US:208.73.212.12:80 445 pcap raw alerts
ruleset http
http
http
3 lines Yeah : 0.8
profile none summary
tarball 29 of 29 df17a625ee
[Firefox:438 hits: 05-04 to 05-06] none[3] none:none
ASPack| none trace

10:18:00 WinXP 151.54.112.101 (38-151.NET24.IT):
IUNET-BNET,
PERUGIA, UMBRIA, IT. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

10:19:00 Win2K-f 89.203.162.61 (STARCOMWORLDWIDE.CZ):
CD-TELEMATIKA A.S,
CZ. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 12 of 30 76b4ab852e
[Firefox:29 hits: 04-29 to 05-07] none[4] none:none
none|none none trace

10:24:00 WinXP 82.232.75.50 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:10:25:00 Win2K-f 92.12.246.164 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. 85.114.137.60:80 211.96.97.44:7000 DE:proxim.ircgalaxy.pl
CN:hail.dns2go.com
CN:scorti1.dns2go.com
DE:dl2.teenpassage.com
IL:ymq.a1001186.wrs.mcboo.com
IL:194.90.224.86:80
CN:211.96.97.44:7000
DE:85.114.137.60:80 445 pcap raw alerts
ruleset ftp
irc
http
59 lines Yeah : 1.3
profile none summary
tarball 28 of 31
23 of 31 89193031d2
[Firefox: 4 hits: 05-04 to 05-06]
d22b35f1b8
[Firefox: 2 hits: 05-06 to 05-06] none[4]
d22b35f1b8[1] none:none
ASM:Graph
none|none
FSG| none
lines=6 trace
trace

T:10:28:00 WinXP 206.82.88.197 (ALLTEL.NET):
ALLTEL DIAL POOL LIVE OAK FL,
LIVE OAK, FLORIDA, US. n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:2956 hits: 12-31 to 05-07] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:10:31:00 Win2K-f 79.184.215.215 (TPNET.PL):
TPSA,
PL. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

10:34:00 WinXP 91.37.73.244 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
DE. (DIAL) 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 28 of 32 a4da27f5aa
[Firefox: 2 hits: 05-05 to 05-06] none[4] none:none
none|none none trace

10:41:00 Win2K-f 77.241.141.184 (-):
HI3GACCESS,
SE. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

10:45:00 Win2K-f 79.10.217.12 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA NET,
ROME, LAZIO, IT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
16 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:10:46:00 Win2K-f 79.35.4.72 (SRC.ORG):
TELECOM ITALIA NET,
ROME, LAZIO, IT. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

10:56:00 Win2K-f 85.96.201.158 (TTNET.NET.TR):
ADSL-ALC-GAYRETTEPE-STATIC POOL,
KONYA, NIGDE, TR. (DSL) n/a DE:proxim.ircgalaxy.pl
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 27 of 31 ee2f534e24
NEW e65d4881f4 [0] ASM:Graph
ASPack| lines=410
embedded dns trace

10:58:00 Win2K-f 151.59.209.229 (38-151.NET24.IT):
IUNET-BNET,
IT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

10:59:00 WinXP 68.144.97.78 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. (DSL) 69.50.208.3:51115 US:freee.najd.us 139 pcap raw alerts
ruleset ftp
irc
31 lines Yeah : 1.3
profile none summary
tarball 12 of 32 0cb86518c1
[Firefox: 5 hits: 04-23 to 05-06] f1b2b159da [0] ASM:Graph
ASPack| lines=0 trace

T:10:59:00 WinXP 212.10.168.237 (REV.STOFANET.DK):
TELIA STOFA A/S,
HJøRRING, NORDJYLLAND, DK. 69.50.209.31:51115 US:freee.najd.us 139 pcap raw alerts
ruleset ftp
irc
31 lines Yeah : 1.3
profile none summary
tarball 12 of 32 4dd70453aa
[Firefox:11 hits: 04-21 to 05-06] f1b2b159da [0] ASM:Graph
ASPack| lines=0 trace

T:11:06:00 WinXP 88.177.171.184 (PROXAD.NET):
PROXAD / FREE SAS,
FR. 69.50.208.3:51115 US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
irc
19 lines Yeah : 1.3
profile none summary
tarball 29 of 31 2ac741a4d2
NEW 901e9570a2 [0] ASM:Graph
none|none lines=13 trace

11:10:00 Win2K-f 213.98.215.93 (RIMA-TDE.NET):
TELEFONICA DE ESPANA SAU (NCC#2001015139),
BARCELONA, CATALUñA, ES. 85.114.137.60:65520 CN:scorti1.dns2go.com
DE:proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
CN:211.96.97.44:7000
DE:85.114.137.60:65520
DE:85.114.143.2:80 139 pcap raw alerts
ruleset irc
3 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:11:11:00 Win2K-f 24.67.45.160 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
LETHBRIDGE, ALBERTA, CA. (DSL) n/a US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 10 of 32 5462cc1bde
[Firefox: 5 hits: 04-21 to 05-07] 665f1def5b [0] ASM:Graph
ASPack| lines=0 trace

11:11:00 Win2K-f 82.238.86.93 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 27 of 31 552ff80216
NEW 552ff80216 [1] ASM:Graph
none|none lines=19 trace

T:11:13:00 WinXP 82.210.162.217 (WAW.PL):
OTN MIANOWSKIEGO IP ASSIGNMENT,
WARSAW, MAZOWIECKIE, PL. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
23 lines Yeah : 1.3
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

11:15:00 Win2K-f 84.112.34.65 (SURFER.AT):
UPC TELEKABEL,
VIENNA, WIEN, AT. (DSL) n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 18 of 31 9caca05b25
[Firefox: 5 hits: 05-06 to 05-06] 1b8c24c677 [0] ASM:Graph
ASPack| lines=0 trace

T:11:17:00 Win2K-f 82.237.140.235 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 28 of 31 9693f6f38e
NEW 4911290aec [0] ASM:Graph
ASPack| lines=65
embedded dns trace

T:11:18:00 WinXP 88.163.230.92 (PROXAD.NET):
PROXAD / FREE SAS,
FR. n/a US:freee.najd.us
US:69.50.208.3:51115 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 10 of 32 5462cc1bde
[Firefox: 5 hits: 04-21 to 05-07] 665f1def5b [0] ASM:Graph
ASPack| lines=0 trace

11:20:00 WinXP 122.19.140.29 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 29 of 29 831f4ee0a7
[Firefox:576 hits: 07-11 to 05-06] eb7546c600 [0] ASM:Graph
none|none lines=61 trace

11:23:00 Win2K-f 81.84.135.237 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
LISBON, LISBOA, PT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:11:25:00 Win2K-f 70.64.211.103 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
VANCOUVER, BRITISH COLUMBIA, CA. (DSL) n/a 139 pcap raw alerts
ruleset other
0 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:11:34:00 WinXP 92.46.22.203 (IKBCC.COM):
EU-ZZ,
UK. 211.96.97.44:7000 CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
21 lines Yeah : 1.8
profile none summary
tarball 20 of 31 af98fe0c94
[Firefox:47 hits: 04-27 to 05-07] 480d076a0a [0] ASM:Graph
ASProtect| lines=422
embedded dns trace

11:34:00 WinXP 201.250.225.212 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:11:43:00 Win2K-f 118.105.239.124 (-):
. n/a US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 18 of 31 9caca05b25
[Firefox: 5 hits: 05-06 to 05-06] 1b8c24c677 [0] ASM:Graph
ASPack| lines=0 trace

11:44:00 WinXP 61.106.207.13 (-):
HANVITINB-INFRA,
KR. n/a US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 12 of 32 4dd70453aa
[Firefox:11 hits: 04-21 to 05-06] f1b2b159da [0] ASM:Graph
ASPack| lines=0 trace

11:46:00 Win2K-f 78.96.191.189 (ASTRAL.RO):
ASTRAL TELECOM SA,
RO. n/a US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 16 of 31 364bdad9bc
[Firefox: 2 hits: 05-06 to 05-06] faab09fef3 [0] ASM:Graph
ASPack| lines=3214
embedded dns trace

11:49:00 WinXP 89.137.168.150 (-):
ASTRAL BRAILA DOCSIS NETWORK,
RO. n/a US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 12 of 32 4dd70453aa
[Firefox:11 hits: 04-21 to 05-06] f1b2b159da [0] ASM:Graph
ASPack| lines=0 trace

T:11:54:00 Win2K-f 41.234.10.85 (TEDATA.NET):
PROVIDER LOCAL REGISTRY,
EG. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

11:55:00 Win2K-f 89.117.77.137 (ERDVES.LT):
SC LITHUANIAN RADIO AND TV CENTER,
VILNIUS, VILNIAUS APSKRITIS, LT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 23 of 31 7a6a916be1
NEW none[4] none:none
none|none none trace

12:07:00 Win2K-f 70.79.41.149 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. (DSL) n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 12 of 32 beb8369329
[Firefox: 8 hits: 04-23 to 05-07] 665f1def5b [0] ASM:Graph
ASPack| lines=0 trace

12:07:00 Win2K-f 79.68.195.68 (AS9105.COM):
TELINCO,
UK. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 12 of 32 4dd70453aa
[Firefox:11 hits: 04-21 to 05-06] f1b2b159da [0] ASM:Graph
ASPack| lines=0 trace

12:08:00 Win2K-f 200.55.48.160 (NET.AR):
IMPSAT ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. (DIAL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 14 of 30 a407412b1d
NEW none[2] none:none
none|none none trace

12:09:00 WinXP 91.58.211.71 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
DE. n/a 445 pcap raw alerts
ruleset other
0 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

12:14:00 WinXP 82.237.7.8 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. (DSL) n/a DE:proxim.ircgalaxy.pl
US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115
DE:85.114.137.60:65520 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 27 of 32 d053d1c0ad
NEW 12ab89414f [0] ASM:Graph
ASPack| lines=61 trace

T:12:21:00 Win2K-f 190.172.156.27 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 18 of 32 7e28dac8de
[Firefox:11 hits: 04-27 to 05-06] none[4] none:none
none|none none trace

12:26:00 WinXP 41.214.135.171 (-):
. n/a UA:citi-bank.ru
EU:kidos-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 29 of 29 d42c1cc7c0
[Firefox:271 hits: 05-01 to 05-07] af9ca5bed1 [0] ASM:Graph
PolyEnE| lines=54 trace

12:28:00 WinXP 82.77.97.65 (HDSNET.HU):
TEREZVAROS CABLE TELEVISION LTD,
BUDAPEST, BUDAPEST, HU. (DSL) 69.50.209.31:51115 US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
irc
19 lines Yeah : 1.3
profile none summary
tarball 14 of 30 45d304294e
[Firefox: 4 hits: 05-06 to 05-06] f1b2b159da [0] ASM:Graph
ASPack| lines=0 trace

T:12:31:00 Win2K-f 82.77.97.65 (HDSNET.HU):
TEREZVAROS CABLE TELEVISION LTD,
BUDAPEST, BUDAPEST, HU. (DSL) n/a US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 14 of 30 45d304294e
[Firefox: 4 hits: 05-06 to 05-06] f1b2b159da [0] ASM:Graph
ASPack| lines=0 trace

T:12:34:00 WinXP 87.203.64.93 (OTENET.GR):
MULTIPROTOCOL SERVICE PROVIDER TO OTHER ISP'S AND END USERS,
ATHENS, ATTIKI, GR. (DSL) n/a 445 pcap raw alerts
ruleset ftp
12 lines Yeah : 1.3
profile none summary
tarball 29 of 29 831f4ee0a7
[Firefox:576 hits: 07-11 to 05-06] eb7546c600 [0] ASM:Graph
none|none lines=61 trace

T:12:35:00 Win2K-f 122.120.0.35 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 19 of 32 890fb4fa10
[Firefox:42 hits: 12-27 to 05-06] b9c7f08a57 [0] ASM:Graph
ASProtect| lines=393
embedded dns trace

12:39:00 Win2K-f 88.166.47.160 (PROXAD.NET):
PROXAD / FREE SAS,
FR. n/a US:freee.najd.us
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 12 of 32 4dd70453aa
[Firefox:11 hits: 04-21 to 05-06] f1b2b159da [0] ASM:Graph
ASPack| lines=0 trace

12:39:00 Win2K-f 85.56.195.108 (DYNAMIC.ORANGE.ES):
ADDRESSES IP FOR HOME CLIENTS,
ES. n/a 139 pcap raw alerts
ruleset ftp
13 lines Yeah : 0.8
profile none summary
tarball 14 of 30 45d304294e
[Firefox: 4 hits: 05-06 to 05-06] f1b2b159da [0] ASM:Graph
ASPack| lines=0 trace

T:12:43:00 WinXP 82.139.22.181 (UDN.PL):
NETWORK IN RADOM LEGNICA JELENIA-GORA,
SZCZECIN, ZACHODNIOPOMORSKIE, PL. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

12:44:00 WinXP 89.137.117.75 (-):
ASTRAL CLUJ-NAPOCA DOCSIS NETWORK,
CLUJ-NAPOCA, CLUJ, RO. n/a DE:proxim.ircgalaxy.pl
US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115
DE:85.114.137.60:65520 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 27 of 32 bf846c5d31
NEW 991a1fe06d [0] ASM:Graph
ASPack| lines=61 trace

12:46:00 Win2K-f 61.227.166.59 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TW. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 13 of 32 7a0c69e783
[Firefox: 5 hits: 04-21 to 05-06] 1b8c24c677 [0] ASM:Graph
ASPack| lines=0 trace

12:49:00 WinXP 84.112.139.92 (SURFER.AT):
UPC TELEKABEL,
VIENNA, WIEN, AT. n/a US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 10 of 30 54be6de1a7
NEW 6048e21586 [0] ASM:Graph
ASPack| lines=0 trace

T:12:55:00 Win2K-f 118.165.66.11 (-):
. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 13 of 32 7a0c69e783
[Firefox: 5 hits: 04-21 to 05-06] 1b8c24c677 [0] ASM:Graph
ASPack| lines=0 trace

T:13:00:00 WinXP 89.136.44.100 (UPCNET.RO):
ASTRAL UPC TIMISOARA,
TIMISOARA, TIMIS, RO. n/a US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 15 of 32 80074a7499
NEW 3fd1c9f2f7 [0] ASM:Graph
ASPack| lines=0 trace

13:04:00 WinXP 70.67.159.211 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
DUNCAN, BRITISH COLUMBIA, CA. n/a US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 25 of 31 980e1bdba5
[Firefox: 2 hits: 05-06 to 05-06] acf2e1645e [0] ASM:Graph
NsPacK| lines=13 trace

T:13:08:00 Win2K-f 220.131.229.128 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAINAN, KAO-HSIUNG, TW. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

13:09:00 WinXP 212.10.39.21 (REV.STOFANET.DK):
TELIA STOFA A/S,
SLAGELSE, VESTSJALLAND, DK. n/a US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 14 of 30 8937a104c5
NEW 04217fc678 [0] ASM:Graph
NsPacK| lines=8 trace

13:11:00 WinXP 85.67.69.249 (-):
FIBERNET,
HU. n/a US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 16 of 31 364bdad9bc
[Firefox: 2 hits: 05-06 to 05-06] faab09fef3 [0] ASM:Graph
ASPack| lines=3214
embedded dns trace

13:15:00 Win2K-f 89.125.247.162 (IRISHBROADBAND.IE):
IRISH BROADBAND INTERNET SERVICES LIMITED,
IE. n/a 445 pcap raw alerts
ruleset shell
5 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:13:15:00 Win2K-f 189.64.247.217 (-):
. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
16 lines Yeah : 0.8
profile none summary
tarball 16 of 29 10252565c9
[Firefox: 2 hits: 05-02 to 05-06] none[4] none:none
none|none none trace

13:22:00 Win2K-f 190.132.154.217 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:13:26:00 WinXP 190.139.113.13 (NET.AR):
TELECOM ARGENTINA S.A,
AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

13:29:00 Win2K-f 84.112.167.97 (SURFER.AT):
UPC TELEKABEL,
VIENNA, WIEN, AT. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 18 of 31 9caca05b25
[Firefox: 5 hits: 05-06 to 05-06] 1b8c24c677 [0] ASM:Graph
ASPack| lines=0 trace

13:30:00 Win2K-f 71.85.127.143 (CHARTER.COM):
CHARTER COMMUNICATIONS,
US. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 23 of 32 8be304341b
[Firefox: 4 hits: 05-06 to 05-07] 51c0a74ab9 [0] ASM:Graph
ASPack| lines=4773
embedded dns trace

13:49:00 WinXP 157.25.239.37 (IPARTNERS.PL):
GTS POLAND,
PL. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

13:53:00 Win2K-f 85.139.106.115 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
OEIRAS, LISBOA, PT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:13:54:00 Win2K-f 84.155.83.240 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
AUGSBURG, BAYERN, DE. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:13:55:00 WinXP 89.32.171.143 (-):
SC INTERNET SOLUTION SRL,
RO. n/a 139 pcap raw alerts
ruleset other
0 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:13:58:00 Win2K-f 83.11.152.119 (TPNET.PL):
NEOSTRADA PLUS,
PL. n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 27 of 31 f3a13c33b5
NEW none[4] none:none
none|none none trace

14:02:00 WinXP 190.160.74.218 (VTR.NET):
VTR BANDA ANCHA S.A,
PATERSON, NEW JERSEY, US. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
16 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:14:05:00 WinXP 85.240.56.60 (DSL.TELEPAC.PT):
TELEPAC - COMUNICACOES INTERACTIVAS SA,
FARO, FARO, PT. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

14:06:00 Win2K-f 85.243.230.15 (DSL.TELEPAC.PT):
PT.COM - COMUNICACOES INTERACTIVAS S.A,
PT. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
21 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:14:07:00 WinXP 85.242.237.156 (DSL.TELEPAC.PT):
PT.COM - COMUNICACOES INTERACTIVAS S.A,
PT. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

14:18:00 Win2K-f 212.10.125.27 (REV.STOFANET.DK):
TELIA STOFA A/S,
SLAGELSE, VESTSJALLAND, DK. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 12 of 32 4dd70453aa
[Firefox:11 hits: 04-21 to 05-06] f1b2b159da [0] ASM:Graph
ASPack| lines=0 trace

T:14:19:00 Win2K-f 81.39.8.151 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
BARCELONA, CATALUñA, ES. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 12 of 32 0cb86518c1
[Firefox: 5 hits: 04-23 to 05-06] f1b2b159da [0] ASM:Graph
ASPack| lines=0 trace

14:21:00 Win2K-f 82.252.14.27 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. (DSL) 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
20 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

14:25:00 WinXP 212.45.74.211 (ISTAR-LINK.COM):
ISTAR LINK COSTUMERS IN SILISTRA,
BG. n/a US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 14 of 30 45d304294e
[Firefox: 4 hits: 05-06 to 05-06] f1b2b159da [0] ASM:Graph
ASPack| lines=0 trace

T:14:42:00 WinXP 24.79.214.35 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
EDMONTON, ALBERTA, CA. (DSL) 69.50.209.31:51115 US:freee.najd.us
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
irc
27 lines Yeah : 1.3
profile none summary
tarball 9 of 31 046e65ea58
NEW 16738ce659 [0] ASM:Graph
ASPack| lines=0 trace

14:53:00 Win2K-f 118.165.66.11 (-):
. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 13 of 32 7a0c69e783
[Firefox: 5 hits: 04-21 to 05-06] 1b8c24c677 [0] ASM:Graph
ASPack| lines=0 trace

T:14:57:00 WinXP 79.185.71.132 (TPNET.PL):
TPSA,
PL. 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

T:15:06:00 WinXP 83.181.232.100 (CUST.TELE2.IT):
TELE2 ITALY S.A,
IT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

15:08:00 WinXP 89.214.161.244 (-):
TMN - TELECOMUNICACOES MOVEIS NACIONAIS SA,
PT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:15:08:00 Win2K-f 78.176.97.182 (SMYTHECRAMER.COM):
TELEKOM,
TR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

15:09:00 WinXP 41.214.138.82 (-):
. n/a 445 pcap raw alerts
ruleset ftp
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:15:15:00 WinXP 217.201.211.119 (-):
TELECOM ITALIA MOBILE,
IT. n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 29 of 29 f502585714
[Firefox:83 hits: 05-03 to 05-06] ae590430c5 [0] ASM:Graph
PolyEnE| lines=63 trace

15:15:00 WinXP 217.201.211.119 (-):
TELECOM ITALIA MOBILE,
IT. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 29 of 29 f502585714
[Firefox:83 hits: 05-03 to 05-06] ae590430c5 [0] ASM:Graph
PolyEnE| lines=63 trace

T:15:30:00 Win2K-f 70.67.159.211 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
DUNCAN, BRITISH COLUMBIA, CA. n/a US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 25 of 31 980e1bdba5
[Firefox: 2 hits: 05-06 to 05-06] acf2e1645e [0] ASM:Graph
NsPacK| lines=13 trace

15:31:00 WinXP 68.150.207.200 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
SHERWOOD PARK, ALBERTA, CA. (DSL) n/a US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 10 of 32 5462cc1bde
[Firefox: 5 hits: 04-21 to 05-07] 665f1def5b [0] ASM:Graph
ASPack| lines=0 trace

15:32:00 WinXP 195.97.30.50 (-):
AMAZE-LL,
GR. (100Mbps) n/a US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 12 of 32 0cb86518c1
[Firefox: 5 hits: 04-23 to 05-06] f1b2b159da [0] ASM:Graph
ASPack| lines=0 trace

15:32:00 Win2K-f 85.94.239.221 (WWW.MOSKITO.LU):
LUXCOMMUNICATIONS,
LU. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 12 of 30 76b4ab852e
[Firefox:29 hits: 04-29 to 05-07] none[4] none:none
none|none none trace

T:15:36:00 WinXP 200.234.43.43 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:2956 hits: 12-31 to 05-07] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:15:39:00 WinXP 125.102.59.228 (UCOM.NE.JP):
UCOM CORP,
JP. (100Mbps) n/a US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 18 of 31 9caca05b25
[Firefox: 5 hits: 05-06 to 05-06] 1b8c24c677 [0] ASM:Graph
ASPack| lines=0 trace

T:15:43:00 WinXP 122.126.163.226 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a US:freee.najd.us 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 15 of 31 78cf013bea
NEW f1b2b159da [0] ASM:Graph
ASPack| lines=0 trace

15:45:00 Win2K-f 190.173.126.96 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

15:48:00 Win2K-f 190.11.22.226 (ANDINANET.NET):
ANDINATEL S.A,
EC. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:15:55:00 Win2K-f 41.232.180.2 (TEDATA.NET):
PROVIDER LOCAL REGISTRY,
EG. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 23 of 31 3a65749370
[Firefox: 3 hits: 05-05 to 05-07] c0e04edf74 [0] ASM:Graph
TXT2COM| lines=407
embedded dns trace

T:15:57:00 Win2K-f 217.219.91.236 (-):
AREA NO 2-2 PARTITION,
MASHHAD, KHORASAN, IR. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 14 of 31 161b316ac3
[Firefox: 2 hits: 05-06 to 05-06] f1b2b159da [0] ASM:Graph
ASPack| lines=0 trace

15:58:00 Win2K-f 196.201.88.63 (KM41-10.AVISO.CI):
ISP COTE D'IVOIRE,
CI. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:16:01:00 WinXP 64.184.2.69 (BSATROOP154.COM):
YEOMAN TELEPHONE CO,
ORLANDO, FLORIDA, US. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:16:05:00 WinXP 82.10.98.193 (NTL.COM):
NTL INFRASTRUCTURE - OXFORD,
SWINDON, ENGLAND, UK. (DSL) n/a 445 pcap raw alerts
ruleset shell
ftp
16 lines Yeah : 0.8
profile none summary
tarball 32 of 32 03f912899b
[Firefox: 6 hits: 12-14 to 05-06] 83893bd25d [0] ASM:Graph
none|none lines=65 trace

16:14:00 Win2K-f 201.32.86.68 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

16:19:00 Win2K-f 189.28.199.231 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

T:16:20:00 WinXP 85.60.72.121 (DYNAMIC.ORANGE.ES):
ADDRESSES IP FOR HOME CLIENTS,
ES. n/a US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 12 of 32 4dd70453aa
[Firefox:11 hits: 04-21 to 05-06] f1b2b159da [0] ASM:Graph
ASPack| lines=0 trace

16:24:00 WinXP 190.152.42.15 (ANDINANET.NET):
ANDINATEL S.A,
EC. n/a 445 pcap raw alerts
ruleset ftp
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

16:35:00 Win2K-f 118.168.135.15 (-):
. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
18 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2587 hits: 12-31 to 05-07] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

T:16:36:00 WinXP 68.146.176.235 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. (DSL) n/a US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 18 of 31 9caca05b25
[Firefox: 5 hits: 05-06 to 05-06] 1b8c24c677 [0] ASM:Graph
ASPack| lines=0 trace

16:36:00 Win2K-f 123.243.123.158 (TPGI.COM.AU):
TPG INTERNET PTY LTD,
AU. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

16:37:00 WinXP 217.219.91.236 (-):
AREA NO 2-2 PARTITION,
MASHHAD, KHORASAN, IR. 69.50.208.3:51115 US:freee.najd.us
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
irc
19 lines Yeah : 1.3
profile none summary
tarball 14 of 31 161b316ac3
[Firefox: 2 hits: 05-06 to 05-06] f1b2b159da [0] ASM:Graph
ASPack| lines=0 trace

16:52:00 WinXP 65.6.253.186 (BELLSOUTH.NET):
BELLSOUTH.NET INC,
GASTONIA, NORTH CAROLINA, US. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:2956 hits: 12-31 to 05-07] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:16:54:00 WinXP 65.6.253.186 (BELLSOUTH.NET):
BELLSOUTH.NET INC,
GASTONIA, NORTH CAROLINA, US. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:2956 hits: 12-31 to 05-07] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

16:58:00 WinXP 201.44.122.243 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

17:09:00 WinXP 70.69.253.68 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. 69.50.209.31:51115 US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
irc
19 lines Yeah : 1.3
profile none summary
tarball 12 of 32 beb8369329
[Firefox: 8 hits: 04-23 to 05-07] 665f1def5b [0] ASM:Graph
ASPack| lines=0 trace

17:11:00 Win2K-f 122.120.7.38 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 22 of 32 dc8e1c63cd
[Firefox:77 hits: 12-27 to 05-07] e0eb8646ee [0] ASM:Graph
none|none lines=601
embedded dns trace

17:16:00 Win2K-f 190.50.192.167 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

17:17:00 WinXP 212.65.23.110 (MANET.DE):
MANET-POWERLINE,
MANNHEIM, BADEN-WURTTEMBERG, DE. n/a 445 pcap raw alerts
ruleset ftp
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:17:27:00 Win2K-f 201.170.40.125 (TELNOR.NET):
TELEFONOS DEL NOROESTE S.A. DE C.V,
MX. (100Mbps) 211.96.97.44:7000 CN:scorti1.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 13 of 32 53123fadcc
[Firefox:35 hits: 01-26 to 05-07] none[4] none:none
none|none none trace

17:32:00 WinXP 189.36.176.177 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

17:40:00 Win2K-f 61.230.83.55 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 26 of 31 af3b1f95c4
NEW fef1ead5fb [0] ASM:Graph
NsPacK| lines=4770
embedded dns trace

T:17:42:00 WinXP 130.13.134.150 (QWEST.NET):
QWEST BROADBAND SERVICES INC,
PHOENIX, ARIZONA, US. 69.50.208.3:51115 85.114.137.60:65520 DE:proxim.ircgalaxy.pl
US:freee.najd.us
DE:dl2.teenpassage.com
IL:ymq.a1001186.wrs.mcboo.com
IL:194.90.224.86:80
US:69.50.208.3:51115
US:69.50.209.31:51115
DE:85.114.137.60:65520 139 pcap raw alerts
ruleset ftp
irc
http
55 lines Yeah : 1.3
profile none summary
tarball 29 of 31
23 of 31 a2106b4e9d
NEW
d22b35f1b8
[Firefox: 2 hits: 05-06 to 05-06] 069b356c04 [0]
d22b35f1b8[1] ASM:Graph
ASM:Graph
ASPack|
FSG| lines=61
lines=6 trace
trace

17:43:00 Win2K-f 68.148.83.12 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
EDMONTON, ALBERTA, CA. (DSL) n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 28 of 31 daa2cc54b7
NEW 674dc24333 [0] ASM:Graph
ASPack| lines=61 trace

17:54:00 WinXP 190.137.121.133 (NET.AR):
TELECOM ARGENTINA S.A,
AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

18:04:00 Win2K-f 70.71.118.13 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. (DSL) n/a 139 pcap raw alerts
ruleset other
0 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

18:05:00 WinXP 61.20.131.198 (-):
FAR EASTONE TELECOMMUNICATION CO. LTD,
TW. n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:1274 hits: 12-31 to 05-07] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

18:08:00 WinXP 201.35.16.160 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
31 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

18:23:00 Win2K-f 59.114.143.109 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 23 of 32 8be304341b
[Firefox: 4 hits: 05-06 to 05-07] 51c0a74ab9 [0] ASM:Graph
ASPack| lines=4773
embedded dns trace

T:18:24:00 Win2K-f 71.85.127.143 (CHARTER.COM):
CHARTER COMMUNICATIONS,
US. n/a US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 23 of 32 8be304341b
[Firefox: 4 hits: 05-06 to 05-07] 51c0a74ab9 [0] ASM:Graph
ASPack| lines=4773
embedded dns trace

18:33:00 Win2K-f 210.209.134.225 (TCOL.COM.TW):
MONAD DIGITNAMIC CORP,
T'AI-CHUNG, T'AI-WAN, TW. 69.50.208.3:51115 US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
irc
19 lines Yeah : 1.3
profile none summary
tarball 14 of 30 06b2a063d4
NEW 83c641189a [0] ASM:Graph
ASPack| lines=0 trace

T:18:51:00 WinXP 4.244.6.122 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
ST. LOUIS, MISSOURI, US. (DIAL) n/a 445 pcap raw alerts
ruleset shell
ftp
16 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

18:55:00 WinXP 69.228.6.2 (PACBELL.NET):
PPPOX POOL - RBACK8.IRVNCA 092004-0956,
LOS ANGELES, CALIFORNIA, US. (DSL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 29 of 29 3ae357d17b
[Firefox:697 hits: 05-01 to 05-07] 462a7be171 [0] ASM:Graph
PolyEnE| lines=73 trace

T:19:12:00 WinXP 67.127.165.51 (PACBELL.NET):
POOL PPPOX - RBACK1.IRVNCA,
LOS ANGELES, CALIFORNIA, US. (DSL) n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

19:50:00 Win2K-f 190.173.200.177 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:52 hits: 05-05 to 05-07] none[4] none:none
none|none none trace

19:54:00 WinXP 67.127.165.51 (PACBELL.NET):
POOL PPPOX - RBACK1.IRVNCA,
LOS ANGELES, CALIFORNIA, US. (DSL) n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

20:13:00 Win2K-f 4.237.248.175 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
NEW YORK, NEW YORK, US. (DIAL) n/a 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

20:21:00 WinXP 219.95.216.147 (TM.NET.MY):
ADSL-STREAMYX-TMNET,
MY. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

20:24:00 Win2K-f 59.121.114.144 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a 445 pcap raw alerts
ruleset shell
ftp
18 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

20:48:00 Win2K-f 190.50.213.17 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
16 lines Yeah : 0.8
profile none summary
tarball 17 of 32 26536a4ebc
NEW none[4] none:none
none|none none trace

20:50:00 WinXP 200.177.32.200 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
21 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

21:24:00 WinXP 202.2.104.18 (TUVALU.TV):
TUVALU TELECOMMUNICATIONS CORPORATION,
TV. n/a DE:proxim.ircgalaxy.pl
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 1.3
profile none summary
tarball 30 of 30 e9e24ea87a
NEW aeb0a54c45 [0] ASM:Graph
PolyEnE| lines=61 trace

21:48:00 Win2K-f 24.86.67.191 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
SURREY, BRITISH COLUMBIA, CA. (DSL) n/a US:freee.najd.us
US:69.50.208.3:51115
US:69.50.209.31:51115 139 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 12 of 32 beb8369329
[Firefox: 8 hits: 04-23 to 05-07] 665f1def5b [0] ASM:Graph
ASPack| lines=0 trace

T:21:51:00 WinXP 118.98.169.100 (-):
. n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

23:19:00 Win2K-f 92.112.78.206 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 31 c1f12e0109
[Firefox:10 hits: 04-28 to 05-07] none[4] none:none
none|none none trace

23:28:00 WinXP 91.125.114.30 (BRIGHTVIEW.COM):
BRIGHTVIEW GROUP LIMITED,
LONDON, ENGLAND, UK. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:825 hits: 04-27 to 05-07] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

23:41:00 Win2K-f 89.146.188.145 (NET.BA):
BRAS PPPOE POOL UPGRADE,
SARAJEVO, FEDERATION OF BOSNIA AND HERZEGOVINA, BA. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 20 of 31 af98fe0c94
[Firefox:47 hits: 04-27 to 05-07] 480d076a0a [0] ASM:Graph
ASProtect| lines=422
embedded dns trace

T:23:43:00 Win2K-f 213.228.99.172 (SINOR.RU):
8-180 DIALUP POOL,
NOVOSIBIRSK, NOVOSIBIRSKAYA OBLAST', RU. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
16 lines Yeah : 0.8
profile none summary
tarball 9 of 32 9345b57563
[Firefox:11 hits: 12-27 to 05-07] none[4] none:none
none|none none trace