Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

11 May 2008
<prev>   <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.


Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]
Time
 		Victim
OS
 		Infection
Source
 		C&C
Server
 		DNS Lookups &
Failed Connects 		Infection
Port
 		Packet
Trace
 		Detection
Signatures
 		Infection
Chatter
 		BotHunter
Analysis
 		Behavioral
Cluster
 		Forensic
Logs
 		Antivirus
Labels
 		Packed Malware_Binary Unpacked egg.exe
 		Unpacked egg.asm
 		Packer PEID
 		Data Strings
 		Syscall Trace
00:11:00 WinXP 92.113.223.90 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		19 of 32 fc1770a653
NEW 		none[none] none:none
 none|none none none
00:34:00 Win2K-f 218.161.68.105 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAOYUAN, T'AI-WAN, TW. 		n/a  
CZ:217.170.244.2:443
CZ:82.114.64.251:443 		445 pcap raw alerts
ruleset 		shell
ftp
17 lines 		Yeah : 1.3
profile 		none summary
tarball 		25 of 28 7fdfe363d5
[Firefox:2601 hits: 12-31 to 05-10] 		10862ea8b8 [0] ASM:Graph
 FSG| lines=1933
embedded dns 		trace
T:00:43:00 WinXP 61.224.89.116 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a UA:citi-bank.ru
UA:194.54.90.246:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 1.3
profile 		none summary
tarball 		26 of 28 a92e3f8fc8
[Firefox:111 hits: 05-03 to 05-10] 		dfe02a1e52 [0] ASM:Graph
 PolyEnE| lines=68 trace
00:46:00 Win2K-f 85.95.101.119 (IZRSOLUTIONS.COM):
IZR DYNAMIC ADSL CUSTOMERS,
SOUTHAMPTON, ENGLAND, UK. (DSL) 		211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
irc
21 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:01:11:00 Win2K-f 79.184.15.147 (TPNET.PL):
TPSA,
PL. 		211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
irc
17 lines 		Yeah : 1.3
profile 		none summary
tarball 		14 of 32 a2a036466a
[Firefox:116 hits: 05-05 to 05-10] 		none[4] none:none
 none|none none trace
01:21:00 WinXP 41.212.180.23 (-):
. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
irc
25 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
01:37:00 Win2K-f 85.132.202.241 (VIVO.CZ):
VIVO CONNECTION SPOL. S R.O,
CZ. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		16 of 31 fbe8e86652
NEW 		none[none] none:none
 none|none none none
01:48:00 Win2K-f 41.249.252.185 (IAM.NET.MA):
AFRINIC,
MA. 		84.244.11.226:2345 US:wow.blackirc.us
SE:tap.radioprishtina.net 		445 pcap raw alerts
ruleset 		http
irc
22 lines 		Yeah : 1.3
profile 		none summary
tarball 		6 of 32 960e04f269
NEW 		none[none] none:none
 none|none none none
01:49:00 WinXP 92.97.177.169 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		n/a   445 pcap raw alerts
ruleset 		other
0 lines 		Yeah : 1
profile 		none summary
tarball 		none none none none none none none
T:01:59:00 Win2K-f 87.103.220.4 (KUZBASS.NET):
ALLOCATION FOR KEMEROVO REGIONAL BRANCH OF THE JSC SIBIRTELECOM,
KEMEROVO, KEMEROVSKAYA OBLAST', RU. (DIAL) 		n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		9 of 32 9345b57563
[Firefox:12 hits: 12-27 to 05-10] 		none[4] none:none
 none|none none trace
T:02:22:00 Win2K-f 80.201.64.125 (ISP.BELGACOM.BE):
BELGACOM-ADSL,
ANTWERP, ANTWERPEN, BE. (DSL) 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:02:27:00 WinXP 213.77.208.236 (TPNET.PL):
TELEKOMUNIKACJA POLSKA S.A. CST,
PLOCK, MAZOWIECKIE, PL. (DIAL) 		n/a   445 pcap raw alerts
ruleset 		ftp
13 lines 		Yeah : 1.3
profile 		none summary
tarball 		29 of 29 1a2c0e6130
[Firefox:377 hits: 12-31 to 05-10] 		048df78048 [0] ASM:Graph
 none|none lines=61 trace
02:33:00 Win2K-f 82.139.14.215 (UDN.PL):
NETWORK IN RADOM SKARZYSKO-KAMIENNA,
JELENIA GORA, DOLNOSLASKIE, PL. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
02:38:00 WinXP 89.214.45.200 (-):
GPRS COSTUMERS,
PT. 		211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
irc
28 lines 		Yeah : 1.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
02:56:00 Win2K-f 85.26.75.212 (217-117-34-10.TELEDISNET.BE):
TELEDISNET ISP,
BE. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		14 of 32 a2a036466a
[Firefox:116 hits: 05-05 to 05-10] 		none[4] none:none
 none|none none trace
T:02:59:00 WinXP 118.171.205.126 (-):
. 		211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
irc
23 lines 		Yeah : 1.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:03:06:00 WinXP 85.174.4.85 (RUNEXT.COM):
PROVIDER LOCAL REGISTRY,
RU. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
irc
22 lines 		Yeah : 1.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:03:19:00 Win2K-f 84.135.87.18 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
COLOGNE, NORDRHEIN-WESTFALEN, DE. 		n/a   445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		30 of 32 9110ad5a7c
NEW 		none[none] none:none
 none|none none none
T:03:24:00 WinXP 202.221.174.30 (BMOBILE.NE.JP):
JAPAN COMMUNICATION INC,
TOKYO, TOKYO, JP. 		n/a UA:citi-bank.ru
UA:194.54.90.246:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 1.3
profile 		none summary
tarball 		29 of 29 3ae357d17b
[Firefox:702 hits: 05-01 to 05-10] 		462a7be171 [0] ASM:Graph
 PolyEnE| lines=73 trace
03:38:00 Win2K-f 77.54.27.186 (REV.VODAFONE.PT):
GPRS POOLS,
PT. 		n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		9 of 32 9345b57563
[Firefox:12 hits: 12-27 to 05-10] 		none[4] none:none
 none|none none trace
T:03:47:00 WinXP 218.169.59.152 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		217.170.244.2:443 85.114.137.60:65520 DE:proxima.ircgalaxy.pl
CZ:217.170.244.2:443
DE:85.114.137.60:65520 		445 pcap raw alerts
ruleset 		shell
ftp
irc
30 lines 		Yeah : 1.8
profile 		none summary
tarball 		29 of 32 90c4c8abcd
NEW 		none[none] none:none
 none|none none none
03:55:00 WinXP 93.108.4.184 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		14 of 32 a2a036466a
[Firefox:116 hits: 05-05 to 05-10] 		none[4] none:none
 none|none none trace
04:02:00 WinXP 91.147.214.73 (-):
BTM-2002 KFT,
HU. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
18 lines 		Yeah : 1.3
profile 		none summary
tarball 		27 of 32 008124ebe0
NEW 		none[none] none:none
 none|none none none
04:07:00 WinXP 79.72.185.140 (AS9105.COM):
TELINCO,
UK. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
26 lines 		Yeah : 1.3
profile 		none summary
tarball 		12 of 30 76b4ab852e
[Firefox:36 hits: 04-29 to 05-10] 		none[4] none:none
 none|none none trace
04:08:00 Win2K-f 79.139.164.24 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
20 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:04:14:00 WinXP 77.127.189.39 (INTER.NET.IL):
EURONET DIGITAL COMMUNICATIONS,
IL. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
21 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
04:23:00 WinXP 92.9.151.39 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		25 of 31 8a133be75e
NEW 		none[4] none:none
 none|none none trace
T:04:26:00 WinXP 218.173.234.229 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:04:35:00 Win2K-f 88.156.81.7 (VECTRANET.PL):
