|
Time |
Victim OS |
Infection Source |
C&C Server |
DNS Lookups & Failed Connects |
Infection Port |
Packet Trace |
Detection Signatures |
Infection Chatter |
BotHunter Analysis |
Behavioral Cluster |
Forensic Logs |
Antivirus Labels |
Packed Malware_Binary |
Unpacked egg.exe |
Unpacked egg.asm |
Packer PEID |
Data Strings |
Syscall Trace |
| 00:21:00 | WinXP | 212.175.53.94 (-): TT-ADANA IL MUDURLUGU, ADANA, ADANA, TR. |
n/a | 445 | pcap | raw alerts ruleset |
other 0 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 00:22:00 | Win2K-f | 88.182.17.10 (PROXAD.NET): PROXAD / FREE SAS, FR. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
27 of 32 | a680f4cf43 NEW |
none[none] | none:none |
none|none | none | none | |
| 00:25:00 | WinXP | 85.102.45.106 (TTNET.NET.TR): TURK TELEKOM ADSL-DYNAMIC, ISTANBUL, ISTANBUL, TR. (DSL) |
n/a | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:2967 hits: 12-31 to 05-12] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:00:30:00 | Win2K-f | 62.47.27.190 (TELEKOM.AT): HIGHWAY CUSTOMERS, VIENNA, WIEN, AT. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 00:30:00 | Win2K-f | 91.164.221.136 (PPP.TISCALI.FR): NONE, FR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 1 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| T:00:31:00 | WinXP | 87.187.117.205 (T-DIALIN.NET): DEUTSCHE TELEKOM AG, DE. (DIAL) |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 14 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | 1a2c0e6130 [Firefox:381 hits: 12-31 to 05-12] |
048df78048 [0] | ASM:Graph |
none|none | lines=61 | trace | |
| T:00:31:00 | WinXP | 213.197.10.57 (CONCEPTS.NL): WESTBRABANT NET, AMSTERDAM, NOORD-HOLLAND, NL. (DSL) |
222.177.11.165:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| T:00:37:00 | WinXP | 71.172.142.244 (VERIZON.NET): VERIZON INTERNET SERVICES INC, PATERSON, NEW JERSEY, US. |
n/a | 445 | pcap | raw alerts ruleset |
shell 3 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 00:39:00 | WinXP | 81.182.137.131 (T-ONLINE.HU): T-ONLINE ADSL CLIENTS (DYNAMIC ADDRESS POOL), BUDAPEST, BUDAPEST, HU. (DSL) |
n/a | CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | 8f367186c3 [Firefox:72 hits: 12-27 to 05-12] |
01a06977c4 [0] | ASM:Graph |
TXT2COM| | lines=0 | trace |
| T:00:44:00 | Win2K-f | 195.206.60.143 (DSI.RU): IRKUTSK BUSINESS COMMUNICATION NETWORK, IRKUTSK, IRKUTSKAYA OBLAST', RU. (DIAL) |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 00:57:00 | Win2K-f | 89.124.89.205 (IRISHBROADBAND.IE): ESB CLAREGALWAY CUSTOMER EXPANSION, IE. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 01:46:00 | Win2K-f | 92.46.144.170 (IKBCC.COM): EU-ZZ, UK. |
222.177.11.165:7000 | CN:scorti1.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 20 lines |
Yeah : 1.3 profile |
none | summary tarball |
20 of 31 | af98fe0c94 [Firefox:57 hits: 04-27 to 05-12] |
480d076a0a [0] | ASM:Graph |
ASProtect| | lines=422 embedded dns |
trace |
| T:01:51:00 | Win2K-f | 218.111.196.208 (TM.NET.MY): TELEKOM MALAYSIA BERHAD, KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. |
222.177.11.165:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| T:02:06:00 | Win2K-f | 86.38.38.59 (ERDVES.LT): SC LITHUANIAN RADIO AND TV CENTER, LT. |
n/a | US:qtas.net SE:dzuc.net SE:84.244.19.254:2345 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
7 of 32 | e874ba9dd0 NEW |
none[none] | none:none |
none|none | none | none |
| 02:12:00 | WinXP | 92.12.52.163 (-): CARPHONE WAREHOUSE BROADBAND SERVICES, UK. |
n/a | DE:proxim.ircgalaxy.pl CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 DE:85.114.137.60:80 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
27 of 32 | 8b90a67616 NEW |
none[4] | none:none |
none|none | none | trace |
| 02:32:00 | WinXP | 92.40.199.192 (IKBCC.COM): EU-ZZ, UK. |
n/a | DE:proxim.ircgalaxy.pl DE:85.114.137.60:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
29 of 32 | 1ab4d3d7b6 [Firefox: 7 hits: 04-10 to 05-08] |
cc366b3f6c [0] | ASM:Graph |
none|none | lines=287 embedded dns |
trace |
| T:02:45:00 | Win2K-f | 91.63.107.197 (T-IPCONNECT.DE): DEUTSCHE TELEKOM AG, DE. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 15 lines |
Yeah : 0.8 profile |
none | summary tarball |
27 of 32 | a4f3cb6d36 NEW |
none[0] | none:none |
none|none | none | none |
| T:02:45:00 | WinXP | 170.51.181.195 (COM.AR): CTI COMPANIA DE TELEFONAS DEL INTERIOR S.A, AR. |
n/a | DE:proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 DE:85.114.137.60:65520 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
30 of 32 | 6fe66ff280 NEW |
none[4] | none:none |
PolyEnE| | none | trace |
| T:02:56:00 | WinXP | 77.126.59.150 (INTER.NET.IL): EURONET DIGITAL COMMUNICATIONS, IL. |
222.177.11.165:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 21 lines |
Yeah : 1.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 03:22:00 | Win2K-f | 60.50.77.224 (TM.NET.MY): TELEKOM MALAYSIA BERHAD, KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
16 of 31 | 3520abf6e9 [Firefox: 3 hits: 04-27 to 05-12] |
none[4] | none:none |
none|none | none | trace |
| 03:40:00 | Win2K-f | 89.169.8.113 (-): INFOLINE ZAO, RU. |
n/a | CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
11 of 32 | e5d062be59 [Firefox: 3 hits: 12-28 to 05-08] |
none[4] | none:none |
ASPack| | none | trace |
| T:03:41:00 | WinXP | 82.207.19.147 (UKRTEL.NET): UKRTELECOM IP ACCESS NETWORK IN KIEV, UA. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:03:46:00 | Win2K-f | 89.146.150.151 (NET.BA): BRAS PPPOE POOL UPGRADE, SARAJEVO, FEDERATION OF BOSNIA AND HERZEGOVINA, BA. |
222.177.11.165:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 21 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 03:59:00 | Win2K-f | 90.132.54.226 (CUST.TELE2.IT): TELE2 ITALY S.A, IT. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 04:08:00 | WinXP | 41.202.74.202 (-): . |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 16 lines |
Yeah : 0.8 profile |
none | summary tarball |
26 of 32 | b490cdeea2 NEW |
none[none] | none:none |
none|none | none | none |
| T:04:08:00 | Win2K-f | 92.112.154.124 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 04:16:00 | Win2K-f | 82.242.113.8 (PROXAD.NET): PROXAD / FREE SAS, NICE, PROVENCE-ALPES-COTE D'AZUR, FR. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
28 of 33 | 43b52daf45 NEW |
none[4] | none:none |
none|none | none | trace | |
| T:04:26:00 | WinXP | 202.177.127.63 (NS.ICTV.JP): IRUMA CABLE TV, JP. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:2967 hits: 12-31 to 05-12] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 04:45:00 | WinXP | 90.189.252.252 (SNT.RU): OJSC SIBIRTELECOM, RU. |
n/a | CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
16 of 32 | f217f876d4 NEW |
none[none] | none:none |
none|none | none | none |
| T:04:49:00 | Win2K-f | 77.238.200.50 (-): KABLOVSKA TELEVIZIJA HS D.O.O SARAJEVO, BA. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| T:04:49:00 | Win2K-f | 89.20.117.29 (PERMONLINE.RU): PFES.FOR ADSL USERS, RU. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 05:00:00 | WinXP | 221.170.235.56 (MESH.AD.JP): BIGLOBE-CIDR-BLK, JP. |
n/a | US:mx1.hotmail.com US:ftp.newaol.com US:yutunrz.1dumb.com US:maila.microsoft.com US:mailin-02.mx.aol.com US:mcduii.3-a.net :jdjsloy.dynserv.com **:wyqggvow.afraid.org :nttstziinpa.hn.org US:fcnhysydw.yi.org US:dlivmg.1dumb.com SE:ftp.icq.com |
445 | pcap | raw alerts ruleset |
ftp http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
30 of 32 | 5ddb8a81f2 NEW |
none[4] | none:none |
none|none | none | trace |
| 05:15:00 | WinXP | 81.47.155.205 (RIMA-TDE.NET): TELEFONICA DE ESPANA, ES. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| T:05:18:00 | Win2K-f | 220.131.195.10 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | d0dffaf5fd NEW |
none[4] | none:none |
none|none | none | trace |
| 05:19:00 | WinXP | 189.36.186.214 (BRASILTELECOM.NET.BR): COMITE GESTOR DA INTERNET NO BRASIL, BR. |
222.177.11.165:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 20 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| T:05:27:00 | WinXP | 93.80.30.202 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| T:05:32:00 | WinXP | 202.221.175.169 (BMOBILE.NE.JP): JAPAN COMMUNICATION INC, TOKYO, TOKYO, JP. |
n/a | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 3 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | 3ae357d17b [Firefox:703 hits: 05-01 to 05-11] |
462a7be171 [0] | ASM:Graph |
PolyEnE| | lines=73 | trace |
| 05:38:00 | Win2K-f | 92.113.217.33 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
222.177.11.165:7000 | CN:scorti1.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp 20 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 31 | c1f12e0109 [Firefox:13 hits: 04-28 to 05-12] |
none[4] | none:none |
none|none | none | trace |
| 05:43:00 | WinXP | 58.95.178.130 (PLALA.OR.JP): PLALA NETWORKS INC, JP. |
222.177.11.165:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 23 lines |
Yeah : 1.3 profile |
none | summary tarball |
18 of 32 | 9392e91e23 NEW |
none[4] | none:none |
none|none | none | trace |
| T:06:01:00 | WinXP | 78.61.157.11 (ZEBRA.LT): LIETUVOS-TELEKOMAS, LT. |
222.177.11.165:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 23 lines |
Yeah : 1.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 06:10:00 | Win2K-f | 201.19.75.10 (STERLINGSTUDENTS.NET): COMITE GESTOR DA INTERNET NO BRASIL, BR. (DSL) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:150 hits: 05-05 to 05-12] |
none[4] | none:none |
none|none | none | trace |
| T:06:13:00 | WinXP | 60.51.24.18 (TM.NET.MY): TELEKOM MALAYSIA BERHAD, KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. |
n/a | DE:proxim.ircgalaxy.pl CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 DE:85.114.137.60:65520 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
27 of 32 | 170e8d6dd2 NEW |
none[4] | none:none |
none|none | none | trace |
| T:06:31:00 | WinXP | 79.36.152.49 (SRC.ORG): TELECOM ITALIA NET, ROME, LAZIO, IT. |
222.177.11.165:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 06:35:00 | WinXP | 88.230.20.199 (TTNET.NET.TR): TT ADSL-ALCATEL DYNAMIC_ULUS, TR. |
n/a | DE:siliconfireware.ru US:searchportal.information.com GB:new.egg.com :wpad GB:welcome3.smile.co.uk GB:195.92.84.198:80 US:208.73.212.12:80 DE:217.11.54.126:80 EU:78.47.200.154:80 |
445 | pcap | raw alerts ruleset |
http http http http 26 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | a12cab51ef [Firefox:1012 hits: 05-01 to 05-10] |
40f7f463c4 [0] | ASM:Graph |
ASPack| | lines=281 embedded dns |
trace |
| 06:45:00 | WinXP | 88.20.155.54 (RIMA-TDE.NET): TELEFONICA DE ESPANA, ES. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:150 hits: 05-05 to 05-12] |
none[4] | none:none |
none|none | none | trace |
| 06:46:00 | Win2K-f | 190.188.102.157 (NET.AR): PRIMA S.A, AR. |
222.177.11.165:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 19 lines |
Yeah : 1.3 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:150 hits: 05-05 to 05-12] |
none[4] | none:none |
none|none | none | trace |
| T:06:55:00 | Win2K-f | 85.239.127.63 (EASTLINK.DE): HL KOMM TELEKOMMUNIKATIONS GMBH, DE. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
28 of 32 | e534cb4332 NEW |
none[none] | none:none |
none|none | none | none | |
| 06:55:00 | WinXP | 219.95.28.166 (TM.NET.MY): ADSL-STREAMYX-TMNET, KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 07:25:00 | Win2K-f | 61.224.232.211 (HINET.NET): DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD, TAIPEI, T'AI-PEI, TW. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 12 lines |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 07:37:00 | Win2K-f | 207.203.97.122 (BELLSOUTH.NET): BELLSOUTH.NET INC, DECATUR, MISSISSIPPI, US. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 07:46:00 | WinXP | 200.214.99.171 (STERLINGSTUDENTS.NET): COMITE GESTOR DA INTERNET NO BRASIL, BR. (DSL) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 15 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| T:07:46:00 | Win2K-f | 87.103.217.82 (KUZBASS.NET): ALLOCATION FOR KEMEROVO REGIONAL BRANCH OF THE JSC SIBIRTELECOM, BARNAUL, ALTAYSKIY KRAY, RU. (DIAL) |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 07:55:00 | Win2K-f | 190.225.194.182 (-): . |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:150 hits: 05-05 to 05-12] |
none[4] | none:none |
none|none | none | trace |
| T:07:59:00 | WinXP | 63.24.93.135 (UU.NET): UUNET TECHNOLOGIES INC, US. |
n/a | 135 | pcap | raw alerts ruleset |
other 108 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 08:15:00 | WinXP | 82.174.14.178 (DSL.VERSATELADSL.BE): VERSATEL ADSL (DHCP SCOOP ANTWERPEN) BELGIUM, LANDEN, BRABANT WALLON, BE. (DSL) |
222.177.11.165:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 20 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| T:08:18:00 | WinXP | 92.48.42.208 (IKBCC.COM): EU-ZZ, UK. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 14 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | 1a2c0e6130 [Firefox:381 hits: 12-31 to 05-12] |
048df78048 [0] | ASM:Graph |
none|none | lines=61 | trace | |
| T:08:21:00 | Win2K-f | 70.63.205.94 (RR.COM): ROAD RUNNER HOLDCO LLC, HERNDON, VIRGINIA, US. |
n/a | DE:proxim.ircgalaxy.pl CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 DE:85.114.137.60:80 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
28 of 32 | ef365a6a95 NEW |
none[none] | none:none |
none|none | none | none |
| T:08:31:00 | WinXP | 69.24.198.3 (-): TLD OF PUERTO RICO, SAN JUAN, PUERTO RICO, PR. |
n/a | CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 16 lines |
Yeah : 0.8 profile |
none | summary tarball |
24 of 32 | 2f731e8b37 NEW |
none[4] | none:none |
none|none | none | trace |
| 08:31:00 | WinXP | 84.119.34.102 (SWIPNET.SE): PROVIDER LOCAL REGISTRY, SE. |
222.177.11.165:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 25 lines |
Yeah : 1.8 profile |
none | summary tarball |
12 of 30 | 76b4ab852e [Firefox:40 hits: 04-29 to 05-12] |
none[4] | none:none |
none|none | none | trace |
| 08:37:00 | Win2K-f | 88.170.191.22 (PROXAD.NET): PROXAD / FREE SAS, FR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 08:39:00 | WinXP | 85.39.89.34 (BUSINESS.TELECOMITALIA.IT): INTERBUSINESS, ROME, LAZIO, IT. (100Mbps) |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 08:58:00 | Win2K-f | 79.138.240.72 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
222.177.11.165:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 24 lines |
Yeah : 1.8 profile |
none | summary tarball |
27 of 32 | 86f6262552 NEW |
none[4] | none:none |
none|none | none | trace |
| T:09:00:00 | WinXP | 82.248.73.239 (PROXAD.NET): PROXAD / FREE SAS, GENEVA, GENEVA, CH. (DSL) |
222.177.11.165:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 25 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| T:09:16:00 | WinXP | 125.101.83.144 (UCOM.NE.JP): G-KG0008N, JP. (100Mbps) |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 15 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 32 | 161e73cdfc NEW |
none[4] | none:none |
none|none | none | trace | |
| T:09:17:00 | Win2K-f | 90.133.9.3 (SWIP.NET): SWIPNET, SE. |
222.177.11.165:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| T:09:31:00 | WinXP | 78.96.143.83 (ASTRAL.RO): ASTRAL TELECOM SA, RO. |
222.177.11.165:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 20 lines |
Yeah : 1.3 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:150 hits: 05-05 to 05-12] |
none[4] | none:none |
none|none | none | trace |
| 09:37:00 | Win2K-f | 90.133.105.126 (SWIP.NET): SWIPNET, SE. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 09:44:00 | Win2K-f | 92.5.124.131 (-): CARPHONE WAREHOUSE BROADBAND SERVICES, UK. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 09:53:00 | WinXP | 87.12.154.52 (RETAIL.TELECOMITALIA.IT): TELECOM ITALIA S.P.A. TIN EASY LITE, PALERMO, SICILIA, IT. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:150 hits: 05-05 to 05-12] |
none[4] | none:none |
none|none | none | trace |
| 09:57:00 | WinXP | 124.87.217.202 (OCN.NE.JP): NTT COMMUNICATIONS CORPORATION, TOKYO, TOKYO, JP. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 13 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | 831f4ee0a7 [Firefox:585 hits: 07-11 to 05-12] |
eb7546c600 [0] | ASM:Graph |
none|none | lines=61 | trace | |
| T:10:01:00 | Win2K-f | 211.58.73.7 (KRLINE.NET): KRNIC, KR. |
n/a | 135 | pcap | raw alerts ruleset |
other 70 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 10:03:00 | Win2K-f | 190.51.83.150 (COM.AR): TELEFONICA DE ARGENTINA, BUENOS AIRES, BUENOS AIRES, AR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 10:08:00 | Win2K-f | 194.187.122.185 (-): SC PACRIS SRL, CONSTANTA, CONSTANTA, RO. |
n/a | CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | 8f367186c3 [Firefox:72 hits: 12-27 to 05-12] |
01a06977c4 [0] | ASM:Graph |
TXT2COM| | lines=0 | trace |
| 10:36:00 | WinXP | 99.138.65.177 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 15 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | 1a2c0e6130 [Firefox:381 hits: 12-31 to 05-12] |
048df78048 [0] | ASM:Graph |
none|none | lines=61 | trace | |
| 10:40:00 | Win2K-f | 200.100.226.213 (TELESP.NET.BR): COMITE GESTOR DA INTERNET NO BRASIL, BR. (DIAL) |
n/a | CN:hail.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 10:49:00 | Win2K-f | 77.209.118.218 (AIRTEL.NET): VODAFONE ESPANA S.A, ES. |
n/a | CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
12 of 32 | d94d21fc29 [Firefox: 4 hits: 12-28 to 05-06] |
9deff996b5 [0] | ASM:Graph |
ASProtect| | lines=423 embedded dns |
trace |
| 10:53:00 | WinXP | 193.250.132.142 (ABO.WANADOO.FR): IP2000-ADSL-BAS, FR. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 13 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | 1a2c0e6130 [Firefox:381 hits: 12-31 to 05-12] |
048df78048 [0] | ASM:Graph |
none|none | lines=61 | trace | |
| 10:54:00 | WinXP | 85.186.112.160 (-): ASTRAL HR GHEORGHIENI, RO. |
222.177.11.165:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp 20 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 10:57:00 | Win2K-f | 87.64.244.137 (ISP.BELGACOM.BE): BELGACOM-ADSL, BRUSSELS, BRUSSELS, BE. (DSL) |
n/a | 445 | pcap | raw alerts ruleset |
ftp 16 lines |
Yeah : 0.8 profile |
none | summary tarball |
31 of 32 | b657a04386 NEW |
none[none] | none:none |
eXPressor| | none | none | |
| 11:13:00 | WinXP | 88.134.140.57 (SUPERKABEL.DE): KABEL-DEUTSCHLAND-CUSTOMER-SERVICES, DE. (DSL) |
222.177.11.165:7000 | CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 23 lines |
Yeah : 1.3 profile |
none | summary tarball |
28 of 32 | 3b628e4beb NEW |
3b628e4beb [1] | ASM:Graph |
Stranik| | lines=6 | trace |
| T:11:14:00 | Win2K-f | 87.12.134.54 (RETAIL.TELECOMITALIA.IT): TELECOM ITALIA S.P.A. TIN EASY LITE, PALERMO, SICILIA, IT. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:150 hits: 05-05 to 05-12] |
none[4] | none:none |
none|none | none | trace |
| T:11:25:00 | WinXP | 87.15.114.42 (RETAIL.TELECOMITALIA.IT): TELECOM ITALIA S.P.A. TIN EASY LITE, CANTU, LOMBARDIA, IT. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 15 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 11:32:00 | WinXP | 212.48.166.165 (ATTILA.OFFROADPRORACING.IT): WEB HOUSING AND OTHER SERVICES, PISA, TOSCANA, IT. |
n/a | DE:siliconfireware.ru :wpad DE:ebookfinaltrash.ru DE:212.227.111.29:80 DE:217.11.54.126:80 EU:78.47.200.154:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | df17a625ee [Firefox:443 hits: 05-04 to 05-12] |
none[3] | none:none |
ASPack| | none | trace |
| 11:39:00 | Win2K-f | 91.65.93.114 (SUPERKABEL.DE): KABEL-DEUTSCHLAND-CUSTOMER-SERVICES, DE. |
n/a | CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
12 of 31 | ab48a97a5d [Firefox: 5 hits: 12-28 to 05-11] |
81e9c5d188 [0] | ASM:Graph |
ASProtect| | lines=419 embedded dns |
trace |
| T:11:41:00 | WinXP | 189.49.215.118 (BRASILTELECOM.NET.BR): COMITE GESTOR DA INTERNET NO BRASIL, BR. |
222.177.11.165:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
11 of 32 | e9ddb56723 NEW |
none[none] | none:none |
none|none | none | none |
| 11:46:00 | Win2K-f | 62.47.16.13 (TELEKOM.AT): HIGHWAY CUSTOMERS, VIENNA, WIEN, AT. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 11:55:00 | Win2K-f | 212.45.75.251 (ISTAR-LINK.COM): ISTAR LINK COSTUMERS IN SILISTRA, BG. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| T:11:56:00 | Win2K-f | 89.230.185.88 (MM.PL): SZEL-SAT, PL. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
19 of 32 | c611c30d42 NEW |
8021c7f7aa [0] | ASM:Graph |
none|none | lines=0 | trace | |
| 12:00:00 | WinXP | 124.102.107.55 (OCN.NE.JP): OPEN COMPUTER NETWORK, JP. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 15 lines |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | 831f4ee0a7 [Firefox:585 hits: 07-11 to 05-12] |
eb7546c600 [0] | ASM:Graph |
none|none | lines=61 | trace | |
| 12:01:00 | Win2K-f | 86.97.96.193 (NET.AE): EMIRATES TELECOMMUNICATIONS CORPORATION, DUBAI, DUBAI, AE. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 12:12:00 | Win2K-f | 84.54.209.249 (STV.RU): OAO ELECTROSVIAZ STAVROPOL REGION, RU. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 12 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:12:16:00 | Win2K-f | 88.85.18.69 (NET2000.CH): BROADBAND CUSTOMER, NEUCHATEL, NEUCHATEL, CH. |
222.177.11.165:7000 | CN:scorti1.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 21 lines |
Yeah : 1.8 profile |
none | summary tarball |
20 of 31 | af98fe0c94 [Firefox:57 hits: 04-27 to 05-12] |
480d076a0a [0] | ASM:Graph |
ASProtect| | lines=422 embedded dns |
trace |
| 12:21:00 | Win2K-f | 85.26.23.18 (217-117-34-10.TELEDISNET.BE): TELEDISNET ISP, BE. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 16 lines |
Yeah : 0.8 profile |
none | summary tarball |
19 of 32 | 468140ed8f [Firefox: 2 hits: 05-07 to 05-11] |
none[4] | none:none |
none|none | none | trace |
| 12:26:00 | WinXP | 195.254.236.27 (RAIFFEISEN.NET): RAIFFEISEN VERBAND SUEDTIROL, IT. (DIAL) |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:2967 hits: 12-31 to 05-12] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 12:27:00 | Win2K-f | 190.174.153.64 (-): . |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
18 of 32 | 7e28dac8de [Firefox:13 hits: 04-27 to 05-10] |
none[4] | none:none |
none|none | none | trace |
| 12:40:00 | WinXP | 41.214.138.123 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 12:41:00 | WinXP | 201.254.29.103 (COM.AR): TELEFONICA DE ARGENTINA, BUENOS AIRES, BUENOS AIRES, AR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| T:12:43:00 | Win2K-f | 85.92.236.186 (NET.BA): AS54#13 ZENICA TKC, SARAJEVO, FEDERATION OF BOSNIA AND HERZEGOVINA, BA. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace | |
| T:12:48:00 | WinXP | 92.40.37.29 (IKBCC.COM): EU-ZZ, UK. |
n/a | DE:proxim.ircgalaxy.pl DE:85.114.137.60:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
29 of 32 | 1ab4d3d7b6 [Firefox: 7 hits: 04-10 to 05-08] |
cc366b3f6c [0] | ASM:Graph |
none|none | lines=287 embedded dns |
trace |
| 13:08:00 | Win2K-f | 200.45.82.230 (NET.AR): APOLO -GOLD-TELECOM-PER, BUENOS AIRES, BUENOS AIRES, AR. |
222.177.11.165:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp 20 lines |
Yeah : 1.3 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:150 hits: 05-05 to 05-12] |
none[4] | none:none |
none|none | none | trace |
| 13:11:00 | WinXP | 41.232.128.7 (TEDATA.NET): PROVIDER LOCAL REGISTRY, EG. |
n/a | CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 16 lines |
Yeah : 0.8 profile |
none | summary tarball |
23 of 31 | 3a65749370 [Firefox: 5 hits: 05-05 to 05-11] |
c0e04edf74 [0] | ASM:Graph |
TXT2COM| | lines=407 embedded dns |
trace |
| 13:14:00 | Win2K-f | 90.150.44.118 (-): OJSC URALSVYAZINFORM KHANTY-MANSIYSK DEPARTMENT, RU. |
n/a | CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
20 of 31 | cb89ccfe52 [Firefox: 8 hits: 04-29 to 05-10] |
881f6fa4b7 [0] | ASM:Graph |
TXT2COM| | lines=406 embedded dns |
trace |
| T:13:35:00 | Win2K-f | 89.201.185.167 (OPTIMA-TELEKOM.HR): OT - OPTIMA TELEKOM D.O.O, ZAGREB, GRAD ZAGREB, HR. |
222.177.11.165:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| T:13:36:00 | WinXP | 190.92.20.64 (-): CABLECOLOR S.A, TEGUCIGALPA, FRANCISCO MORAZAN, HN. |
222.177.11.165:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 23 lines |
Yeah : 1.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 13:40:00 | WinXP | 190.174.164.244 (-): . |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
18 of 32 | 7e28dac8de [Firefox:13 hits: 04-27 to 05-10] |
none[4] | none:none |
none|none | none | trace |
| 13:52:00 | Win2K-f | 89.201.146.5 (OPTIMA-TELEKOM.HR): OT - OPTIMA TELEKOM D.O.O, ZAGREB, GRAD ZAGREB, HR. (DSL) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 13:54:00 | WinXP | 78.57.13.215 (ZEBRA.LT): LIETUVOS, KAUNAS, KAUNO APSKRITIS, LT. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| T:13:59:00 | WinXP | 151.21.228.235 (21-151.LIBERO.IT): FREE INTERNET DIAL-UP SERVICES, MILANO, LOMBARDIA, IT. (DIAL) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 14:09:00 | Win2K-f | 190.134.29.39 (-): . |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:150 hits: 05-05 to 05-12] |
none[4] | none:none |
none|none | none | trace |
| 14:16:00 | WinXP | 92.3.125.231 (-): CARPHONE WAREHOUSE BROADBAND SERVICES, UK. |
222.177.11.165:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 24 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 14:24:00 | Win2K-f | 12.74.177.33 (ATT.NET): AT&T WORLDNET SERVICES, MOBILE, ALABAMA, US. (DIAL) |
n/a | :irc.drxclusives.info CA:activestate.com DK:mx-cluster1.one.com US:spam08.affinitypath.com CA:mx.netidentity.com.cust.hostedemail.com US:conway.org :mail.activestate.com :smtp.activestate.com DK:mx-cluster2.one.com :mx1.activestate.com :mxs.activestate.com :mail1.activestate.com :relay.activestate.com :ns.activestate.com :gate.activestate.com GB:spamgizmo.flirble.org :romagiubileo.it :mx.romagiubileo.it US:mx.conway.org DK:rto.dk US:perl.org :mail1.fmrco.com DK:195.47.247.170:25 DK:195.47.247.173:25 CA:204.244.102.6:25 US:209.130.152.244:25 IT:213.255.42.102:25 |
445 | pcap | raw alerts ruleset |
shell ftp 871 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:14:37:00 | Win2K-f | 4.246.111.63 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, SACRAMENTO, CALIFORNIA, US. (DIAL) |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 17 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:14:40:00 | WinXP | 189.29.189.169 (BRASILTELECOM.NET.BR): COMITE GESTOR DA INTERNET NO BRASIL, BR. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 12 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 14:50:00 | WinXP | 77.28.176.155 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
17 of 32 | dae8d145fb NEW |
none[4] | none:none |
none|none | none | trace |
| 14:51:00 | Win2K-f | 91.141.97.56 (I-ONE.AT): NETWORK OF ONE GMBH, VIENNA, WIEN, AT. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
28 of 32 | c83a34840a NEW |
none[4] | none:none |
none|none | none | trace |
| T:14:53:00 | Win2K-f | 91.65.121.70 (SUPERKABEL.DE): KABEL-DEUTSCHLAND-CUSTOMER-SERVICES, DE. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 14:54:00 | WinXP | 91.65.121.70 (SUPERKABEL.DE): KABEL-DEUTSCHLAND-CUSTOMER-SERVICES, DE. |
n/a | 445 | pcap | raw alerts ruleset |
other 0 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:14:59:00 | WinXP | 190.134.29.39 (-): . |
222.177.11.165:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:150 hits: 05-05 to 05-12] |
none[4] | none:none |
none|none | none | trace |
| 15:06:00 | WinXP | 72.251.20.47 (1DIAL.COM): AD-BASE SYSTEMS INC. (DBA GLOBALPOPS), PITTSBURGH, PENNSYLVANIA, US. (DIAL) |
n/a | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
30 of 32 | 6f89425f8a [Firefox:13 hits: 02-08 to 05-03] |
6480c2f949 [0] | ASM:Graph |
PolyEnE| | lines=73 | trace |
| T:15:16:00 | WinXP | 87.8.165.194 (RETAIL.TELECOMITALIA.IT): TELECOM ITALIA S.P.A. TIN EASY LITE, IT. |
222.177.11.165:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 15:45:00 | WinXP | 201.213.113.50 (NET.AR): PRIMA S.A, BUENOS AIRES, BUENOS AIRES, AR. (DSL) |
n/a | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 15:47:00 | WinXP | 190.30.201.45 (NET.AR): APOLO -GOLD-TELECOM-PER, CORDOBA, CORDOBA, AR. |
222.177.11.165:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp 20 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 15:49:00 | Win2K-f | 220.219.42.163 (INFOWEB.NE.JP): INFOWEB(FUJITSU LTD.), TOKYO, TOKYO, JP. (DIAL) |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:16:02:00 | Win2K-f | 189.48.177.210 (BRASILTELECOM.NET.BR): COMITE GESTOR DA INTERNET NO BRASIL, BR. |
222.177.11.165:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 25 lines |
Yeah : 1.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 16:02:00 | Win2K-f | 189.5.84.10 (BRASILTELECOM.NET.BR): COMITE GESTOR DA INTERNET NO BRASIL, BR. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 18 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace | |
| 16:12:00 | WinXP | 89.24.24.75 (4GINTERNET.CZ): GPRS/WBA CUSTOMER NETWORKS, CZ. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 15 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| T:16:13:00 | Win2K-f | 190.175.188.238 (-): . |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
23 of 31 | 14ef234ad3 [Firefox: 8 hits: 04-29 to 05-08] |
none[4] | none:none |
none|none | none | trace |
| 16:20:00 | WinXP | 70.77.47.109 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, PRINCE GEORGE, BRITISH COLUMBIA, CA. |
85.114.137.60:80 | DE:proxim.ircgalaxy.pl RU:moscow-advokat.ru |
445 | pcap | raw alerts ruleset |
http irc 3 lines |
Yeah : 1.8 profile |
none | summary tarball |
30 of 32 | eb41da3253 NEW |
none[4] | none:none |
PolyEnE| | none | trace |
| T:16:21:00 | WinXP | 70.77.47.109 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, PRINCE GEORGE, BRITISH COLUMBIA, CA. |
n/a | DE:proxim.ircgalaxy.pl RU:moscow-advokat.ru RU:194.6.222.11:6667 DE:85.114.137.60:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
30 of 32 | eb41da3253 NEW |
none[4] | none:none |
PolyEnE| | none | trace |
| T:16:28:00 | Win2K-f | 130.13.72.194 (QWEST.NET): QWEST BROADBAND SERVICES INC, PHOENIX, ARIZONA, US. |
222.51.25.90:18067 | CN:bniu.househot.com CN:ypgw.wallloan.com CN:222.51.25.90:18067 |
445 | pcap | raw alerts ruleset |
other 6 lines |
Yeah : 1.3 profile |
none | summary tarball |
31 of 32 | 9928a1e660 [Firefox:17 hits: 10-06 to 05-12] |
28c8dadabf [0] | ASM:Graph |
none|none | lines=104 embedded dns |
trace |
| 16:38:00 | Win2K-f | 60.49.36.21 (TM.NET.MY): TELEKOM MALAYSIA BERHAD, KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. |
222.177.11.165:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
12 of 30 | 76b4ab852e [Firefox:40 hits: 04-29 to 05-12] |
none[4] | none:none |
none|none | none | trace |
| 16:41:00 | WinXP | 190.50.97.90 (COM.AR): TELEFONICA DE ARGENTINA, AR. |
222.177.11.165:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 23 lines |
Yeah : 1.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:150 hits: 05-05 to 05-12] |
none[4] | none:none |
none|none | none | trace |
| 16:47:00 | Win2K-f | 78.61.24.209 (ZEBRA.LT): LIETUVOS-TELEKOMAS, LT. |
222.177.11.165:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 20 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| T:17:00:00 | WinXP | 190.189.0.2 (NET.AR): PRIMA S.A, AR. |
222.177.11.165:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| T:17:02:00 | WinXP | 201.252.35.231 (NET.AR): APOLO -GOLD-TELECOM-PER, BUENOS AIRES, BUENOS AIRES, AR. |
222.177.11.165:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 17:39:00 | WinXP | 124.43.53.159 (-): INTERNET SERVICE PROVIDER IN SRI LANKA, LK. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 15 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:150 hits: 05-05 to 05-12] |
none[4] | none:none |
none|none | none | trace |
| 17:42:00 | Win2K-f | 190.48.127.84 (COM.AR): TELEFONICA DE ARGENTINA, BUENOS AIRES, BUENOS AIRES, AR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
23 of 31 | 14ef234ad3 [Firefox: 8 hits: 04-29 to 05-08] |
none[4] | none:none |
none|none | none | trace |
| T:17:51:00 | WinXP | 24.85.48.121 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, RICHMOND, BRITISH COLUMBIA, CA. (DSL) |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | a0139d7ad8 [Firefox:431 hits: 05-02 to 05-10] |
d9e9662db1 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| T:17:57:00 | WinXP | 4.158.117.21 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, TINLEY PARK, ILLINOIS, US. (DIAL) |
n/a | CZ:217.170.244.2:443 CZ:82.114.64.251:443 |
445 | pcap | raw alerts ruleset |
shell ftp 17 lines |
Yeah : 1.3 profile |
none | summary tarball |
25 of 28 | 7fdfe363d5 [Firefox:2604 hits: 12-31 to 05-11] |
10862ea8b8 [0] | ASM:Graph |
FSG| | lines=1933 embedded dns |
trace |
| 18:05:00 | WinXP | 200.45.194.62 (NET.AR): MIDAS-TELECOM, AR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 15 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| T:18:14:00 | WinXP | 98.140.250.243 (-): . |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
29 of 29 | d42c1cc7c0 [Firefox:273 hits: 05-01 to 05-10] |
af9ca5bed1 [0] | ASM:Graph |
PolyEnE| | lines=54 | trace |
| 18:44:00 | Win2K-f | 190.49.34.235 (COM.AR): TELEFONICA DE ARGENTINA, BUENOS AIRES, BUENOS AIRES, AR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:150 hits: 05-05 to 05-12] |
none[4] | none:none |
none|none | none | trace |
| 19:14:00 | Win2K-f | 190.137.77.3 (NET.AR): TELECOM ARGENTINA S.A, AR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:150 hits: 05-05 to 05-12] |
none[4] | none:none |
none|none | none | trace |
| T:19:19:00 | WinXP | 201.250.234.7 (COM.AR): TELEFONICA DE ARGENTINA, AR. |
222.177.11.165:7000 | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp irc 23 lines |
Yeah : 1.3 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 20:02:00 | WinXP | 201.160.136.85 (CABLEONLINE.COM.MX): TELECABLE DE CHIHUAHUA SA DE CV, TIJUANA, MEXICO, MX. (DSL) |
85.114.137.60:80 | DE:proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http irc 3 lines |
Yeah : 1.8 profile |
none | summary tarball |
30 of 32 | 3f5ec58a6b [Firefox:16 hits: 04-24 to 05-12] |
4a77430a59 [0] | ASM:Graph |
PolyEnE| | lines=70 | trace |
| T:20:03:00 | WinXP | 201.160.136.85 (CABLEONLINE.COM.MX): TELECABLE DE CHIHUAHUA SA DE CV, TIJUANA, MEXICO, MX. (DSL) |
n/a | DE:proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 DE:85.114.137.60:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
30 of 32 | 3f5ec58a6b [Firefox:16 hits: 04-24 to 05-12] |
4a77430a59 [0] | ASM:Graph |
PolyEnE| | lines=70 | trace |
| T:20:04:00 | Win2K-f | 59.146.39.195 (SO-NET.NE.JP): SO-NET SERVICE, JP. |
n/a | CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
28 of 32 | a71d671241 NEW |
none[4] | none:none |
none|none | none | trace |
| T:20:09:00 | WinXP | 190.137.77.3 (NET.AR): TELECOM ARGENTINA S.A, AR. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:150 hits: 05-05 to 05-12] |
none[4] | none:none |
none|none | none | trace |
| 20:13:00 | Win2K-f | 12.74.178.168 (ATT.NET): AT&T WORLDNET SERVICES, BRANDON, MISSISSIPPI, US. (DIAL) |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 15 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 20:35:00 | WinXP | 201.250.234.7 (COM.AR): TELEFONICA DE ARGENTINA, AR. |
222.177.11.165:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 20:58:00 | WinXP | 60.50.150.175 (TM.NET.MY): TELEKOM MALAYSIA BERHAD, KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 21:19:00 | WinXP | 125.162.103.46 (-): TLKM_D1_BB_SPEEDY_PG, PALEMBANG, SUMATERA SELATAN, ID. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 16 lines |
Yeah : 0.8 profile |
none | summary tarball |
14 of 32 | a2a036466a [Firefox:150 hits: 05-05 to 05-12] |
none[4] | none:none |
none|none | none | trace |
| 21:43:00 | WinXP | 118.174.180.77 (-): . |
n/a | CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
13 of 32 | 53123fadcc [Firefox:43 hits: 01-26 to 05-12] |
none[4] | none:none |
none|none | none | trace |
| 21:50:00 | Win2K-f | 89.189.22.43 (KIS.RU): BUSINESS COMMUNICATION AGENCY LTD, NIZHNIY NOVGOROD, NIZHEGORODSKAYA OBLAST', RU. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| T:22:00:00 | WinXP | 190.31.66.20 (NET.AR): APOLO -GOLD-TELECOM-PER, BUENOS AIRES, BUENOS AIRES, AR. |
222.177.11.165:7000 | CN:hail.dns2go.com | 445 | pcap | raw alerts ruleset |
ftp irc 22 lines |
Yeah : 1.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| 22:00:00 | Win2K-f | 118.169.136.212 (-): . |
n/a | CZ:217.170.244.2:443 CZ:82.114.64.251:443 |
445 | pcap | raw alerts ruleset |
shell ftp 17 lines |
Yeah : 1.3 profile |
none | summary tarball |
25 of 28 | 7fdfe363d5 [Firefox:2604 hits: 12-31 to 05-11] |
10862ea8b8 [0] | ASM:Graph |
FSG| | lines=1933 embedded dns |
trace |
| 22:22:00 | Win2K-f | 60.242.211.24 (TPGI.COM.AU): AUSTRALIAN ISP, SYDNEY, NEW SOUTH WALES, AU. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| T:22:27:00 | WinXP | 92.47.130.31 (IKBCC.COM): EU-ZZ, UK. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 22:39:00 | Win2K-f | 190.174.129.242 (-): . |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 15 lines |
Yeah : 0.8 profile |
none | summary tarball |
18 of 32 | 7e28dac8de [Firefox:13 hits: 04-27 to 05-10] |
none[4] | none:none |
none|none | none | trace |
| 23:01:00 | WinXP | 81.211.127.228 (SPB.RU): SOVINTEL-MP1-SPB-POOL, RU. (DIAL) |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 [Firefox:2967 hits: 12-31 to 05-12] |
7a70e1b592 [0] | ASM:Graph |
PolyEnE| | lines=68 | trace |
| 23:06:00 | WinXP | 60.53.5.140 (TM.NET.MY): TELEKOM MALAYSIA BERHAD, GEORGE TOWN, PULAU PINANG, MY. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 23:33:00 | WinXP | 82.57.127.32 (RETAIL.TELECOMITALIA.IT): TELECOM ITALIA S.P.A. TIN EASY LITE, PRATO, TOSCANA, IT. (DSL) |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
21 of 32 | 5f78ff609d [Firefox:1113 hits: 04-27 to 05-12] |
d4a06bdc3a [0] | ASM:Graph |
none|none | lines=4 | trace |
| T:23:35:00 | Win2K-f | 89.169.8.113 (-): INFOLINE ZAO, RU. |
n/a | CN:hail.dns2go.com CN:scorti1.dns2go.com CN:222.177.11.165:7000 |
445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
12 of 30 | 76b4ab852e [Firefox:40 hits: 04-29 to 05-12] |
none[4] | none:none |
none|none | none | trace |
| T:23:44:00 | WinXP | 117.201.48.18 (-): . |
85.114.137.60:65520 | DE:proxim.ircgalaxy.pl CN:hail.dns2go.com CN:scorti1.dns2go.com DE:85.114.137.60:65520 |
445 | pcap | raw alerts ruleset |
ftp irc 16 lines |
Yeah : 1.3 profile |
none | summary tarball |
27 of 32 | 81087261e6 NEW |
none[4] | none:none |
none|none | none | trace |
| T:23:45:00 | Win2K-f | 125.162.102.174 (-): TLKM_D1_BB_SPEEDY_PG, PALEMBANG, SUMATERA SELATAN, ID. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |