|
Time |
Victim OS |
Infection Source |
C&C Server |
DNS Lookups & Failed Connects |
Infection Port |
Packet Trace |
Detection Signatures |
Infection Chatter |
BotHunter Analysis |
Behavioral Cluster |
Forensic Logs |
Antivirus Labels |
Packed Malware_Binary |
Unpacked egg.exe |
Unpacked egg.asm |
Packer PEID |
Data Strings |
Syscall Trace |
| 00:06:00 | Win2K-f | 118.100.15.64 (-): . |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| T:00:08:00 | Win2K-f | 78.57.26.14 (ZEBRA.LT): LIETUVOS, KAUNAS, KAUNO APSKRITIS, LT. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 00:08:00 | Win2K-f | 59.112.221.135 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TAIPEI, T'AI-PEI, TW. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:30 hits: 05-05 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 00:16:00 | WinXP | 84.51.86.29 (IPAPER.COM): BLOCK FOR PI ASSIGNMENTS, UK. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 00:19:00 | WinXP | 62.120.36.166 (-): EUNET, FR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
19 of 31 | 0330af1285 [Firefox: 3 hits: 05-02 to 05-03] |
none[4] | none:none |
none|none | none | trace |
| T:00:23:00 | WinXP | 79.126.0.80 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
211.96.97.44:7000 | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 21 lines |
Yeah : 1.8 profile |
none | summary tarball |
19 of 30 | 93282471f7 [Firefox: 7 hits: 04-28 to 05-05] |
95951dee58 [0] | ASM:Graph |
ASProtect| | lines=0 | trace |
| 00:27:00 | Win2K-f | 213.228.99.172 (SINOR.RU): 8-180 DIALUP POOL, NOVOSIBIRSK, NOVOSIBIRSKAYA OBLAST', RU. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:00:32:00 | Win2K-f | 125.162.104.228 (-): TLKM_D1_BB_SPEEDY_PG, PALEMBANG, SUMATERA SELATAN, ID. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:00:33:00 | WinXP | 151.21.95.238 (21-151.LIBERO.IT): FREE INTERNET DIAL-UP SERVICES, ROME, LAZIO, IT. (DIAL) |
211.96.97.44:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp 20 lines |
Yeah : 1.3 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:30 hits: 05-05 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 00:35:00 | Win2K-f | 92.46.4.121 (IKBCC.COM): EU-ZZ, UK. |
n/a | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
20 of 31 | af98fe0c94 [Firefox:40 hits: 04-27 to 05-06] |
480d076a0a [0] | ASM:Graph |
ASProtect| | lines=422 embedded dns |
trace |
| 00:39:00 | WinXP | 88.240.61.129 (TTNET.NET.TR): TT ADSL-ALCATEL_ACI, ISTANBUL, ISTANBUL, TR. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 13 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:00:49:00 | Win2K-f | 218.111.45.191 (TM.NET.MY): TELEKOM MALAYSIA BERHAD, KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. (DSL) |
211.96.97.44:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 20 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 00:59:00 | WinXP | 125.24.148.53 (TOTBB.NET): TOT ADSL IP ADDRESS POOL, TH. (DSL) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 00:59:00 | Win2K-f | 41.210.235.32 (-): . |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| T:00:59:00 | Win2K-f | 125.24.148.53 (TOTBB.NET): TOT ADSL IP ADDRESS POOL, TH. (DSL) |
n/a | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 31 | 362b6c6470 NEW |
none[4] | none:none |
none|none | none | trace |
| 01:06:00 | Win2K-f | 213.49.71.192 (DSL.SCARLET.BE): PI-BELGIUM, LIEGE, LIEGE, BE. |
67.43.236.68:10324 | CA:xx.nadnadzz.info CA:nadsam0.info US:130.107.214.250:51838 CA:67.43.236.67:10324 |
445 | pcap | raw alerts ruleset |
ftp irc http 33 lines |
Yeah : 1.8 profile |
none | summary tarball |
26 of 31 20 of 31 19 of 31 12 of 31 |
0c30c02f9e NEW 41eeb01083 NEW 4c0f2bc7d5 NEW d782d4b691 NEW |
none[4] none [4] none [4] d782d4b691[1] |
none:none none:none none:none ASM:Graph |
Armadillo| EXECrypto| EXECrypto| none|none |
none none none lines=0 |
trace trace trace trace |
| 01:11:00 | Win2K-f | 78.156.215.85 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 01:17:00 | WinXP | 84.51.81.98 (IPAPER.COM): BLOCK FOR PI ASSIGNMENTS, UK. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 1 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:30 hits: 05-05 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 01:19:00 | Win2K-f | 79.126.29.55 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
22 of 31 | 69c2c8ef9b NEW |
none[4] | none:none |
ASProtect| | none | trace |
| 01:21:00 | WinXP | 92.46.148.202 (IKBCC.COM): EU-ZZ, UK. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
31 of 32 | 1e5df7ba74 [Firefox: 9 hits: 03-24 to 04-30] |
a5331b711f [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:01:22:00 | Win2K-f | 218.111.17.187 (TM.NET.MY): TELEKOM MALAYSIA BERHAD, PETALING JAYA, SELANGOR, MY. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
27 of 30 | a107502d71 NEW |
none[4] | none:none |
none|none | none | trace | |
| 01:25:00 | WinXP | 85.152.160.61 (CM-85-152-59-10.TELECABLE.ES): TELECABLE, ES. |
n/a | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
26 of 28 | a92e3f8fc8 [Firefox:108 hits: 05-03 to 04-26] |
dfe02a1e52 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:01:25:00 | WinXP | 85.152.160.61 (CM-85-152-59-10.TELECABLE.ES): TELECABLE, ES. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
26 of 28 | a92e3f8fc8 [Firefox:108 hits: 05-03 to 04-26] |
dfe02a1e52 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 01:28:00 | WinXP | 91.196.237.51 (-): LABORATORIYA SETEVIKH TECHNOLOGIY LTD, RU. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 01:33:00 | WinXP | 85.96.201.158 (TTNET.NET.TR): ADSL-ALC-GAYRETTEPE-STATIC POOL, KONYA, NIGDE, TR. (DSL) |
n/a | DE:proxim.ircgalaxy.pl CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 DE:85.114.137.60:65520 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
26 of 31 | cd05c2e205 NEW |
none[4] | none:none |
none|none | none | trace |
| 01:37:00 | Win2K-f | 90.155.137.88 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
211.96.97.44:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 20 lines |
Yeah : 1.3 profile |
none | summary tarball |
13 of 32 | 5b64aefe5d NEW |
none[4] | none:none |
none|none | none | trace |
| T:01:49:00 | Win2K-f | 87.68.232.140 (012.NET.IL): GOLDEN LINES INTERNATIONAL COMMUNICATION SERVICES LTD, IL. (DSL) |
211.96.97.44:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 24 lines |
Yeah : 1.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 01:53:00 | WinXP | 79.138.171.175 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:30 hits: 05-05 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 01:56:00 | Win2K-f | 88.180.64.137 (PROXAD.NET): PROXAD / FREE SAS, FR. |
n/a | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 1 profile |
none | summary tarball |
20 of 31 | af98fe0c94 [Firefox:40 hits: 04-27 to 05-06] |
480d076a0a [0] | ASM:Graph |
ASProtect| | lines=422 embedded dns |
trace |
| 01:56:00 | WinXP | 84.51.83.186 (IPAPER.COM): BLOCK FOR PI ASSIGNMENTS, UK. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:30 hits: 05-05 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 02:14:00 | Win2K-f | 88.73.154.174 (ARCOR-IP.NET): ARCOR-DSL-NET, BERLIN, BERLIN, DE. |
n/a | DE:proxim.ircgalaxy.pl CN:scorti1.dns2go.com CN:211.96.97.44:7000 DE:85.114.137.60:65520 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
28 of 32 | 0197c6c127 [Firefox: 2 hits: 04-27 to 04-30] |
none[4] | none:none |
none|none | none | trace |
| T:02:16:00 | Win2K-f | 92.112.78.206 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 31 | c1f12e0109 [Firefox: 9 hits: 04-28 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 02:17:00 | Win2K-f | 85.132.5.179 (AZ-IX.NET): PROVIDER LOCAL REGISTRY, BAKU, ABSERON, AZ. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 15 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 02:17:00 | WinXP | 85.141.44.242 (MTU-NET.RU): ZAO MTU-INTEL, MOSCOW, MOSKVA, RU. (DIAL) |
n/a | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
20 of 31 | af98fe0c94 [Firefox:40 hits: 04-27 to 05-06] |
480d076a0a [0] | ASM:Graph |
ASProtect| | lines=422 embedded dns |
trace |
| T:02:19:00 | WinXP | 89.218.214.110 (ADSL.ONLINE.KZ): KAZAKHTELECOM DATA NETWORK ADMINISTRATION, KZ. |
211.96.97.44:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 24 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| T:02:21:00 | Win2K-f | 79.131.175.50 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:30 hits: 05-05 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 02:32:00 | Win2K-f | 68.167.232.92 (COVAD.NET): COVAD COMMUNICATIONS CO, LOS ANGELES, CALIFORNIA, US. |
85.114.137.60:65520 | CN:scorti1.dns2go.com DE:proxim.ircgalaxy.pl DE:dl2.teenpassage.com CN:211.96.97.44:7000 DE:85.114.137.60:65520 DE:85.114.143.2:80 |
445 | pcap | raw alerts ruleset |
irc 3 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:02:32:00 | Win2K-f | 206.248.231.155 (NTELOS.NET): NTELOS - WYBO 6400 NRP ADSL DHCP RANGE, CLIFTON FORGE, VIRGINIA, US. |
211.96.97.44:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 21 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 02:36:00 | Win2K-f | 24.86.78.144 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, SURREY, BRITISH COLUMBIA, CA. (DSL) |
n/a | 139 | pcap | raw alerts ruleset |
ftp 12 lines |
Yeah : 0.8 profile |
none | summary tarball |
12 of 32 | beb8369329 [Firefox: 4 hits: 04-23 to 05-06] |
665f1def5b [0] | ASM:Graph |
ASPack| | lines=0 | trace | |
| 02:54:00 | WinXP | 98.134.131.13 (-): . |
n/a | DE:proxim.ircgalaxy.pl CZ:217.170.244.2:443 CZ:82.114.64.251:443 DE:85.114.137.60:65520 |
445 | pcap | raw alerts ruleset |
shell ftp 17 lines |
Yeah : 1.3 profile |
none | summary tarball |
28 of 31 | 4531998492 NEW |
none[4] | none:none |
FSG| | none | trace |
| T:02:54:00 | WinXP | 24.86.78.144 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, SURREY, BRITISH COLUMBIA, CA. (DSL) |
69.50.209.31:51115 | US:freee.najd.us **:10.2.31.9:2967 US:69.50.208.3:51115 US:69.50.209.31:51115 |
139 | pcap | raw alerts ruleset |
ftp irc 19 lines |
Yeah : 1.3 profile |
none | summary tarball |
12 of 32 | beb8369329 [Firefox: 4 hits: 04-23 to 05-06] |
665f1def5b [0] | ASM:Graph |
ASPack| | lines=0 | trace |
| 03:01:00 | WinXP | 220.129.120.39 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, KAOHSIUNG, KAO-HSIUNG, TW. |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
25 of 25 | 7f60162c2c [Firefox:1270 hits: 12-31 to 05-06] |
1aad8e4632 [0] | ASM:Graph |
PolyEnE| | lines=93 embedded dns |
trace |
| 03:07:00 | Win2K-f | 195.214.197.170 (MERLIN.NET.UA): ISP MERLIN TELECOM LTD, UA. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 15 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:30 hits: 05-05 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 03:10:00 | Win2K-f | 83.238.225.233 (INETIA.PL): INTERNETIA, KATOWICE, SLASKIE, PL. (DSL) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:30 hits: 05-05 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 03:16:00 | WinXP | 91.65.176.239 (SUPERKABEL.DE): KABEL-DEUTSCHLAND-CUSTOMER-SERVICES, DE. |
n/a | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
28 of 31 | d4a5b92dbe NEW |
none[4] | none:none |
ASProtect| | none | trace |
| T:03:17:00 | Win2K-f | 89.25.215.13 (3S.PL): TELEKOMUNIKACJA KOPALN PIASKU S.A, PL. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 03:18:00 | WinXP | 122.52.31.34 (PLDT.NET): IPG, PH. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 03:19:00 | Win2K-f | 220.157.90.79 (-): EVAN COULSTON-CQ NET PTY LTD, ROCKHAMPTON, QUEENSLAND, AU. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
17 of 32 | f54a76fb5b [Firefox: 2 hits: 04-28 to 04-29] |
none[4] | none:none |
none|none | none | trace |
| T:03:31:00 | Win2K-f | 77.197.25.44 (GAOLAND.NET): DYNAMIC POOLS, FR. |
85.114.137.60:65520 | DE:proxim.ircgalaxy.pl CN:hail.dns2go.com CN:scorti1.dns2go.com DE:dl2.teenpassage.com CN:211.96.97.44:7000 DE:85.114.137.60:65520 DE:85.114.143.2:80 |
445 | pcap | raw alerts ruleset |
ftp irc 17 lines |
Yeah : 1.3 profile |
none | summary tarball |
26 of 32 | 64b36642a6 [Firefox: 2 hits: 04-28 to 04-28] |
none[4] | none:none |
none|none | none | trace |
| 03:34:00 | Win2K-f | 90.133.29.57 (SWIP.NET): SWIPNET, SE. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 03:41:00 | WinXP | 118.168.239.185 (-): . |
69.50.209.31:51115 | US:freee.najd.us **:10.2.31.9:2967 US:69.50.209.31:51115 |
139 | pcap | raw alerts ruleset |
ftp irc 20 lines |
Yeah : 1.3 profile |
none | summary tarball |
10 of 32 | 5462cc1bde [Firefox: 4 hits: 04-21 to 05-06] |
665f1def5b [0] | ASM:Graph |
ASPack| | lines=0 | trace |
| 03:47:00 | Win2K-f | 213.25.135.196 (KAM.PL): TELEKAM SP. Z O.O, SZCZECIN, ZACHODNIOPOMORSKIE, PL. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 03:52:00 | WinXP | 84.51.86.58 (IPAPER.COM): BLOCK FOR PI ASSIGNMENTS, UK. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 04:03:00 | WinXP | 121.2.165.10 (SO-NET.NE.JP): SO-NET SERVICE, JP. (DSL) |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 14 lines |
Yeah : 1.3 profile |
none | summary tarball |
30 of 32 | 94a9d2653b NEW |
none[4] | none:none |
none|none | none | trace | |
| 04:04:00 | Win2K-f | 217.247.50.13 (T-DIALIN.NET): DEUTSCHE TELEKOM AG, ZWEIBRUCKEN, RHEINLAND-PFALZ, DE. (DIAL) |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 19 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 04:06:00 | Win2K-f | 62.235.158.130 (DSL.SCARLET.BE): UNISOURCE, HASSELT, LIMBURG, BE. (DSL) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:30 hits: 05-05 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| T:04:09:00 | Win2K-f | 58.4.240.100 (UCOM.NE.JP): KT, JP. (100Mbps) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
12 of 30 | 76b4ab852e [Firefox:27 hits: 04-29 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 04:23:00 | WinXP | 41.245.77.103 (FAUXTEL.COM): AFRINIC, ZA. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 04:24:00 | Win2K-f | 92.46.25.149 (IKBCC.COM): EU-ZZ, UK. |
n/a | 445 | pcap | raw alerts ruleset |
other 0 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 04:26:00 | WinXP | 92.47.128.91 (IKBCC.COM): EU-ZZ, UK. |
n/a | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
20 of 31 | af98fe0c94 [Firefox:40 hits: 04-27 to 05-06] |
480d076a0a [0] | ASM:Graph |
ASProtect| | lines=422 embedded dns |
trace |
| 04:40:00 | WinXP | 91.65.122.143 (SUPERKABEL.DE): KABEL-DEUTSCHLAND-CUSTOMER-SERVICES, DE. |
n/a | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
12 of 31 | ab48a97a5d [Firefox: 3 hits: 12-28 to 05-05] |
81e9c5d188 [0] | ASM:Graph |
ASProtect| | lines=419 embedded dns |
trace |
| 04:43:00 | Win2K-f | 91.125.62.135 (BRIGHTVIEW.COM): BRIGHTVIEW GROUP LIMITED, NORWICH, ENGLAND, UK. (DSL) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 04:49:00 | WinXP | 87.68.238.83 (012.NET.IL): GOLDEN LINES INTERNATIONAL COMMUNICATION SERVICES LTD, IL. (DSL) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 05:01:00 | Win2K-f | 85.185.81.175 (-): INFORMATION TECHNOLOGY COMPANY (ITC), IR. (100Mbps) |
n/a | 445 | pcap | raw alerts ruleset |
ftp 16 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 05:07:00 | WinXP | 92.13.140.128 (-): CARPHONE WAREHOUSE BROADBAND SERVICES, UK. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
22 of 31 | bfa453a453 NEW |
none[4] | none:none |
none|none | none | trace |
| T:05:09:00 | Win2K-f | 41.246.161.145 (TELKOM-IPNET.CO.ZA): AFRINIC, ZA. |
211.96.97.44:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 21 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 05:09:00 | Win2K-f | 62.5.164.84 (-): MTU-CUST-2EEA, MOSCOW, MOSKVA, RU. (100Mbps) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
12 of 31 | 6a08d9e276 NEW |
none[4] | none:none |
none|none | none | trace |
| T:05:11:00 | Win2K-f | 62.61.34.46 (-): AD-PUBLIC, DE. |
211.96.97.44:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 21 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 05:11:00 | Win2K-f | 212.40.83.92 (-): DRAVANET ADSL CUSTOMERS IP POOL, HU. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 05:12:00 | WinXP | 85.133.183.91 (-): SEPANTA COMMUNICATION DEVELOPMENT CO. LTD, TEHRAN, TEHRAN, IR. |
n/a | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
13 of 32 | 53123fadcc [Firefox:34 hits: 01-26 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 05:14:00 | Win2K-f | 85.240.191.94 (DSL.TELEPAC.PT): PT.COM - COMUNICACOES INTERACTIVAS S.A, PT. (DSL) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 15 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 05:14:00 | WinXP | 88.210.65.60 (REV.OPTIMUS.PT): OPTIMUS PORTUGAL, LISBON, LISBOA, PT. (DSL) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 05:26:00 | Win2K-f | 88.64.142.166 (ARCOR-IP.NET): ARCOR-DSL-NET, HANNOVER, NIEDERSACHSEN, DE. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 13 lines |
Yeah : 0.8 profile |
none | summary tarball |
27 of 31 | e37555c26e NEW |
none[4] | none:none |
Xtreme-Pr| | none | trace |
| 05:33:00 | Win2K-f | 85.232.192.136 (MALTANET.NET): MALTANET-RETAIL-DSL, ZEBBUG, MALTA, MT. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 05:34:00 | Win2K-f | 213.237.3.225 (TAAJ.TISCALI.DK): TISCALI DENMARK A/S, COPENHAGEN, COPENHAGEN, DK. (DSL) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
26 of 31 | d181940279 NEW |
none[4] | none:none |
none|none | none | trace |
| T:06:03:00 | Win2K-f | 124.43.129.103 (-): INTERNET SERVICE PROVIDER IN SRI LANKA, LK. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 06:05:00 | Win2K-f | 91.67.50.124 (SUPERKABEL.DE): KABEL DEUTSCHLAND BREITBAND SERVICE GMBH, DE. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 15 lines |
Yeah : 0.8 profile |
none | summary tarball |
26 of 31 | 1c118bd944 NEW |
none[4] | none:none |
Obsidium| | none | trace |
| 06:21:00 | Win2K-f | 85.243.220.206 (DSL.TELEPAC.PT): PT.COM - COMUNICACOES INTERACTIVAS S.A, PT. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
28 of 31 | 2a765da2e8 NEW |
none[4] | none:none |
none|none | none | trace | |
| T:06:36:00 | WinXP | 82.155.6.214 (STATIC-B5-253-10.TELEPAC.PT): TELEPAC - COMUNICACOES INTERACTIVAS SA, LISBON, LISBOA, PT. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 06:42:00 | Win2K-f | 122.123.245.55 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 06:58:00 | Win2K-f | 88.85.23.132 (NET2000.CH): BROADBAND CUSTOMER, NEUCHATEL, NEUCHATEL, CH. |
n/a | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
20 of 31 | af98fe0c94 [Firefox:40 hits: 04-27 to 05-06] |
480d076a0a [0] | ASM:Graph |
ASProtect| | lines=422 embedded dns |
trace |
| 06:59:00 | Win2K-f | 78.88.254.137 (-): VECTRA TECHNOLOGIE S.A, PL. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| T:06:59:00 | WinXP | 89.218.13.203 (-): ALMATYTELECOM, KZ. |
211.96.97.44:7000 | DE:proxim.ircgalaxy.pl CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 DE:85.114.137.60:65520 |
445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
26 of 31 | 272d6188bd NEW |
none[4] | none:none |
none|none | none | trace |
| 07:07:00 | WinXP | 87.0.35.161 (RETAIL.TELECOMITALIA.IT): TELECOM ITALIA S.P.A. TIN EASY LITE, VICENZA, VENETO, IT. |
211.96.97.44:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 20 lines |
Yeah : 1.3 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:30 hits: 05-05 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| T:07:16:00 | Win2K-f | 80.171.39.109 (HANSENET.DE): HANSENET-ADSL, HAMBURG, HAMBURG, DE. (DSL) |
n/a | 445 | pcap | raw alerts ruleset |
ftp 13 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 07:19:00 | Win2K-f | 85.69.0.16 (BDX.MODULONET.FR): BORDEAUX CABLE MODEM USERS, ROUEN, HAUTE-NORMANDIE, FR. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 18 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 07:35:00 | Win2K-f | 82.200.221.242 (-): JSC KAZAKHTELECOM TALDYKORGAN, KZ. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:07:45:00 | WinXP | 89.218.97.232 (ADSL.ONLINE.KZ): KAZAKHTELECOM DATA NETWORK ADMINISTRATION, KZ. |
211.96.97.44:7000 | CN:scorti1.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 21 lines |
Yeah : 1.8 profile |
none | summary tarball |
20 of 31 | af98fe0c94 [Firefox:40 hits: 04-27 to 05-06] |
480d076a0a [0] | ASM:Graph |
ASProtect| | lines=422 embedded dns |
trace |
| 07:51:00 | WinXP | 92.4.75.124 (-): CARPHONE WAREHOUSE BROADBAND SERVICES, UK. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 07:55:00 | Win2K-f | 190.50.193.20 (COM.AR): TELEFONICA DE ARGENTINA, BUENOS AIRES, BUENOS AIRES, AR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:30 hits: 05-05 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| T:07:59:00 | WinXP | 88.195.50.224 (INET.FI): BROADBAND ACCESS POOL, FI. |
n/a | DE:proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 DE:85.114.137.60:65520 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
29 of 31 | 4ab5b0788c [Firefox: 2 hits: 04-21 to 04-21] |
272da55ef8 [0] | ASM:Graph |
PolyEnE| | lines=114 | trace |
| 08:03:00 | WinXP | 200.255.170.223 (STERLINGSTUDENTS.NET): COMITE GESTOR DA INTERNET NO BRASIL, BR. (DSL) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 15 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 08:10:00 | WinXP | 189.63.15.212 (BRASILTELECOM.NET.BR): COMITE GESTOR DA INTERNET NO BRASIL, BR. |
211.96.97.44:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 23 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 08:14:00 | WinXP | 88.74.8.2 (ARCOR-IP.NET): ARCOR-DSL-NET, BERLIN, BERLIN, DE. |
n/a | DE:proxim.ircgalaxy.pl CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 DE:85.114.137.60:80 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
28 of 32 | 32e0c23c3e NEW |
none[4] | none:none |
none|none | none | trace |
| T:08:17:00 | Win2K-f | 190.100.186.9 (-): . |
211.96.97.44:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 25 lines |
Yeah : 1.3 profile |
none | summary tarball |
22 of 31 | 52817d68b3 NEW |
none[4] | none:none |
none|none | none | trace |
| T:08:29:00 | WinXP | 41.210.196.73 (-): . |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
18 of 31 | 278459b105 NEW |
none[4] | none:none |
none|none | none | trace |
| 08:38:00 | WinXP | 60.53.239.197 (TM.NET.MY): TELEKOM MALAYSIA BERHAD, MALACCA, MELAKA, MY. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 08:41:00 | WinXP | 81.198.159.76 (-): ADDRESS POOL FOR LTC-HOME CUSTOMERS, RIGA, RIGA, LV. |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
31 of 32 | ee814e301c NEW |
none[4] | none:none |
PolyEnE| | none | trace |
| 08:43:00 | Win2K-f | 84.175.235.218 (T-DIALIN.NET): DEUTSCHE TELEKOM AG, FRANKFURT, HESSEN, DE. (DIAL) |
n/a | CZ:217.170.244.2:443 CZ:82.114.64.251:443 |
445 | pcap | raw alerts ruleset |
shell ftp 17 lines |
Yeah : 1.3 profile |
none | summary tarball |
25 of 28 | 7fdfe363d5 [Firefox:2580 hits: 12-31 to 05-06] |
10862ea8b8 [0] | ASM:Graph |
FSG| | lines=1933 embedded dns |
trace |
| T:08:48:00 | WinXP | 77.109.25.169 (-): PEOPLENET USERS ODESSA, ODESSA, ODES'KA OBLAST, UA. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | 4f887ca272 [Firefox:32 hits: 01-26 to 04-29] |
4f887ca272 [1] | ASM:Graph |
Stranik| | lines=6 | trace | |
| 08:55:00 | WinXP | 59.117.119.86 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 17 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:08:57:00 | Win2K-f | 200.43.204.160 (NET.AR): MIDAS-TELECOM, BUENOS AIRES, BUENOS AIRES, AR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 09:02:00 | WinXP | 90.150.244.130 (PERMONLINE.RU): OJSC URALSVYAZINFORM, RU. |
n/a | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
27 of 31 | 4abf78797f NEW |
none[4] | none:none |
Stranik| | none | trace |
| 09:07:00 | WinXP | 85.243.81.220 (DSL.TELEPAC.PT): PT.COM - COMUNICACOES INTERACTIVAS S.A, PT. (DSL) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 09:29:00 | Win2K-f | 41.214.138.60 (-): . |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 09:32:00 | Win2K-f | 41.214.141.61 (-): . |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 16 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 09:47:00 | WinXP | 87.196.3.160 (NET.NOVIS.PT): NOVIS TELECOM S.A, LISBON, LISBOA, PT. (DSL) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| T:09:56:00 | WinXP | 196.28.249.251 (-): AFRINIC, BF. |
85.114.137.60:65520 | DE:proxim.ircgalaxy.pl CN:scorti1.dns2go.com CN:211.96.97.44:7000 DE:85.114.137.60:65520 |
445 | pcap | raw alerts ruleset |
ftp irc 21 lines |
Yeah : 1.3 profile |
none | summary tarball |
28 of 31 | 7d356e0447 NEW |
none[4] | none:none |
TXT2COM| | none | trace |
| 10:00:00 | Win2K-f | 60.50.255.157 (TM.NET.MY): TELEKOM MALAYSIA BERHAD, KLANG, SELANGOR, MY. |
n/a | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp 15 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| T:10:03:00 | Win2K-f | 200.225.152.199 (STERLINGSTUDENTS.NET): COMITE GESTOR DA INTERNET NO BRASIL, BR. (DSL) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 17 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| T:10:04:00 | WinXP | 201.250.182.161 (COM.AR): TELEFONICA DE ARGENTINA, BUENOS AIRES, BUENOS AIRES, AR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 10:09:00 | Win2K-f | 201.19.100.232 (STERLINGSTUDENTS.NET): COMITE GESTOR DA INTERNET NO BRASIL, BR. (DSL) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 16 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:30 hits: 05-05 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 10:27:00 | WinXP | 83.238.231.47 (INETIA.PL): INTERNETIA, KATOWICE, SLASKIE, PL. (DSL) |
218.94.102.130:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 74 lines |
Yeah : 1.3 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:30 hits: 05-05 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 10:35:00 | WinXP | 201.32.100.22 (STERLINGSTUDENTS.NET): COMITE GESTOR DA INTERNET NO BRASIL, BR. (DSL) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 CN:218.94.102.130:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 10:46:00 | Win2K-f | 190.144.36.181 (ATT.NET.CO): TELMEX COLOMBIA S.A, CO. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 CN:218.94.102.130:7000 US:65.117.119.162:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 31 | ea54317f5d [Firefox: 2 hits: 04-29 to 05-04] |
none[4] | none:none |
none|none | none | trace |
| T:10:50:00 | Win2K-f | 172.132.253.168 (AOL.COM): AMERICA ONLINE, RESTON, VIRGINIA, US. (DSL) |
n/a | 135 | pcap | raw alerts ruleset |
other 26 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:10:53:00 | Win2K-f | 81.193.182.249 (DSL.TELEPAC.PT): TELEPAC - COMUNICACOES INTERACTIVAS SA, LISBON, LISBOA, PT. (DSL) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 11:00:00 | Win2K-f | 118.161.40.201 (-): . |
217.170.244.2:443 | DE:proxim.ircgalaxy.pl CZ:217.170.244.2:443 CZ:82.114.64.251:443 DE:85.114.137.60:80 |
445 | pcap | raw alerts ruleset |
shell ftp irc 30 lines |
Yeah : 1.8 profile |
none | summary tarball |
28 of 31 | b8a248f67d NEW |
none[4] | none:none |
FSG| | none | trace |
| T:11:02:00 | WinXP | 77.58.21.6 (SOLPA.NET): CABLECOM, CH. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:30 hits: 05-05 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 11:02:00 | Win2K-f | 41.214.147.190 (-): . |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 18 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:30 hits: 05-05 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 11:06:00 | Win2K-f | 82.200.245.178 (-): ALMATYTELECOM, ALMATY, ALMATY, KZ. |
n/a | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
20 of 31 | af98fe0c94 [Firefox:40 hits: 04-27 to 05-06] |
480d076a0a [0] | ASM:Graph |
ASProtect| | lines=422 embedded dns |
trace |
| 11:10:00 | Win2K-f | 212.194.20.114 (D4.CLUB-INTERNET.FR): T-ONLINE (ADSL), FR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 11:18:00 | Win2K-f | 80.96.202.18 (DIALTELECOM.RO): DIAL TELECOM S.R.L, BUCHAREST, BUCURESTI, RO. (DIAL) |
n/a | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
22 of 31 | 4809bc66cb NEW |
none[4] | none:none |
ASProtect| | none | trace |
| 11:20:00 | WinXP | 79.144.102.166 (RIMA-TDE.NET): TELEFONICA, MADRID, MADRID, ES. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| T:11:20:00 | WinXP | 89.28.43.167 (89-28-0-10.STARNET.MD): STARNET, CHISINAU, CHISINAU, MD. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 16 lines |
Yeah : 0.8 profile |
none | summary tarball |
22 of 32 | a7a78c5fc2 NEW |
none[4] | none:none |
Obsidium| | none | trace |
| 11:23:00 | WinXP | 4.245.3.146 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, ST. LOUIS, MISSOURI, US. (DIAL) |
n/a | CZ:217.170.244.2:443 CZ:82.114.64.251:443 |
445 | pcap | raw alerts ruleset |
shell ftp 18 lines |
Yeah : 1.3 profile |
none | summary tarball |
25 of 28 | 7fdfe363d5 [Firefox:2580 hits: 12-31 to 05-06] |
10862ea8b8 [0] | ASM:Graph |
FSG| | lines=1933 embedded dns |
trace |
| T:11:28:00 | Win2K-f | 85.132.203.239 (VIVO.CZ): VIVO CONNECTION SPOL. S R.O, CZ. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 11:32:00 | Win2K-f | 91.124.207.215 (UKRTEL.NET): UKRTELECOM, BROVARY, KYYIVS'KA OBLAST', UA. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:11:37:00 | Win2K-f | 41.232.124.70 (TEDATA.NET): PROVIDER LOCAL REGISTRY, EG. |
211.96.97.44:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 23 lines |
Yeah : 1.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 11:42:00 | Win2K-f | 92.10.177.14 (-): CARPHONE WAREHOUSE BROADBAND SERVICES, UK. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
26 of 31 | 1128e6e384 NEW |
none[4] | none:none |
none|none | none | trace | |
| 11:54:00 | Win2K-f | 83.61.87.147 (RIMA-TDE.NET): TELEFONICA DE ESPANA, PONTEVEDRA, GALICIA, ES. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 11:58:00 | Win2K-f | 151.54.113.221 (38-151.NET24.IT): IUNET-BNET, PERUGIA, UMBRIA, IT. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| T:12:00:00 | Win2K-f | 201.44.244.170 (STERLINGSTUDENTS.NET): COMITE GESTOR DA INTERNET NO BRASIL, BR. (DSL) |
211.96.97.44:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 12:03:00 | WinXP | 89.146.135.125 (NET.BA): BRAS PPPOE POOL UPGRADE, SARAJEVO, FEDERATION OF BOSNIA AND HERZEGOVINA, BA. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 31 | 08a51bcc57 NEW |
none[4] | none:none |
none|none | none | trace |
| 12:08:00 | WinXP | 201.212.94.223 (NET.AR): PRIMA S.A, BUENOS AIRES, BUENOS AIRES, AR. (DSL) |
n/a | RU:moscow-advokat.ru SE:broadway.ny.us.dal.net SE:qis.md.us.dal.net US:lia.zanet.net :washington.dc.us.undernet.org :flanders.be.eu.undernet.org :brussels.be.eu.undernet.org :gaspode.zanet.org.za SE:coins.dal.net RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
25 of 25 | 7f60162c2c [Firefox:1270 hits: 12-31 to 05-06] |
1aad8e4632 [0] | ASM:Graph |
PolyEnE| | lines=93 embedded dns |
trace |
| T:12:08:00 | WinXP | 41.214.145.252 (-): . |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | d42c1cc7c0 [Firefox:270 hits: 05-01 to 05-06] |
af9ca5bed1 [0] | ASM:Graph |
PolyEnE| | lines=54 | trace |
| 12:18:00 | WinXP | 91.196.54.64 (-): PP KOM I TEX, LVIV, L'VIVS'KA OBLAST', UA. |
211.96.97.44:7000 | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 27 lines |
Yeah : 1.8 profile |
none | summary tarball |
14 of 32 | f515fcc0f7 [Firefox: 9 hits: 12-28 to 05-03] |
dc7696e295 [0] | ASM:Graph |
ASProtect| | lines=422 embedded dns |
trace |
| 12:19:00 | Win2K-f | 4.245.56.192 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, OKLAHOMA CITY, OKLAHOMA, US. (DIAL) |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 18 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:12:21:00 | Win2K-f | 77.54.19.212 (REV.VODAFONE.PT): GPRS POOLS, PT. |
n/a | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
9 of 32 | 9345b57563 [Firefox:10 hits: 12-27 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 12:33:00 | WinXP | 85.90.172.190 (OPTICON.HU): TANET SZOLGALTATO LTD, HU. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:30 hits: 05-05 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| T:12:34:00 | Win2K-f | 196.28.245.247 (-): AFRINIC, BF. |
211.96.97.44:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 12:41:00 | Win2K-f | 82.208.100.20 (MTS-NN.RU): NETWORK FOR DIALUP SERVICES, RU. (DIAL) |
n/a | 445 | pcap | raw alerts ruleset |
ftp 16 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 12:45:00 | Win2K-f | 89.218.249.247 (ADSL.ONLINE.KZ): KAZAKHTELECOM DATA NETWORK ADMINISTRATION, KZ. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
13 of 31 | 01c4229e55 NEW |
none[4] | none:none |
none|none | none | trace |
| T:12:46:00 | Win2K-f | 84.245.211.19 (LIVAS.LV): CABLE INTERNET HOME USERS BASED ON DOCSIS STANDARD, LV. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 16 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 12:55:00 | WinXP | 78.31.62.224 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
25 of 31 | a526bd2c66 NEW |
none[4] | none:none |
ASPack| | none | trace |
| 12:56:00 | Win2K-f | 202.151.87.18 (TELEGUAM.NET): TELEGUAM HOLDINGS LLC, TAMUNING, GUAM, GU. (DSL) |
n/a | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 15 lines |
Yeah : 0.8 profile |
none | summary tarball |
22 of 32 | dc8e1c63cd [Firefox:76 hits: 12-27 to 05-06] |
e0eb8646ee [0] | ASM:Graph |
none|none | lines=601 embedded dns |
trace |
| 13:08:00 | Win2K-f | 190.48.16.62 (COM.AR): TELEFONICA DE ARGENTINA, AR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
23 of 31 | 14ef234ad3 [Firefox: 5 hits: 04-29 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 13:14:00 | WinXP | 85.218.28.174 (LSNE.CH): SIMA - CSU1.ZONE2 (DHCP CLIENTS), CH. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | 3ae357d17b [Firefox:696 hits: 05-01 to 05-06] |
462a7be171 [0] | ASM:Graph |
PolyEnE| | lines=73 | trace |
| 13:20:00 | Win2K-f | 88.214.173.118 (-): GPRS COSTUMERS, PT. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
26 of 31 | 3860c49118 NEW |
none[4] | none:none |
none|none | none | trace | |
| 13:28:00 | WinXP | 92.5.43.221 (-): CARPHONE WAREHOUSE BROADBAND SERVICES, UK. |
n/a | :www.google.com CN:hail.dns2go.com CN:scorti1.dns2go.com |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 13:29:00 | Win2K-f | 88.156.85.95 (VECTRANET.PL): NETWORK IN BIALYSTOK GDYNIA SKIERNIEWICE KOSCIERZYNA BELCHATOW, 'S-HERTOGENBOSCH, NOORD-BRABANT, NL. |
n/a | CN:hail.dns2go.com :www.google.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 13:31:00 | WinXP | 200.100.102.137 (TELESP.NET.BR): COMITE GESTOR DA INTERNET NO BRASIL, BR. (DIAL) |
n/a | :www.google.com CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 16 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| T:13:36:00 | Win2K-f | 200.199.137.29 (STERLINGSTUDENTS.NET): COMITE GESTOR DA INTERNET NO BRASIL, BR. (DSL) |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 13:46:00 | Win2K-f | 41.214.139.161 (-): . |
n/a | :www.google.com | 445 | pcap | raw alerts ruleset |
ftp 19 lines |
Yeah : 0.8 profile |
none | summary tarball |
23 of 31 | 3a65749370 [Firefox: 2 hits: 05-05 to 05-06] |
c0e04edf74 [0] | ASM:Graph |
TXT2COM| | lines=407 embedded dns |
trace |
| T:13:47:00 | WinXP | 85.240.168.117 (DSL.TELEPAC.PT): PT.COM - COMUNICACOES INTERACTIVAS S.A, LEIRIA, LEIRIA, PT. |
211.96.97.44:7000 | :www.google.com CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 13:52:00 | WinXP | 85.26.23.18 (217-117-34-10.TELEDISNET.BE): TELEDISNET ISP, BE. |
n/a | CN:hail.dns2go.com :www.google.com CN:scorti1.dns2go.com |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
19 of 32 | 468140ed8f NEW |
none[4] | none:none |
none|none | none | trace |
| T:13:57:00 | Win2K-f | 12.208.69.110 (MCHSI.COM): MEDIACOM COMMUNICATIONS CORP, STREAMWOOD, ILLINOIS, US. |
n/a | 135 | pcap | raw alerts ruleset |
other 92 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 14:07:00 | Win2K-f | 88.108.83.204 (AS9105.COM): TISCALI UK LTD, LONDON, ENGLAND, UK. (DSL) |
n/a | CZ:82.114.64.251:443 |
445 | pcap | raw alerts ruleset |
shell ftp 17 lines |
Yeah : 1.3 profile |
none | summary tarball |
25 of 28 | 7fdfe363d5 [Firefox:2580 hits: 12-31 to 05-06] |
10862ea8b8 [0] | ASM:Graph |
FSG| | lines=1933 embedded dns |
trace |
| 14:16:00 | Win2K-f | 62.40.55.228 (O2.IE): O2 IRELAND MOBILE PHONE OPERATOR, DUBLIN, DUBLIN, IE. |
n/a | :www.google.com CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 14:22:00 | WinXP | 189.5.89.12 (BRASILTELECOM.NET.BR): COMITE GESTOR DA INTERNET NO BRASIL, BR. |
n/a | CN:hail.dns2go.com :www.google.com CN:scorti1.dns2go.com |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| T:14:29:00 | Win2K-f | 82.207.34.71 (UKRTEL.NET): UKRTELNET, UA. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 14:34:00 | Win2K-f | 82.247.70.121 (PROXAD.NET): PROXAD / FREE SAS, NICE, PROVENCE-ALPES-COTE D'AZUR, FR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com :www.google.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| T:14:36:00 | Win2K-f | 70.69.253.68 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, CALGARY, ALBERTA, CA. |
n/a | 139 | pcap | raw alerts ruleset |
ftp 12 lines |
Yeah : 0.8 profile |
none | summary tarball |
12 of 32 | beb8369329 [Firefox: 4 hits: 04-23 to 05-06] |
665f1def5b [0] | ASM:Graph |
ASPack| | lines=0 | trace | |
| 14:42:00 | WinXP | 84.170.115.232 (T-DIALIN.NET): DEUTSCHE TELEKOM AG, DE. (DIAL) |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
28 of 32 | 32b7295760 NEW |
443ee2d2f0 [0] | ASM:Graph |
TXT2COM| | lines=11 | trace | |
| T:14:47:00 | Win2K-f | 189.39.158.149 (BRASILTELECOM.NET.BR): COMITE GESTOR DA INTERNET NO BRASIL, BR. |
211.96.97.44:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 14:51:00 | WinXP | 85.138.234.169 (CPE.NETCABO.PT): TVCABO-PORTUGAL CABLE MODEM NETWORK, LISBON, LISBOA, PT. |
211.96.97.44:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 20 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 14:51:00 | Win2K-f | 189.5.181.9 (BRASILTELECOM.NET.BR): COMITE GESTOR DA INTERNET NO BRASIL, BR. |
211.96.97.44:7000 | :www.google.com CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 14:55:00 | WinXP | 91.124.57.157 (UKRTEL.NET): UKRTELECOM, UA. |
211.96.97.44:7000 | CN:hail.dns2go.com :www.google.com |
445 | pcap | raw alerts ruleset |
ftp irc 23 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 14:58:00 | Win2K-f | 193.126.166.186 (NET.KPNQWEST.PT): KPNQWEST PORTUGAL / IOL ISP, PT. |
211.96.97.44:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 23 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| T:15:20:00 | Win2K-f | 190.90.194.94 (EQUITEL.COM.CO): INTERNEXA S.A. E.S.P, CO. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| T:15:21:00 | WinXP | 189.5.84.10 (BRASILTELECOM.NET.BR): COMITE GESTOR DA INTERNET NO BRASIL, BR. |
211.96.97.44:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| T:15:24:00 | WinXP | 85.127.14.93 (INODE.AT): LAC5-VIECH3-DYNAMIC-IPS, AT. (DSL) |
n/a | CZ:217.170.244.2:443 CZ:82.114.64.251:443 |
445 | pcap | raw alerts ruleset |
shell ftp 17 lines |
Yeah : 1.3 profile |
none | summary tarball |
25 of 28 | 7fdfe363d5 [Firefox:2580 hits: 12-31 to 05-06] |
10862ea8b8 [0] | ASM:Graph |
FSG| | lines=1933 embedded dns |
trace |
| T:15:28:00 | Win2K-f | 190.50.95.130 (COM.AR): TELEFONICA DE ARGENTINA, AR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:30 hits: 05-05 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 15:34:00 | WinXP | 92.10.176.113 (-): CARPHONE WAREHOUSE BROADBAND SERVICES, UK. |
211.96.97.44:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
28 of 32 | d3beeafba3 NEW |
none[4] | none:none |
none|none | none | trace |
| 15:37:00 | WinXP | 24.86.78.144 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, SURREY, BRITISH COLUMBIA, CA. (DSL) |
n/a | US:freee.najd.us US:69.50.208.3:51115 US:69.50.209.31:51115 |
139 | pcap | raw alerts ruleset |
ftp 12 lines |
Yeah : 0.8 profile |
none | summary tarball |
12 of 32 | beb8369329 [Firefox: 4 hits: 04-23 to 05-06] |
665f1def5b [0] | ASM:Graph |
ASPack| | lines=0 | trace |
| T:15:42:00 | WinXP | 79.138.233.138 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
211.96.97.44:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.3 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:30 hits: 05-05 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 15:43:00 | Win2K-f | 190.48.216.252 (COM.AR): TELEFONICA DE ARGENTINA, CIPOLLETTI, NEUQUEN, AR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
23 of 31 | 14ef234ad3 [Firefox: 5 hits: 04-29 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 15:44:00 | WinXP | 38.117.68.78 (COGENTCO.COM): PERFORMANCE SYSTEMS INTERNATIONAL INC, US. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
12 of 31 | 8f808e3467 NEW |
none[4] | none:none |
none|none | none | trace |
| 15:45:00 | Win2K-f | 61.230.92.37 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TAIPEI, T'AI-PEI, TW. |
n/a | 139 | pcap | raw alerts ruleset |
ftp 12 lines |
Yeah : 0.8 profile |
none | summary tarball |
23 of 32 | 8be304341b [Firefox: 3 hits: 05-06 to 05-06] |
51c0a74ab9 [0] | ASM:Graph |
ASPack| | lines=4773 embedded dns |
trace | |
| 15:59:00 | Win2K-f | 189.84.93.23 (-): . |
211.96.97.44:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 21 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 16:14:00 | Win2K-f | 88.180.64.137 (PROXAD.NET): PROXAD / FREE SAS, FR. |
211.96.97.44:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
27 of 31 | b0b75cccb8 NEW |
none[4] | none:none |
none|none | none | trace |
| 16:19:00 | Win2K-f | 190.68.56.70 (TELECOM.COM.CO): COLOMBIA TELECOMUNICACIONES S.A. ESP, CO. |
211.96.97.44:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 21 lines |
Yeah : 1.3 profile |
none | summary tarball |
15 of 31 | 745a1218e8 NEW |
none[4] | none:none |
none|none | none | trace |
| 16:20:00 | WinXP | 200.226.100.56 (STERLINGSTUDENTS.NET): COMITE GESTOR DA INTERNET NO BRASIL, BR. (DSL) |
211.96.97.44:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 29 lines |
Yeah : 1.8 profile |
none | summary tarball |
15 of 30 | aeaa10cc8d NEW |
none[4] | none:none |
none|none | none | trace |
| 16:24:00 | Win2K-f | 82.231.59.52 (PROXAD.NET): PROXAD / FREE SAS, NICE, PROVENCE-ALPES-COTE D'AZUR, FR. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 1 profile |
none | summary tarball |
29 of 31 | ded3cb4260 NEW |
ded3cb4260 [1] | ASM:Graph |
FSG| | lines=21 | trace | |
| T:16:24:00 | Win2K-f | 220.131.229.62 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TAINAN, KAO-HSIUNG, TW. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:30 hits: 05-05 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 16:29:00 | WinXP | 4.159.113.209 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, GRAND RAPIDS, MICHIGAN, US. (DIAL) |
n/a | RU:moscow-advokat.ru NL:diemen.nl.eu.undernet.org :gaspode.zanet.org.za NO:london.uk.eu.undernet.org US:lia.zanet.net :lulea.se.eu.undernet.org SE:viking.dal.net :los-angeles.ca.us.undernet.org AT:graz.at.eu.undernet.org SE:vancouver.dal.net SE:broadway.ny.us.dal.net SE:ced.dal.net |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
25 of 25 | 7f60162c2c [Firefox:1270 hits: 12-31 to 05-06] |
1aad8e4632 [0] | ASM:Graph |
PolyEnE| | lines=93 embedded dns |
trace |
| T:16:31:00 | WinXP | 4.159.113.209 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, GRAND RAPIDS, MICHIGAN, US. (DIAL) |
n/a | RU:moscow-advokat.ru RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
25 of 25 | 7f60162c2c [Firefox:1270 hits: 12-31 to 05-06] |
1aad8e4632 [0] | ASM:Graph |
PolyEnE| | lines=93 embedded dns |
trace |
| 16:38:00 | WinXP | 190.188.181.69 (NET.AR): PRIMA S.A, AR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
22 of 31 | a5e1fa3343 NEW |
none[4] | none:none |
none|none | none | trace |
| 16:41:00 | WinXP | 208.222.44.174 (WHEATSTATE.COM): NETWORK TOOL AND DIE COMPANY, CHANUTE, KANSAS, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
31 of 32 | 393d3a40db [Firefox: 2 hits: 12-14 to 02-14] |
8a0ff8065a [0] | ASM:Graph |
PolyEnE| | lines=76 | trace |
| 16:58:00 | Win2K-f | 200.117.121.43 (NET.AR): APOLO -GOLD-TELECOM-PER, BUENOS AIRES, BUENOS AIRES, AR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 17:12:00 | WinXP | 200.21.63.108 (TELECOM.COM.CO): COLOMBIA TELECOMUNICACIONES S.A. ESP, CO. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:17:22:00 | Win2K-f | 190.137.165.107 (NET.AR): TELECOM ARGENTINA S.A, AR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| T:17:54:00 | Win2K-f | 12.193.59.72 (CITESCAPE.COM): AT&T WORLDNET IP SERVICES, MIDDLETOWN, NEW JERSEY, US. |
n/a | US:qtas.net DE:85.25.139.52:80 |
445 | pcap | raw alerts ruleset |
other 0 lines |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 17:55:00 | Win2K-f | 190.161.59.71 (VTR.NET): VTR BANDA ANCHA S.A, SANTIAGO, REGION METROPOLITANA, CL. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 18:07:00 | WinXP | 190.135.153.134 (-): . |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 18:16:00 | Win2K-f | 200.199.137.164 (STERLINGSTUDENTS.NET): COMITE GESTOR DA INTERNET NO BRASIL, BR. (DSL) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 16 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 18:19:00 | WinXP | 189.5.156.189 (BRASILTELECOM.NET.BR): COMITE GESTOR DA INTERNET NO BRASIL, GOIâNIA, GOIáS, BR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 15 lines |
Yeah : 0.8 profile |
none | summary tarball |
15 of 31 | 0eceeeb0e0 NEW |
none[4] | none:none |
none|none | none | trace |
| 18:35:00 | Win2K-f | 193.110.60.248 (HDSNET.HU): TEREZVAROS CABLE TELEVISION LTD, BUDAPEST, BUDAPEST, HU. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 18:37:00 | WinXP | 12.77.255.239 (ATT.NET): AT&T WORLDNET SERVICES, HOLLYWOOD, FLORIDA, US. (DIAL) |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 14 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | 1a2c0e6130 [Firefox:371 hits: 12-31 to 05-05] |
048df78048 [0] | ASM:Graph |
none|none | lines=61 | trace | |
| T:18:46:00 | WinXP | 65.74.43.141 (GCI.NET): GCI COMMUNICATIONS INC, SCAMMON BAY, ALASKA, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
31 of 32 | 9373130c42 [Firefox:29 hits: 01-24 to 03-28] |
0945dbe41c [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 18:48:00 | WinXP | 24.208.146.194 (RR.COM): ROAD RUNNER HOLDCO LLC, COLUMBUS, OHIO, US. (DSL) |
n/a | DE:siliconfireware.ru :www.proxy-socks.net :wpad DE:212.227.111.29:80 DE:217.11.54.126:80 EU:78.47.200.154:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | a12cab51ef [Firefox:1007 hits: 05-01 to 05-05] |
40f7f463c4 [0] | ASM:Graph |
ASPack| | lines=281 embedded dns |
trace |
| 18:49:00 | WinXP | 65.74.43.141 (GCI.NET): GCI COMMUNICATIONS INC, SCAMMON BAY, ALASKA, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 3 lines |
Yeah : 1.3 profile |
none | summary tarball |
31 of 32 | 9373130c42 [Firefox:29 hits: 01-24 to 03-28] |
0945dbe41c [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 18:49:00 | WinXP | 24.243.120.42 (RR.COM): ROAD RUNNER HOLDCO LLC, CORPUS CHRISTI, TEXAS, US. |
n/a | DE:siliconfireware.ru SE:kavkazcenter.com SE:kavkazcenter.net FI:kavkazchat.com US:chechenpress.info GB:chechenpress.co.uk :shaheeds.org :daymohk.info :chripress.org DK:marsho.dk US:www.jamaatshariat.com US:www.counterdata.com DE:m1.webstats.motigo.com DK:193.201.35.247:80 DE:212.227.111.29:80 DE:217.11.54.126:80 GB:217.194.210.198:80 DE:62.146.88.122:80 US:66.39.25.242:80 US:72.29.65.216:80 EU:78.47.200.154:80 FI:80.81.183.162:80 SE:88.80.5.157:80 |
445 | pcap | raw alerts ruleset |
http 116 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | ab5e47bf8d [Firefox:44 hits: 05-10 to 05-01] |
none[3] | none:none |
ASPack| | none | trace |
| 19:35:00 | Win2K-f | 200.70.134.169 (COM.AR): TELEFONICA DATA ARGENTINA S.A, BUENOS AIRES, BUENOS AIRES, AR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 16 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 19:46:00 | Win2K-f | 92.1.106.206 (-): CARPHONE WAREHOUSE BROADBAND SERVICES, UK. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 15 lines |
Yeah : 0.8 profile |
none | summary tarball |
26 of 31 | 1630b54a28 NEW |
none[4] | none:none |
none|none | none | trace | |
| 19:58:00 | Win2K-f | 190.138.130.187 (NET.AR): TELECOM ARGENTINA S.A, AR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| T:20:00:00 | Win2K-f | 92.11.8.192 (-): CARPHONE WAREHOUSE BROADBAND SERVICES, UK. |
211.96.97.44:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
22 of 31 | fc61810077 NEW |
none[4] | none:none |
none|none | none | trace |
| 20:26:00 | Win2K-f | 4.227.239.96 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, AURORA, COLORADO, US. (DIAL) |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 17 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:20:41:00 | Win2K-f | 122.54.90.96 (PLDT.NET): IPG, PH. |
n/a | 135 | pcap | raw alerts ruleset |
other 112 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:20:59:00 | Win2K-f | 61.224.105.178 (HINET.NET): DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD, TAIPEI, T'AI-PEI, TW. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 21:10:00 | Win2K-f | 61.230.92.90 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TAIPEI, T'AI-PEI, TW. |
n/a | CZ:217.170.244.2:443 CZ:82.114.64.251:443 |
445 | pcap | raw alerts ruleset |
shell ftp 18 lines |
Yeah : 1.3 profile |
none | summary tarball |
25 of 28 | 7fdfe363d5 [Firefox:2580 hits: 12-31 to 05-06] |
10862ea8b8 [0] | ASM:Graph |
FSG| | lines=1933 embedded dns |
trace |
| T:21:19:00 | Win2K-f | 88.156.84.113 (VECTRANET.PL): NETWORK IN BIALYSTOK GDYNIA SKIERNIEWICE KOSCIERZYNA BELCHATOW, 'S-HERTOGENBOSCH, NOORD-BRABANT, NL. |
211.96.97.44:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| T:21:20:00 | WinXP | 59.190.9.185 (EONET.NE.JP): K-OPTICOM CORPORATION, OSAKA, OSAKA, JP. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 16 lines |
Yeah : 0.8 profile |
none | summary tarball |
31 of 32 | 741e3b03b3 [Firefox:24 hits: 09-28 to 05-06] |
e0197e8a64 [0] | ASM:Graph |
none|none | lines=62 | trace | |
| 21:24:00 | Win2K-f | 212.154.181.139 (-): CJC NATIONAL INFORMATION TECHNOLOGIES, KZ. (100Mbps) |
n/a | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
19 of 30 | 93282471f7 [Firefox: 7 hits: 04-28 to 05-05] |
95951dee58 [0] | ASM:Graph |
ASProtect| | lines=0 | trace |
| 21:35:00 | WinXP | 86.97.153.108 (NET.AE): EMIRATES TELECOMMUNICATIONS CORPORATION, ABU DHABI, ABU DHABI, AE. |
n/a | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | 1fcc146d70 [Firefox:232 hits: 05-02 to 04-21] |
258fafe892 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:21:38:00 | Win2K-f | 117.2.13.248 (ADSL.VIETTEL.VN): VIETEL CORPORATION, HANOI, HA NOI, VN. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| T:21:40:00 | Win2K-f | 98.134.180.140 (-): . |
n/a | CZ:217.170.244.2:443 CZ:82.114.64.251:443 |
445 | pcap | raw alerts ruleset |
shell ftp 17 lines |
Yeah : 1.3 profile |
none | summary tarball |
25 of 28 | 7fdfe363d5 [Firefox:2580 hits: 12-31 to 05-06] |
10862ea8b8 [0] | ASM:Graph |
FSG| | lines=1933 embedded dns |
trace |
| 21:48:00 | Win2K-f | 92.112.25.4 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
20 of 32 | fd0bf48a75 [Firefox: 6 hits: 04-28 to 05-06] |
none[3] | none:none |
ASProtect| | none | trace |
| T:22:21:00 | WinXP | 89.146.149.229 (NET.BA): BRAS PPPOE POOL UPGRADE, SARAJEVO, FEDERATION OF BOSNIA AND HERZEGOVINA, BA. |
211.96.97.44:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:30 hits: 05-05 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| T:22:27:00 | WinXP | 89.111.152.43 (GARNET.RU): GARANT-PARK-TELECOM LTD, RU. |
211.96.97.44:7000 | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 25 lines |
Yeah : 1.8 profile |
none | summary tarball |
19 of 31 | b22992699c NEW |
none[4] | none:none |
ASProtect| | none | trace |
| T:22:55:00 | WinXP | 84.186.183.112 (T-IPCONNECT.DE): DEUTSCHE TELEKOM AG, DE. |
211.96.97.44:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:30 hits: 05-05 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 23:06:00 | Win2K-f | 89.151.172.118 (CHTTS.RU): ADSL USERS @ CHUVASH REPUBLIC, RU. |
n/a | CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
22 of 31 | 4809bc66cb NEW |
none[4] | none:none |
ASProtect| | none | trace |
| 23:08:00 | WinXP | 118.169.58.153 (-): . |
217.170.244.2:443 | CZ:217.170.244.2:443 CZ:82.114.64.251:443 |
445 | pcap | raw alerts ruleset |
shell ftp irc 23 lines |
Yeah : 1.8 profile |
none | summary tarball |
25 of 28 | 7fdfe363d5 [Firefox:2580 hits: 12-31 to 05-06] |
10862ea8b8 [0] | ASM:Graph |
FSG| | lines=1933 embedded dns |
trace |
| T:23:21:00 | WinXP | 12.218.242.26 (MCHSI.COM): MEDIACOM COMMUNICATIONS CORP, MOBILE, ALABAMA, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:2955 hits: 12-31 to 05-06] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:23:28:00 | WinXP | 82.247.7.224 (PROXAD.NET): PROXAD / FREE SAS, NICE, PROVENCE-ALPES-COTE D'AZUR, FR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 23:28:00 | WinXP | 201.172.229.93 (INTERCABLE.NET): TELEVISION INTERNACIONAL S.A. DE C.V, MONTERREY, NUEVO LEON, MX. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:30 hits: 05-05 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| T:23:30:00 | Win2K-f | 87.8.226.87 (RETAIL.TELECOMITALIA.IT): TELECOM ITALIA S.P.A. TIN EASY LITE, NOVARA, PIEMONTE, IT. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 23:32:00 | Win2K-f | 117.198.98.73 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
other 0 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 23:37:00 | WinXP | 41.245.84.178 (FAUXTEL.COM): AFRINIC, ZA. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
12 of 30 | 76b4ab852e [Firefox:27 hits: 04-29 to 05-06] |
none[4] | none:none |
none|none | none | trace |
| 23:39:00 | WinXP | 122.99.28.239 (TOTALBB.NET.TW): KE-ING CO LTD, TAIPEI, T'AI-PEI, TW. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 23:42:00 | WinXP | 117.195.129.253 (-): . |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 15 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| 23:48:00 | Win2K-f | 218.111.182.79 (TM.NET.MY): TELEKOM MALAYSIA BERHAD, KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:211.96.97.44:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:747 hits: 04-27 to 05-06] |
d4a06bdc3a [4] | ASM:Graph |
none|none | lines=4 | trace |
| T:23:56:00 | Win2K-f | 62.35.135.219 (D4.CLUB-INTERNET.FR): T-ONLINE (ADSL), PARIS, ILE-DE-FRANCE, FR. |
211.96.97.44:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
19 of 31 | 0330af1285 [Firefox: 3 hits: 05-02 to 05-03] |
none[4] | none:none |
none|none | none | trace |
| T:23:57:00 | WinXP | 206.174.7.90 (GCI.NET): GCI COMMUNICATIONS INC, FAIRBANKS, ALASKA, US. |
n/a | GB:welcome3.smile.co.uk EU:siliconfireware.ru :wpad :www.proxy-socks.net GB:195.92.84.198:80 DE:212.227.111.29:80 DE:217.11.54.126:80 EU:78.47.200.154:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
29 of 31 | df56f8db22 NEW |
none[4] | none:none |
PolyEnE| | none | trace |