NETWORK IN BIALYSTOK GDYNIA SKIERNIEWICE KOSCIERZYNA BELCHATOW,
'S-HERTOGENBOSCH, NOORD-BRABANT, NL. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
15 lines 		Yeah : 0.8
profile 		none summary
tarball 		24 of 31 da2cf55766
NEW 		none[none] none:none
 none|none none none
04:37:00 Win2K-f 87.13.36.159 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
IMPERIA, LIGURIA, IT. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
irc
21 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
04:42:00 WinXP 83.148.35.40 (VOL.CZ):
VOLNYCZECHNETWORK,
PLZEN, PLZENSKY KRAJ, CZ. (DIAL) 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
15 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
04:47:00 Win2K-f 87.223.243.29 (DYNAMIC.JAZZTEL.ES):
JAZZ TELECOM S.A,
BARCELONA, CATALUñA, ES. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		14 of 32 a2a036466a
[Firefox:116 hits: 05-05 to 05-10] 		none[4] none:none
 none|none none trace
04:49:00 WinXP 92.10.226.164 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. 		n/a DE:proxim.ircgalaxy.pl
CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
DE:85.114.137.60:80 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		26 of 31 f214919154
NEW 		none[none] none:none
 none|none none none
04:54:00 WinXP 82.247.165.147 (PROXAD.NET):
PROXAD / FREE SAS,
CHAMBERY, RHONE-ALPES, FR. 		n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		20 of 31 af98fe0c94
[Firefox:53 hits: 04-27 to 05-10] 		480d076a0a [0] ASM:Graph
 ASProtect| lines=422
embedded dns 		trace
05:02:00 Win2K-f 89.106.108.204 (-):
OPTILINK,
BG. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:05:04:00 Win2K-f 92.40.40.210 (IKBCC.COM):
EU-ZZ,
UK. 		n/a DE:proxim.ircgalaxy.pl
CZ:217.170.244.2:443
CZ:82.114.64.251:443
DE:85.114.137.60:80 		445 pcap raw alerts
ruleset 		shell
ftp
17 lines 		Yeah : 0.8
profile 		none summary
tarball 		28 of 31 b92a35e93d
NEW 		2d221cfbcc [0] ASM:Graph
 FSG| lines=1934
embedded dns 		trace
05:04:00 WinXP 74.72.178.8 (RR.COM):
ROAD RUNNER HOLDCO LLC,
NEW YORK, NEW YORK, US. 		n/a DE:siliconfireware.ru
:wpad
RU:www.bbin.ru
CA:www.cibc.com
RU:195.200.213.52:80
DE:212.227.111.29:80
DE:217.11.54.126:80
EU:78.47.200.154:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		29 of 29 df17a625ee
[Firefox:439 hits: 05-04 to 05-10] 		none[3] none:none
 ASPack| none trace
05:04:00 Win2K-f 87.5.201.232 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
MILANO, LOMBARDIA, IT. (DSL) 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:05:10:00 WinXP 79.211.205.16 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
DE. 		n/a CN:scorti1.dns2go.com 445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		12 of 31 ab48a97a5d
[Firefox: 4 hits: 12-28 to 05-07] 		81e9c5d188 [0] ASM:Graph
 ASProtect| lines=419
embedded dns 		trace
05:25:00 WinXP 92.9.253.194 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
irc
23 lines 		Yeah : 1.3
profile 		none summary
tarball 		12 of 30 76b4ab852e
[Firefox:36 hits: 04-29 to 05-10] 		none[4] none:none
 none|none none trace
T:05:28:00 Win2K-f 67.32.226.86 (BELLSOUTH.NET):
BELLSOUTH.NET INC,
NEWPORT, TENNESSEE, US. 		85.114.137.60:80 DE:dl2.teenpassage.com
IL:ymq.a1001186.wrs.mcboo.com
IL:194.90.224.86:80
CZ:217.170.244.2:443
CZ:82.114.64.251:443 		445 pcap raw alerts
ruleset 		irc
http
36 lines 		Yeah : 1.3
profile 		none summary
tarball 		18 of 31 4399970831
NEW 		none[none] none:none
 none|none none none
05:29:00 WinXP 125.233.184.21 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
20 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:05:47:00 Win2K-f 219.95.20.130 (TM.NET.MY):
ADSL-STREAMYX-TMNET,
PUCHONG, SELANGOR, MY. 		217.170.244.2:443  
CZ:217.170.244.2:443
CZ:82.114.64.251:443 		445 pcap raw alerts
ruleset 		irc
10 lines 		Yeah : 1.8
profile 		none summary
tarball 		none none none none none none none
05:56:00 Win2K-f 77.28.74.98 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
20 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
05:59:00 Win2K-f 117.195.16.155 (-):
. 		n/a   445 pcap raw alerts
ruleset 		other
0 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
06:06:00 Win2K-f 88.160.228.97 (PROXAD.NET):
PROXAD / FREE SAS,
FR. 		n/a   445 pcap raw alerts
ruleset 		ftp
12 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
06:19:00 Win2K-f 41.214.142.74 (-):
. 		n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
15 lines 		Yeah : 0.8
profile 		none summary
tarball 		23 of 31 3a65749370
[Firefox: 3 hits: 05-05 to 05-07] 		c0e04edf74 [0] ASM:Graph
 TXT2COM| lines=407
embedded dns 		trace
06:34:00 Win2K-f 85.241.43.216 (DSL.TELEPAC.PT):
PT.COM - COMUNICACOES INTERACTIVAS S.A,
LISBON, LISBOA, PT. (DSL) 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		14 of 32 a2a036466a
[Firefox:116 hits: 05-05 to 05-10] 		none[4] none:none
 none|none none trace
T:06:36:00 Win2K-f 41.214.137.250 (-):
. 		n/a   445 pcap raw alerts
ruleset 		ftp
17 lines 		Yeah : 0.8
profile 		none summary
tarball 		23 of 31 3a65749370
[Firefox: 3 hits: 05-05 to 05-07] 		c0e04edf74 [0] ASM:Graph
 TXT2COM| lines=407
embedded dns 		trace
T:06:58:00 Win2K-f 79.19.3.56 (SRC.ORG):
TELECOM ITALIA NET,
ROME, LAZIO, IT. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
irc
21 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:07:08:00 Win2K-f 78.58.88.238 (ZEBRA.LT):
LIETUVOS,
LT. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
15 lines 		Yeah : 0.8
profile 		none summary
tarball 		26 of 31 f413789928
NEW 		none[none] none:none
 none|none none none
07:09:00 Win2K-f 220.102.68.150 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
20 lines 		Yeah : 1.3
profile 		none summary
tarball 		26 of 31 26cc203a46
NEW 		none[none] none:none
 none|none none none
07:14:00 WinXP 139.223.216.150 (TISNET.NET.TW):
TATUNG,
TW. 		n/a   445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		29 of 29 1a2c0e6130
[Firefox:377 hits: 12-31 to 05-10] 		048df78048 [0] ASM:Graph
 none|none lines=61 trace
07:17:00 WinXP 190.137.130.246 (NET.AR):
TELECOM ARGENTINA S.A,
AR. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		14 of 32 a2a036466a
[Firefox:116 hits: 05-05 to 05-10] 		none[4] none:none
 none|none none trace
07:25:00 WinXP 85.138.132.63 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
LISBON, LISBOA, PT. 		n/a DE:proxim.ircgalaxy.pl
CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000
DE:85.114.137.60:80 		445 pcap raw alerts
ruleset 		ftp
15 lines 		Yeah : 0.8
profile 		none summary
tarball 		25 of 31 c644a6e74d
NEW 		none[none] none:none
 none|none none none
T:07:26:00 WinXP 79.213.229.43 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
DE. 		211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
20 lines 		Yeah : 1.3
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
07:27:00 Win2K-f 79.126.50.57 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
07:37:00 WinXP 83.181.252.228 (CUST.TELE2.IT):
TELE2 ITALY S.A,
NAPOLI, CAMPANIA, IT. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
07:40:00 WinXP 212.233.230.128 (-):
NTL,
FR. 		n/a   445 pcap raw alerts
ruleset 		other
0 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:07:44:00 Win2K-f 92.46.27.213 (IKBCC.COM):
EU-ZZ,
UK. 		211.96.97.44:7000 85.114.137.60:65520 DE:proxim.ircgalaxy.pl
CN:hail.dns2go.com
DE:85.114.137.60:65520 		445 pcap raw alerts
ruleset 		ftp
irc
24 lines 		Yeah : 1.8
profile 		none summary
tarball 		27 of 32 73a608a884
NEW 		none[none] none:none
 none|none none none
07:48:00 WinXP 4.240.168.234 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
PHOENIX, ARIZONA, US. (DIAL) 		72.10.172.218:7382 CA:italian.swiifatecihno.com 445 pcap raw alerts
ruleset 		shell
ftp
irc
31 lines 		Yeah : 1.8
profile 		none summary
tarball 		28 of 31 63217eb564
NEW 		none[none] none:none
 none|none none none
07:48:00 WinXP 201.212.143.196 (NET.AR):
PRIMA S.A,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:07:54:00 Win2K-f 79.42.77.21 (SRC.ORG):
TELECOM ITALIA NET,
ROME, LAZIO, IT. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:08:34:00 Win2K-f 217.164.229.173 (NET.AE):
EMIRATES INTERNET,
DUBAI, DUBAI, AE. 		n/a   445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
08:42:00 Win2K-f 118.169.39.228 (-):
. 		n/a DE:proxim.ircgalaxy.pl
CZ:217.170.244.2:443
CZ:82.114.64.251:443
DE:85.114.137.60:65520 		445 pcap raw alerts
ruleset 		shell
ftp
17 lines 		Yeah : 1.3
profile 		none summary
tarball 		28 of 31 0b8d225034
[Firefox: 3 hits: 05-04 to 05-10] 		d602884c66 [0] ASM:Graph
 FSG| lines=1993
embedded dns 		trace
T:08:53:00 Win2K-f 85.23.113.30 (SUOMI.NET):
OULU TELEPHONE COMPANY,
OULU, OULUN LAANI, FI. 		211.96.97.44:7000 CN:scorti1.dns2go.com 445 pcap raw alerts
ruleset 		ftp
20 lines 		Yeah : 1.3
profile 		none summary
tarball 		13 of 32 53123fadcc
[Firefox:38 hits: 01-26 to 05-10] 		none[4] none:none
 none|none none trace
08:58:00 Win2K-f 85.233.80.172 (-):
JSC TATNEFT,
RU. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		19 of 32 468140ed8f
NEW 		none[4] none:none
 none|none none trace
09:07:00 WinXP 218.173.75.71 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a   445 pcap raw alerts
ruleset 		ftp
15 lines 		Yeah : 0.8
profile 		none summary
tarball 		10 of 32 639a247ece
[Firefox:27 hits: 04-28 to 05-09] 		29d53eec72 [0] ASM:Graph
 StarForce| lines=132 trace
T:09:12:00 Win2K-f 190.97.130.17 (-):
. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
15 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
09:17:00 Win2K-f 66.27.182.52 (RR.COM):
ROAD RUNNER HOLDCO LLC,
CANOGA PARK, CALIFORNIA, US. 		n/a  
CZ:217.170.244.2:443
CZ:82.114.90.2:443 		445 pcap raw alerts
ruleset 		ftp
shell
110 lines 		Yeah : 1.3
profile 		none summary
tarball 		16 of 31 23c32fbd78
NEW 		none[4] none:none
 PeCompact| none trace
09:31:00 WinXP 89.174.120.131 (IPARTNERS.PL):
GTS POLSKA SP. Z O.O,
KRAKOW, MALOPOLSKIE, PL. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
15 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
09:43:00 Win2K-f 62.47.12.111 (TELEKOM.AT):
HIGHWAY CUSTOMERS,
VIENNA, WIEN, AT. 		n/a   445 pcap raw alerts
ruleset 		ftp
11 lines 		Yeah : 1
profile 		none summary
tarball 		none none none none none none none
09:50:00 WinXP 89.214.196.15 (-):
TMN - TELECOMUNICACOES MOVEIS NACIONAIS SA,
PT. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
09:52:00 WinXP 82.77.219.157 (RDSNET.RO):
TEREZVAROS CABLE TELEVISION LTD,
BUDAPEST, BUDAPEST, HU. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
15 lines 		Yeah : 0.8
profile 		none summary
tarball 		15 of 31 d054622507
NEW 		none[none] none:none
 none|none none none
T:09:53:00 WinXP 71.107.112.66 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
LONG BEACH, CALIFORNIA, US. (DSL) 		n/a DE:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80
DE:85.114.137.60:65520 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 1.3
profile 		none summary
tarball 		31 of 32 ac69a2a758
[Firefox: 7 hits: 03-25 to 04-17] 		none[3] none:none
 PolyEnE| none trace
10:07:00 Win2K-f 4.237.245.213 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
NEW YORK, NEW YORK, US. (DIAL) 		n/a   445 pcap raw alerts
ruleset 		shell
shell
ftp
18 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
10:13:00 WinXP 91.66.233.147 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. 		n/a   445 pcap raw alerts
ruleset 		ftp
13 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
13:10:00 Win2K-f 12.72.28.180 (ATT.NET):
AT&T WORLDNET SERVICES,
LA MIRADA, CALIFORNIA, US. (DIAL) 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
20 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:13:27:00 WinXP 80.6.2.124 (NTL.COM):
LEEDS,
DERBY, ENGLAND, UK. (DSL) 		n/a UA:citi-bank.ru
UA:194.54.90.246:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 1.3
profile 		none summary
tarball 		31 of 31 09b3eade33
NEW 		none[none] none:none
 none|none none none
13:30:00 WinXP 80.6.2.124 (NTL.COM):
LEEDS,
DERBY, ENGLAND, UK. (DSL) 		n/a UA:citi-bank.ru
UA:194.54.90.246:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 1.3
profile 		none summary
tarball 		31 of 31 09b3eade33
NEW 		none[none] none:none
 none|none none none
13:57:00 WinXP 218.160.245.113 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a  
CZ:217.170.244.2:443
CZ:82.114.64.251:443 		445 pcap raw alerts
ruleset 		shell
ftp
17 lines 		Yeah : 1.3
profile 		none summary
tarball 		25 of 28 7fdfe363d5
[Firefox:2601 hits: 12-31 to 05-10] 		10862ea8b8 [0] ASM:Graph
 FSG| lines=1933
embedded dns 		trace
14:00:00 Win2K-f 79.184.20.138 (TPNET.PL):
TPSA,
PL. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		14 of 32 a2a036466a
[Firefox:116 hits: 05-05 to 05-10] 		none[4] none:none
 none|none none trace
T:14:42:00 WinXP 71.106.225.247 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
REDONDO BEACH, CALIFORNIA, US. (DSL) 		n/a UA:citi-bank.ru
UA:194.54.90.246:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 1.3
profile 		none summary
tarball 		31 of 32 55c0b169fd
NEW 		none[none] none:none
 none|none none none
T:14:48:00 WinXP 201.19.73.120 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
20 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
15:12:00 Win2K-f 190.139.22.65 (NET.AR):
TELECOM ARGENTINA S.A,
AR. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:15:51:00 WinXP 98.105.85.86 (-):
. 		n/a  
CZ:217.170.244.2:443
CZ:82.114.64.251:443 		445 pcap raw alerts
ruleset 		shell
ftp
18 lines 		Yeah : 1.3
profile 		none summary
tarball 		25 of 28 7fdfe363d5
[Firefox:2601 hits: 12-31 to 05-10] 		10862ea8b8 [0] ASM:Graph
 FSG| lines=1933
embedded dns 		trace
15:58:00 WinXP 86.35.243.5 (ROMTELECOM.NET):
ROMTELECOM DATA NETWORK,
RO. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		27 of 32 fb28fc1d41
NEW 		none[none] none:none
 none|none none none
16:00:00 Win2K-f 189.61.47.126 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. 		n/a   445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
16:36:00 WinXP 92.12.240.237 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
16:37:00 WinXP 190.161.0.197 (VTR.NET):
VTR BANDA ANCHA S.A,
PATERSON, NEW JERSEY, US. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
17:02:00 WinXP 118.98.163.5 (-):
. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		14 of 32 a2a036466a
[Firefox:116 hits: 05-05 to 05-10] 		none[4] none:none
 none|none none trace
17:56:00 WinXP 201.173.49.35 (IFXNW.COM.MX):
NETWORK INFORMATION CENTER MEXICO,
MX. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		14 of 32 a2a036466a
[Firefox:116 hits: 05-05 to 05-10] 		none[4] none:none
 none|none none trace
18:17:00 WinXP 12.72.186.99 (ATT.NET):
AT&T WORLDNET SERVICES,
CARSON CITY, NEVADA, US. (DIAL) 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
15 lines 		Yeah : 1.3
profile 		none summary
tarball 		29 of 29 1a2c0e6130
[Firefox:377 hits: 12-31 to 05-10] 		048df78048 [0] ASM:Graph
 none|none lines=61 trace
18:20:00 Win2K-f 59.121.195.149 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
15 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
19:21:00 WinXP 189.61.32.228 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
19:28:00 WinXP 119.17.100.253 (-):
. 		n/a DE:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80
DE:85.114.137.60:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 1.3
profile 		none summary
tarball 		30 of 32 3f5ec58a6b
[Firefox:13 hits: 04-24 to 05-10] 		4a77430a59 [0] ASM:Graph
 PolyEnE| lines=70 trace
T:19:35:00 WinXP 12.75.26.214 (ATT.NET):
AT&T WORLDNET SERVICES,
DETROIT, MICHIGAN, US. (DIAL) 		n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 1.3
profile 		none summary
tarball 		25 of 25 7f60162c2c
[Firefox:1278 hits: 12-31 to 05-10] 		1aad8e4632 [0] ASM:Graph
 PolyEnE| lines=93
embedded dns 		trace
T:20:23:00 WinXP 24.85.42.135 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
RICHMOND, BRITISH COLUMBIA, CA. (DSL) 		n/a   135 pcap raw alerts
ruleset 		other
96 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
21:30:00 Win2K-f 4.152.219.18 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
NEWPORT NEWS, VIRGINIA, US. (DIAL) 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
17 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:22:35:00 Win2K-f 92.3.52.198 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. 		n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com 		445 pcap raw alerts
ruleset 		ftp
16 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
22:42:00 Win2K-f 41.210.203.12 (-):
. 		211.96.97.44:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 		445 pcap raw alerts
ruleset 		ftp
irc
22 lines 		Yeah : 1.8
profile 		none summary
tarball 		14 of 32 a2a036466a
[Firefox:116 hits: 05-05 to 05-10] 		none[4] none:none
 none|none none trace
23:15:00 WinXP 118.231.77.170 (-):
. 		n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 1.3
profile 		none summary
tarball 		27 of 32 e97b88e501
[Firefox: 2 hits: 04-25 to 05-08] 		8f8dac80bb [0] ASM:Graph
 PolyEnE| lines=93
embedded dns 		trace
23:29:00 Win2K-f 89.214.167.131 (-):
TMN - TELECOMUNICACOES MOVEIS NACIONAIS SA,
PT. 		211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
irc
22 lines 		Yeah : 1.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1025 hits: 04-27 to 05-10] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace