Multiperspective Malware Analysis Page

Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

12 May 2008
<prev> <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]

Time
Victim
OS
Infection
Source
C&C
Server
DNS Lookups &
Failed Connects Infection
Port
Packet
Trace
Detection
Signatures
Infection
Chatter
BotHunter
Analysis
Behavioral
Cluster
Forensic
Logs
Antivirus
Labels
Packed Malware_Binary Unpacked egg.exe
Unpacked egg.asm
Packer PEID
Data Strings
Syscall Trace

00:07:00 WinXP 79.138.137.9 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
KR:210.217.196.11:7000
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:00:08:00 WinXP 87.61.171.34 (IP.TELE.DK):
TDC-TELEDANMARK-BREDBAANDSADSL-NET,
DK. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 29 of 29 c05385e600
[Firefox:17 hits: 06-24 to 03-23] 6a383b021d [0] ASM:Graph
PolyEnE| lines=68 trace

00:10:00 WinXP 91.125.204.155 (BRIGHTVIEW.COM):
BRIGHTVIEW GROUP LIMITED,
UK. 210.217.196.11:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
KR:210.217.196.11:7000
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
24 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:00:22:00 Win2K-f 124.10.129.185 (TFN.NET.TW):
TAIWAN FIXED NETWORK CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
KR:210.217.196.11:7000
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

T:00:43:00 Win2K-f 91.124.192.215 (UKRTEL.NET):
UKRTELECOM,
BROVARY, KYYIVS'KA OBLAST', UA. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 31 c1f12e0109
[Firefox:12 hits: 04-28 to 05-10] none[4] none:none
none|none none trace

T:00:55:00 WinXP 88.134.117.254 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a DE:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 30 of 32 a897de9358
NEW none[4] none:none
PolyEnE| none trace

01:28:00 Win2K-f 88.204.205.186 (-):
ALMATYTELECOM,
ALMATY, ALMATY, KZ. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 20 of 31 af98fe0c94
[Firefox:54 hits: 04-27 to 05-11] 480d076a0a [0] ASM:Graph
ASProtect| lines=422
embedded dns trace

01:59:00 WinXP 89.201.141.61 (OPTIMA-TELEKOM.HR):
OT - OPTIMA TELEKOM D.O.O,
ZAGREB, GRAD ZAGREB, HR. (DSL) 207.254.206.121:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
25 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

02:10:00 WinXP 89.214.147.51 (-):
GPRS COSTUMERS,
PT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
US:207.254.206.121:7000
CN:211.96.97.44:7000
US:65.117.119.162:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

02:12:00 Win2K-f 81.180.255.107 (-):
SC-LI-NET-SRL,
RO. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
US:207.254.206.121:7000
US:65.117.119.162:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

02:32:00 WinXP 78.133.65.207 (MALTANET.NET):
MALTANET-RETAIL-DSL,
MT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

T:02:32:00 Win2K-f 151.59.76.225 (38-151.NET24.IT):
IUNET-BNET,
IT. 211.96.97.44:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
25 lines Yeah : 1.3
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

02:38:00 Win2K-f 12.72.29.161 (ATT.NET):
AT&T WORLDNET SERVICES,
ESCONDIDO, CALIFORNIA, US. (DIAL) n/a 445 pcap raw alerts
ruleset shell
3 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

02:46:00 WinXP 41.234.122.234 (TEDATA.NET):
PROVIDER LOCAL REGISTRY,
EG. n/a 445 pcap raw alerts
ruleset other
0 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:02:53:00 Win2K-f 196.28.249.225 (-):
AFRINIC,
BF. 85.114.137.60:65520 DE:proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
NL:umka.lapudrel.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
irc
http
179 lines Yeah : 1.3
profile none summary
tarball 7 of 32
17 of 32
28 of 31 1c2898aa4c
NEW
5bc584801d
NEW
7d356e0447
NEW none[3]
5bc584801d[1]
none [4] none:none
ASM:Graph
none:none
MEW|
FSG|
TXT2COM| none
lines=6
none trace
trace
trace

03:01:00 WinXP 195.43.8.79 (NIS.SCI.EG):
AHMED MAHER TEACHING HOSPITAL,
EG. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 27 of 32 eab86f961f
NEW none[4] none:none
ASProtect| none trace

03:02:00 Win2K-f 84.51.82.243 (IPAPER.COM):
BLOCK FOR PI ASSIGNMENTS,
UK. n/a CN:scorti1.dns2go.com 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 8f367186c3
[Firefox:68 hits: 12-27 to 05-10] 01a06977c4 [0] ASM:Graph
TXT2COM| lines=0 trace

T:03:02:00 Win2K-f 88.210.74.39 (REV.OPTIMUS.PT):
OPTIMUS PORTUGAL,
LISBON, LISBOA, PT. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:03:16:00 Win2K-f 124.43.223.246 (-):
INTERNET SERVICE PROVIDER IN SRI LANKA,
COLOMBO, CENTRAL, LK. (DIAL) n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 31 fc9addab43
[Firefox: 2 hits: 05-08 to 05-09] none[4] none:none
none|none none trace

T:03:21:00 WinXP 92.40.15.71 (IKBCC.COM):
EU-ZZ,
UK. 85.114.137.60:80 DE:proxim.ircgalaxy.pl
DE:85.114.137.60:80 445 pcap raw alerts
ruleset http
irc
85 lines Yeah : 1.3
profile none summary
tarball 29 of 32 9e49183472
[Firefox: 2 hits: 04-18 to 04-24] ccbd896513 [0] ASM:Graph
PolyEnE| lines=265
embedded dns trace

03:41:00 WinXP 213.242.233.198 (-):
PPTP CONNECTIONS,
EKATERINBURG, SVERDLOVSKAYA OBLAST', RU. n/a CN:scorti1.dns2go.com
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 22 of 32 dc8e1c63cd
[Firefox:82 hits: 12-27 to 05-10] e0eb8646ee [0] ASM:Graph
none|none lines=601
embedded dns trace

04:13:00 WinXP 85.141.144.179 (MTU-NET.RU):
ZAO MTU-INTEL,
MOSCOW, MOSKVA, RU. (DIAL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
US:207.254.206.121:7000
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

04:19:00 Win2K-f 78.57.192.64 (ZEBRA.LT):
LIETUVOS,
LT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
US:207.254.206.121:7000
CN:211.96.97.44:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

04:24:00 Win2K-f 88.104.145.175 (AS9105.COM):
TISCALI UK LTD,
MANCHESTER, ENGLAND, UK. (DSL) n/a 445 pcap raw alerts
ruleset shell
ftp
19 lines Yeah : 0.8
profile none summary
tarball 29 of 31 9a480af5c4
[Firefox: 2 hits: 07-25 to 11-10] none[4] none:none
ASPack| none trace

T:04:32:00 Win2K-f 72.64.30.16 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
CHARLESTON, WEST VIRGINIA, US. n/a 135 pcap raw alerts
ruleset other
112 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:04:36:00 WinXP 79.138.136.132 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 31 of 32 1e5df7ba74
[Firefox:10 hits: 03-24 to 05-07] a5331b711f [0] ASM:Graph
PolyEnE| lines=68 trace

T:04:37:00 WinXP 87.7.159.169 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
IT. 207.254.206.121:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
30 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

04:40:00 Win2K-f 79.112.225.58 (RDSNET.RO):
RDS,
BUCHAREST, BUCURESTI, RO. 222.177.11.165:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
22 lines Yeah : 1.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

04:45:00 Win2K-f 79.37.86.147 (SRC.ORG):
TELECOM ITALIA NET,
ROME, LAZIO, IT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

04:48:00 WinXP 88.160.61.162 (PROXAD.NET):
PROXAD / FREE SAS,
FR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

T:04:52:00 WinXP 119.17.99.146 (-):
. n/a DE:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80
DE:85.114.137.60:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 30 of 32 3f5ec58a6b
[Firefox:14 hits: 04-24 to 05-11] 4a77430a59 [0] ASM:Graph
PolyEnE| lines=70 trace

T:05:05:00 Win2K-f 91.66.121.244 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. 222.177.11.165:7000 DE:proxim.ircgalaxy.pl
CN:scorti1.dns2go.com
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset ftp
irc
24 lines Yeah : 1.8
profile none summary
tarball 29 of 33 c0e4027c8e
NEW none[4] none:none
ASProtect| none trace

T:05:17:00 WinXP 122.169.7.5 (122.AIRTELBROADBAND.IN):
ABTS-WEST-DSL-9376-MUM,
MUMBAI, MAHARASHTRA, IN. n/a CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 13 of 32 53123fadcc
[Firefox:39 hits: 01-26 to 05-11] none[4] none:none
none|none none trace

05:18:00 Win2K-f 122.169.7.5 (122.AIRTELBROADBAND.IN):
ABTS-WEST-DSL-9376-MUM,
MUMBAI, MAHARASHTRA, IN. n/a CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 13 of 32 53123fadcc
[Firefox:39 hits: 01-26 to 05-11] none[4] none:none
none|none none trace

05:23:00 Win2K-f 201.76.142.200 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 222.177.11.165:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

05:34:00 Win2K-f 61.231.91.92 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. (100Mbps) 222.177.11.165:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 12 of 30 76b4ab852e
[Firefox:38 hits: 04-29 to 05-11] none[4] none:none
none|none none trace

06:02:00 Win2K-f 189.5.89.12 (BRASILTELECOM.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:06:08:00 WinXP 212.46.227.142 (-):
JSC UNITED PAGING SYSTEM OF RUSSIA / TYUMEN NETWORK,
RU. (100Mbps) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

06:10:00 WinXP 122.118.165.17 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

06:11:00 Win2K-f 83.25.60.219 (TPNET.PL):
NEOSTRADA PLUS,
POZNAN, WIELKOPOLSKIE, PL. 222.177.11.165:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:06:19:00 Win2K-f 80.32.127.248 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
BARCELONA, CATALUñA, ES. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

06:19:00 WinXP 125.192.126.238 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 29 of 29 831f4ee0a7
[Firefox:583 hits: 07-11 to 05-10] eb7546c600 [0] ASM:Graph
none|none lines=61 trace

06:22:00 WinXP 90.151.18.0 (PERMONLINE.RU):
OJSC URALSVYAZINFORM,
RU. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

06:24:00 WinXP 213.55.82.237 (TELECOM.NET.ET):
ETHIOPIAN TELECOMMUNICATION CORPORATION,
ET. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
16 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

06:31:00 WinXP 88.156.94.31 (VECTRANET.PL):
NETWORK IN BIALYSTOK GDYNIA SKIERNIEWICE KOSCIERZYNA BELCHATOW,
'S-HERTOGENBOSCH, NOORD-BRABANT, NL. n/a 445 pcap raw alerts
ruleset other
0 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

06:31:00 Win2K-f 89.201.139.56 (OPTIMA-TELEKOM.HR):
OT - OPTIMA TELEKOM D.O.O,
ZAGREB, GRAD ZAGREB, HR. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

06:40:00 Win2K-f 118.100.40.111 (-):
. 222.177.11.165:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
36 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

06:45:00 WinXP 91.65.150.107 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 22 of 32 bb708c27c5
NEW none[4] none:none
none|none none trace

T:06:59:00 WinXP 213.48.235.9 (CABLEINET.CO.UK):
TELEWEST DIALUP PLATFORM,
LIVERPOOL, ENGLAND, UK. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

07:06:00 WinXP 89.218.0.46 (-):
ALMATYTELECOM,
ALMATY, ALMATY, KZ. n/a CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 20 of 31 af98fe0c94
[Firefox:54 hits: 04-27 to 05-11] 480d076a0a [0] ASM:Graph
ASProtect| lines=422
embedded dns trace

T:07:08:00 Win2K-f 41.214.135.169 (-):
. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

07:10:00 WinXP 200.149.243.188 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:07:10:00 WinXP 84.51.82.110 (IPAPER.COM):
BLOCK FOR PI ASSIGNMENTS,
UK. n/a CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 8f367186c3
[Firefox:68 hits: 12-27 to 05-10] 01a06977c4 [0] ASM:Graph
TXT2COM| lines=0 trace

T:07:22:00 Win2K-f 89.218.221.72 (ADSL.ONLINE.KZ):
KAZAKHTELECOM DATA NETWORK ADMINISTRATION,
KZ. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

07:29:00 WinXP 85.197.157.49 (BIKAB.COM):
BREDBAND I KRISTIANSTAD AB - ABK CUSTOMERS,
KRISTIANSTAD, SKANE, SE. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

07:30:00 WinXP 62.11.115.76 (DIALUP.TISCALI.IT):
TISCALI ITALIA SPA,
IT. (DIAL) n/a DE:siliconfireware.ru
:wpad
DE:212.227.111.29:80
DE:217.11.54.126:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 df17a625ee
[Firefox:440 hits: 05-04 to 05-11] none[3] none:none
ASPack| none trace

07:37:00 Win2K-f 213.48.235.9 (CABLEINET.CO.UK):
TELEWEST DIALUP PLATFORM,
LIVERPOOL, ENGLAND, UK. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

08:06:00 Win2K-f 60.50.180.4 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
PUCHONG, SELANGOR, MY. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 16 of 31 3520abf6e9
[Firefox: 2 hits: 04-27 to 05-09] none[4] none:none
none|none none trace

08:07:00 WinXP 170.51.162.175 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
3 lines Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:2964 hits: 12-31 to 05-10] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

08:21:00 Win2K-f 218.173.200.183 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 222.177.11.165:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
25 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

08:40:00 Win2K-f 130.13.64.167 (QWEST.NET):
QWEST BROADBAND SERVICES INC,
PHOENIX, ARIZONA, US. 222.51.25.90:18067 CN:bniu.househot.com 445 pcap raw alerts
ruleset other
9 lines Yeah : 1.8
profile none summary
tarball 31 of 32 9928a1e660
[Firefox:16 hits: 10-06 to 02-13] 28c8dadabf [0] ASM:Graph
none|none lines=104
embedded dns trace

08:47:00 WinXP 125.224.9.74 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 222.177.11.165:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
irc
23 lines Yeah : 1.3
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

T:08:49:00 WinXP 12.77.254.16 (ATT.NET):
AT&T WORLDNET SERVICES,
HOLLYWOOD, FLORIDA, US. (DIAL) n/a 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 1.3
profile none summary
tarball 29 of 29 1a2c0e6130
[Firefox:380 hits: 12-31 to 05-11] 048df78048 [0] ASM:Graph
none|none lines=61 trace

08:50:00 WinXP 201.252.149.156 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) 222.177.11.165:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
19 lines Yeah : 1.3
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

08:59:00 Win2K-f 117.195.17.99 (-):
. 222.177.11.165:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

09:25:00 WinXP 200.100.164.26 (TELESP.NET.BR):
COMITE GESTOR DA INTERNET NO BRASIL,
CAMPINAS, SãO PAULO, BR. (DIAL) n/a DE:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 31 of 32 71c3f3b2da
NEW none[4] none:none
PolyEnE| none trace

T:09:41:00 Win2K-f 88.85.18.69 (NET2000.CH):
BROADBAND CUSTOMER,
NEUCHATEL, NEUCHATEL, CH. 222.177.11.165:7000 CN:scorti1.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
20 lines Yeah : 1.8
profile none summary
tarball 20 of 31 af98fe0c94
[Firefox:54 hits: 04-27 to 05-11] 480d076a0a [0] ASM:Graph
ASProtect| lines=422
embedded dns trace

09:42:00 WinXP 89.169.13.136 (-):
INFOLINE ZAO,
RU. n/a CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 19 of 30 93282471f7
[Firefox:15 hits: 04-28 to 05-10] 95951dee58 [0] ASM:Graph
ASProtect| lines=0 trace

T:09:46:00 Win2K-f 124.43.129.181 (-):
INTERNET SERVICE PROVIDER IN SRI LANKA,
LK. n/a CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 31 fc9addab43
[Firefox: 2 hits: 05-08 to 05-09] none[4] none:none
none|none none trace

09:48:00 WinXP 60.53.232.182 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 26 of 31 e3ed9b37bb
NEW none[4] none:none
none|none none trace

T:10:03:00 Win2K-f 190.134.46.110 (-):
. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

T:10:09:00 Win2K-f 78.36.54.42 (ONEGO.RU):
PUBLIC JOINT STOCK COMPANY ELECTROSVYAZ,
RU. 222.177.11.165:7000 CN:scorti1.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
24 lines Yeah : 1.8
profile none summary
tarball 25 of 32 8a6a3845b5
NEW none[4] none:none
none|none none trace

10:11:00 WinXP 190.51.231.141 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

10:18:00 Win2K-f 201.254.29.247 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. 222.177.11.165:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.3
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

T:10:29:00 Win2K-f 85.186.112.160 (-):
ASTRAL HR GHEORGHIENI,
RO. 222.177.11.165:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

10:30:00 Win2K-f 78.174.9.127 (SMYTHECRAMER.COM):
TELEKOM,
TR. 222.177.11.165:7000 CN:scorti1.dns2go.com 445 pcap raw alerts
ruleset ftp
20 lines Yeah : 1.3
profile none summary
tarball 14 of 32 8f367186c3
[Firefox:68 hits: 12-27 to 05-10] 01a06977c4 [0] ASM:Graph
TXT2COM| lines=0 trace

T:10:30:00 Win2K-f 78.156.220.173 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

10:32:00 WinXP 201.250.18.96 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

T:10:35:00 WinXP 92.113.122.181 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

10:37:00 WinXP 201.69.91.13 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:1279 hits: 12-31 to 05-11] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

T:10:42:00 WinXP 92.40.73.116 (IKBCC.COM):
EU-ZZ,
UK. n/a DE:proxim.ircgalaxy.pl
DE:85.114.137.60:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 30 of 32 7a393628ea
NEW none[4] none:none
ASProtect| none trace

T:10:43:00 Win2K-f 193.126.170.150 (NET.KPNQWEST.PT):
KPNQWEST PORTUGAL / IOL ISP,
LISBON, LISBOA, PT. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

10:43:00 Win2K-f 79.202.230.241 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
DE. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 1.3
profile none summary
tarball 16 of 33 385673ebab
NEW none[4] none:none
none|none none trace

T:10:54:00 Win2K-f 125.162.96.117 (-):
TLKM_D1_BB_SPEEDY_PG,
PALEMBANG, SUMATERA SELATAN, ID. n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

11:05:00 WinXP 213.202.38.186 (QUICKNET.CH):
QUICKNET IS AN ISP IN SWITZERLAND,
BERN, BERN, CH. (DSL) 222.177.11.165:7000 CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.3
profile none summary
tarball 14 of 32 8f367186c3
[Firefox:68 hits: 12-27 to 05-10] 01a06977c4 [0] ASM:Graph
TXT2COM| lines=0 trace

11:23:00 WinXP 212.117.53.52 (CHELLO.NL):
PROVIDER LOCAL REGISTRY,
NL. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

11:25:00 WinXP 77.125.72.61 (INTER.NET.IL):
EURONET DIGITAL COMMUNICATIONS,
IL. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

11:27:00 Win2K-f 77.238.204.196 (-):
KABLOVSKA TELEVIZIJA HS D.O.O SARAJEVO,
BA. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:11:36:00 WinXP 98.140.130.18 (-):
. n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 31 of 33 bce12aa21f
NEW none[4] none:none
PolyEnE| none trace

T:11:37:00 WinXP 89.51.208.195 (PPPOOL.DE):
FREENET CITYLINE GMBH,
LUEDENSCHEID, NORDRHEIN-WESTFALEN, DE. (DIAL) n/a DE:siliconfireware.ru
:wpad
US:searchportal.information.com
US:spi.domainsponsor.com
:landdev1.lap.internal
RU:www.bbin.ru
RU:195.200.213.52:80
DE:212.227.111.29:80
DE:217.11.54.126:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
http
6 lines Yeah : 0.8
profile none summary
tarball 29 of 29 df17a625ee
[Firefox:440 hits: 05-04 to 05-11] none[3] none:none
ASPack| none trace

T:11:42:00 WinXP 194.228.203.109 (TELENET.CZ):
TCETELENET,
CZ. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

11:47:00 Win2K-f 78.150.104.36 (OPALTELECOM.NET):
OPAL TELECOMMUNICATIONS INTERNET SERVICE PROVIDER,
UK. 222.177.11.165:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.3
profile none summary
tarball 22 of 31 68bd8edcff
NEW none[4] none:none
none|none none trace

11:48:00 Win2K-f 122.52.22.14 (PLDT.NET):
IPG,
PH. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:11:52:00 Win2K-f 78.99.77.252 (TELECOM.SK):
SLOVAK TELECOM A. S,
SK. 222.177.11.165:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

11:57:00 WinXP 92.46.28.25 (IKBCC.COM):
EU-ZZ,
UK. n/a DE:proxim.ircgalaxy.pl
CN:scorti1.dns2go.com
CN:222.177.11.165:7000
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 28 of 31 136465f503
NEW 100a38af2e [0] ASM:Graph
none|none lines=411
embedded dns trace

12:00:00 WinXP 87.70.139.39 (012.NET.IL):
GOLDEN LINES INTERNATIONAL COMMUNICATION SERVICES LTD,
IL. n/a 445 pcap raw alerts
ruleset ftp
21 lines Yeah : 1
profile none summary
tarball none none none none none none none

T:12:11:00 WinXP 85.26.57.76 (217-117-34-10.TELEDISNET.BE):
TELEDISNET ISP,
BE. 222.177.11.165:7000 DE:proxim.ircgalaxy.pl
CN:hail.dns2go.com
DE:85.114.137.60:80 445 pcap raw alerts
ruleset ftp
irc
24 lines Yeah : 1.8
profile none summary
tarball 26 of 32 c467e7bae1
NEW none[4] none:none
none|none none trace

12:15:00 Win2K-f 79.72.131.222 (AS9105.COM):
TELINCO,
UK. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 12 of 30 76b4ab852e
[Firefox:38 hits: 04-29 to 05-11] none[4] none:none
none|none none trace

12:20:00 WinXP 190.134.1.139 (-):
. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
16 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

12:23:00 Win2K-f 83.187.201.222 (CUST.TELE2.IT):
TELE2 ITALY S.A,
NAPOLI, CAMPANIA, IT. (DSL) 222.177.11.165:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
irc
21 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

12:28:00 Win2K-f 190.49.98.251 (COM.AR):
TELEFONICA DE ARGENTINA,
MIRAMAR, BUENOS AIRES, AR. (DSL) 222.177.11.165:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

12:39:00 WinXP 78.145.229.132 (-):
OPAL TELECOM DSL,
UK. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:12:39:00 Win2K-f 212.44.74.245 (GAZINTER.NET):
OOO GAZINTERNET,
KALININGRAD, KALININGRADSKAYA OBLAST', RU. 222.177.11.165:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
23 lines Yeah : 1.8
profile none summary
tarball 18 of 32 372a1e58f3
NEW none[4] none:none
none|none none trace

12:40:00 Win2K-f 91.145.235.203 (-):
LIMITED LIABILITY COMPANY ASTELIT,
AMSTERDAM, NOORD-HOLLAND, NL. n/a 445 pcap raw alerts
ruleset ftp
16 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:12:41:00 WinXP 190.128.48.240 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. 222.177.11.165:7000 DE:proxim.ircgalaxy.pl
CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000
DE:85.114.137.60:80 445 pcap raw alerts
ruleset ftp
20 lines Yeah : 1.3
profile none summary
tarball 27 of 32 59754a184b
NEW none[4] none:none
none|none none trace

T:12:49:00 WinXP 88.215.71.163 (CABLESURF.DE):
KABELFERNSEHEN MUENCHEN SERVICENTER GMBH & CO.KG,
MUNICH, BAYERN, DE. (DSL) n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:1279 hits: 12-31 to 05-11] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

12:51:00 WinXP 88.14.35.205 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
ES. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

12:53:00 Win2K-f 91.87.210.5 (SMTP.WIMI.BE):
MOBISTAR,
BE. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 20 of 31 e47d5fbf7e
[Firefox: 2 hits: 05-03 to 05-09] none[4] none:none
none|none none trace

T:12:57:00 Win2K-f 190.51.231.141 (COM.AR):
TELEFONICA DE ARGENTINA,
AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

12:58:00 Win2K-f 82.247.165.147 (PROXAD.NET):
PROXAD / FREE SAS,
CHAMBERY, RHONE-ALPES, FR. 222.177.11.165:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
irc
24 lines Yeah : 1.3
profile none summary
tarball 28 of 32 e028f5958b
NEW none[4] none:none
none|none none trace

12:59:00 Win2K-f 91.33.201.7 (T-DIALIN.NET):
DEUTSCHE TELEKOM AG,
DE. (DIAL) n/a CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 f515fcc0f7
[Firefox:11 hits: 12-28 to 05-10] dc7696e295 [0] ASM:Graph
ASProtect| lines=422
embedded dns trace

13:05:00 WinXP 91.65.78.112 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 f515fcc0f7
[Firefox:11 hits: 12-28 to 05-10] dc7696e295 [0] ASM:Graph
ASProtect| lines=422
embedded dns trace

13:07:00 WinXP 83.8.237.203 (TPNET.PL):
NEOSTRADA PLUS,
PL. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

13:09:00 Win2K-f 83.35.81.136 (RIMA-TDE.NET):
TELEFONICA DE ESPANA SAU,
MALAGA, ANDALUCIA, ES. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

T:13:13:00 Win2K-f 77.54.9.221 (REV.VODAFONE.PT):
GPRS POOLS,
PT. n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 23 of 28 46dbeecaf1
NEW none[4] none:none
none|none none trace

T:13:19:00 Win2K-f 190.49.147.193 (COM.AR):
TELEFONICA DE ARGENTINA,
MIRAMAR, BUENOS AIRES, AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:13:19:00 WinXP 91.65.51.60 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball 28 of 32 058266b5f3
NEW none[4] none:none
ASProtect| none trace

T:13:35:00 Win2K-f 201.252.157.112 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

T:13:52:00 WinXP 98.140.130.47 (-):
. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 31 of 33 bce12aa21f
NEW none[4] none:none
PolyEnE| none trace

13:57:00 WinXP 87.20.104.241 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
CATANIA, SICILIA, IT. n/a 445 pcap raw alerts
ruleset other
0 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

13:58:00 Win2K-f 190.26.43.199 (-):
. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
16 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

14:01:00 Win2K-f 155.239.195.129 (TELKOM-IPNET.CO.ZA):
AFRINIC,
PRETORIA, GAUTENG, ZA. n/a CN:hail.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
16 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

14:02:00 WinXP 170.51.153.134 (COM.AR):
CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A,
AR. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:2964 hits: 12-31 to 05-10] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:14:08:00 WinXP 86.70.69.147 (GAOLAND.NET):
DYNAMIC POOLS,
FR. 222.177.11.165:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.3
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:14:18:00 WinXP 41.214.136.222 (-):
. n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:1279 hits: 12-31 to 05-11] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

T:14:19:00 Win2K-f 85.242.246.66 (DSL.TELEPAC.PT):
PT.COM - COMUNICACOES INTERACTIVAS S.A,
AVEIRO, AVEIRO, PT. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

14:19:00 WinXP 41.214.151.132 (-):
. 222.177.11.165:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
irc
25 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

14:27:00 Win2K-f 82.154.195.240 (DSL.TELEPAC.PT):
TELEPAC - COMUNICACOES INTERACTIVAS SA,
FARO, FARO, PT. (DSL) 222.177.11.165:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

14:34:00 WinXP 91.150.78.51 (ITSISP.NET):
ITSYSTEM NIS,
CS. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

14:40:00 WinXP 4.152.120.116 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
RICHMOND, VIRGINIA, US. (DIAL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 29 of 29 9543d041a7
[Firefox: 5 hits: 05-16 to 02-18] 49e3eed5c5 [0] ASM:Graph
PolyEnE| lines=77
embedded dns trace

T:14:41:00 WinXP 4.152.120.116 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
RICHMOND, VIRGINIA, US. (DIAL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 29 of 29 9543d041a7
[Firefox: 5 hits: 05-16 to 02-18] 49e3eed5c5 [0] ASM:Graph
PolyEnE| lines=77
embedded dns trace

T:14:46:00 WinXP 83.131.228.225 (T-COM.HR):
T-COM CROATIA INTERNET NETWORK,
ZAGREB, GRAD ZAGREB, HR. (DSL) 222.177.11.165:7000 DE:proxima.ircgalaxy.pl
CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000
DE:85.114.137.60:65520 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.3
profile none summary
tarball 30 of 33 0e05ea6b73
NEW none[4] none:none
none|none none trace

15:06:00 WinXP 41.210.216.241 (-):
. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 31 of 32 1e5df7ba74
[Firefox:10 hits: 03-24 to 05-07] a5331b711f [0] ASM:Graph
PolyEnE| lines=68 trace

T:15:08:00 WinXP 83.187.222.9 (CUST.TELE2.IT):
TELE2 ITALY S.A,
IT. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 29 of 29 1fcc146d70
[Firefox:233 hits: 05-02 to 05-07] 258fafe892 [0] ASM:Graph
PolyEnE| lines=68 trace

T:15:08:00 WinXP 41.210.216.241 (-):
. n/a 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

15:23:00 Win2K-f 93.81.16.182 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 222.177.11.165:7000 CN:scorti1.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
16 lines Yeah : 1.3
profile none summary
tarball 22 of 32 dc8e1c63cd
[Firefox:82 hits: 12-27 to 05-10] e0eb8646ee [0] ASM:Graph
none|none lines=601
embedded dns trace

T:15:38:00 WinXP 98.141.179.22 (-):
. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:2964 hits: 12-31 to 05-10] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

15:43:00 Win2K-f 200.83.139.84 (VTR.NET):
VTR BANDA ANCHA S.A,
SANTIAGO, REGION METROPOLITANA, CL. 222.177.11.165:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
27 lines Yeah : 1.8
profile none summary
tarball 10 of 32 639a247ece
[Firefox:28 hits: 04-28 to 05-11] 29d53eec72 [0] ASM:Graph
StarForce| lines=132 trace

15:47:00 WinXP 119.17.105.151 (-):
. n/a DE:proxim.ircgalaxy.pl
UA:citi-bank.ru
DE:85.114.137.60:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 30 of 32 3f5ec58a6b
[Firefox:14 hits: 04-24 to 05-11] 4a77430a59 [0] ASM:Graph
PolyEnE| lines=70 trace

16:01:00 Win2K-f 201.253.207.236 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
16 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

16:05:00 Win2K-f 201.221.31.79 (DEDICADO.COM.UY):
TECNOWIND S.A,
BUENOS AIRES, BUENOS AIRES, AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
16 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

16:28:00 WinXP 190.128.48.240 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
MANIZALES, CALDAS, CO. 222.177.11.165:7000 DE:proxim.ircgalaxy.pl
CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000
DE:85.114.137.60:80 445 pcap raw alerts
ruleset ftp
irc
23 lines Yeah : 1.8
profile none summary
tarball 27 of 32 59754a184b
NEW none[4] none:none
none|none none trace

16:33:00 WinXP 117.6.124.141 (ADSL.VIETTEL.VN):
VIETEL CORPORATION,
HANOI, HA NOI, VN. 222.177.11.165:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.3
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

T:16:55:00 WinXP 190.132.152.67 (ANTELDATA.NET.UY):
ADMINISTRACION NACIONAL DE TELECOMUNICACIONES,
MONTEVIDEO, MONTEVIDEO, UY. 222.177.11.165:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
irc
22 lines Yeah : 1.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

17:15:00 WinXP 201.32.232.154 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a EU:siliconfireware.ru
US:searchportal.information.com
US:spi.domainsponsor.com
:landdev1.lap.internal 445 pcap raw alerts
ruleset http
http
6 lines Yeah : 0.8
profile none summary
tarball 29 of 29 df17a625ee
[Firefox:440 hits: 05-04 to 05-11] none[3] none:none
ASPack| none trace

18:06:00 Win2K-f 190.135.156.153 (-):
. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 29 of 32 d88ce21f56
NEW none[4] none:none
none|none none trace

T:18:30:00 Win2K-f 91.140.93.56 (TELLAS.GR):
TELLAS TELECOMMUNICATION SERVICES S.A,
GR. 222.177.11.165:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
23 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

18:34:00 Win2K-f 206.248.211.172 (NTELOS.NET):
NTELOS - WAYNESBORO ADSL DHCP RANGE,
WAYNESBORO, VIRGINIA, US. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:18:55:00 Win2K-f 121.73.104.2 (TELSTRACLEAR.NET):
TELECOMMUNICATIONS COMPANY,
NZ. n/a 135 pcap raw alerts
ruleset other
111 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

18:59:00 WinXP 92.113.205.13 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 222.177.11.165:7000 CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
irc
23 lines Yeah : 1.8
profile none summary
tarball 20 of 32 fd0bf48a75
[Firefox: 8 hits: 04-28 to 05-08] none[3] none:none
ASProtect| none trace

19:02:00 WinXP 122.19.140.29 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 29 of 29 831f4ee0a7
[Firefox:583 hits: 07-11 to 05-10] eb7546c600 [0] ASM:Graph
none|none lines=61 trace

19:20:00 Win2K-f 125.162.96.15 (-):
TLKM_D1_BB_SPEEDY_PG,
PALEMBANG, SUMATERA SELATAN, ID. n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

19:58:00 Win2K-f 116.206.61.10 (-):
MOBIF WIRELESS BROADBAND SDN. BHD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

T:20:05:00 WinXP 125.24.112.154 (TOTBB.NET):
TOT ADSL IP ADDRESS POOL,
BANGKOK, KRUNG THEP MAHANAKHON, TH. (DSL) 222.177.11.165:7000 CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
irc
21 lines Yeah : 1.5
profile none summary
tarball 21 of 31 362b6c6470
[Firefox: 2 hits: 05-07 to 05-09] none[4] none:none
none|none none trace

T:20:09:00 Win2K-f 190.128.127.31 (-):
EMPRESA DE TELECOMUNICACIONES DE PEREIRA S.A. E.S.P,
CO. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

20:52:00 Win2K-f 85.185.165.236 (-):
GITINAMA YAZD ISP COMPANY,
IR. 222.177.11.165:7000 CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
20 lines Yeah : 1.3
profile none summary
tarball 13 of 32 53123fadcc
[Firefox:39 hits: 01-26 to 05-11] none[4] none:none
none|none none trace

21:59:00 Win2K-f 84.13.170.88 (84.IN-ADDR.ARPA):
OPAL TELECOM DSL NETWORK,
LONDON, ENGLAND, UK. (DSL) n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

22:16:00 WinXP 220.131.192.151 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 d0dffaf5fd
NEW none[4] none:none
none|none none trace

22:24:00 Win2K-f 212.154.181.141 (-):
CJC NATIONAL INFORMATION TECHNOLOGIES,
KZ. (100Mbps) n/a CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball 21 of 32 222ca6fbc7
NEW none[4] none:none
ASProtect| none trace

T:22:30:00 Win2K-f 61.225.124.157 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TW. 222.177.11.165:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
irc
24 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

22:37:00 Win2K-f 200.191.154.96 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

22:43:00 Win2K-f 116.206.39.91 (-):
MOBIF WIRELESS BROADBAND SDN. BHD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. n/a CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 13 of 32 53123fadcc
[Firefox:39 hits: 01-26 to 05-11] none[4] none:none
none|none none trace

T:22:55:00 WinXP 213.22.160.30 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
LISBON, LISBOA, PT. 222.177.11.165:7000 CN:hail.dns2go.com 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:23:02:00 Win2K-f 88.102.168.236 (IOL.CZ):
XDSL NETWORK-ADSL,
PRAGUE, HLAVNI MESTO PRAHA, CZ. 84.244.11.226:2345 US:wow.blackirc.us
SE:tap.radioprishtina.net 445 pcap raw alerts
ruleset http
irc
16 lines Yeah : 1.3
profile none summary
tarball 4 of 32 c98241e6b1
NEW c98241e6b1 [1] ASM:Graph
StarForce| lines=91 trace

23:02:00 WinXP 190.136.121.216 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

T:23:10:00 WinXP 60.54.119.76 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. 222.177.11.165:7000 CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
irc
23 lines Yeah : 1.8
profile none summary
tarball 14 of 32 a2a036466a
[Firefox:126 hits: 05-05 to 05-11] none[4] none:none
none|none none trace

23:23:00 Win2K-f 219.95.23.20 (TM.NET.MY):
ADSL-STREAMYX-TMNET,
PUCHONG, SELANGOR, MY. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1057 hits: 04-27 to 05-11] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:23:36:00 Win2K-f 195.43.8.215 (NIS.SCI.EG):
AHMED MAHER TEACHING HOSPITAL,
EG. n/a CN:scorti1.dns2go.com
CN:222.177.11.165:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 27 of 32 eab86f961f
NEW none[4] none:none
ASProtect| none trace

23:36:00 Win2K-f 41.210.204.55 (-):
. n/a CN:hail.dns2go.com
CN:scorti1.dns2go.com 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 27 of 32 38965f526d
[Firefox: 2 hits: 04-27 to 05-05] none[4] none:none
none|none none trace