Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

26 June 2008
<prev>   <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.


Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]
Time
 		Victim
OS
 		Infection
Source
 		C&C
Server
 		DNS Lookups &
Failed Connects 		Infection
Port
 		Packet
Trace
 		Detection
Signatures
 		Infection
Chatter
 		BotHunter
Analysis
 		Behavioral
Cluster
 		Forensic
Logs
 		Antivirus
Labels
 		Packed Malware_Binary Unpacked egg.exe
 		Unpacked egg.asm
 		Packer PEID
 		Data Strings
 		Syscall Trace
00:16:00 WinXP 68.89.232.222 (SWBELL.NET):
PPPOX POOL - RBACK1 BUMTTX,
BEAUMONT, TEXAS, US. (DIAL) 		n/a US:microsoft.com
US:download.microsoft.com
US:199.93.41.126:80
US:199.93.44.124:80
US:205.128.79.124:80 		135 pcap raw alerts
ruleset 		other
76 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 32		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
73f1082158
[Firefox:82 hits: 06-18 to 06-25] 		none[4]
73f1082158[1] 		none:none
ASM:Graph
 tElock|
Armadillo| 		none
lines=81 		trace
trace
T:00:19:00 WinXP 59.112.141.62 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		217.170.244.2:443  
CZ:217.170.244.2:443 		445 pcap raw alerts
ruleset 		shell
ftp
irc
28 lines 		Yeah : 1.8
profile 		none summary
tarball 		25 of 28 7fdfe363d5
[Firefox:2723 hits: 12-31 to 06-25] 		10862ea8b8 [0] ASM:Graph
 FSG| lines=1933
embedded dns 		trace
00:38:00 Win2K-f 125.58.75.125 (-):
. 		n/a US:microsoft.com
US:download.microsoft.com
US:199.93.41.124:80 		135 pcap raw alerts
ruleset 		other
59 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
8 of 33		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
b7082104e4
[Firefox: 9 hits: 06-18 to 06-24] 		none[4]
none [4] 		none:none
none:none
 tElock|
tElock| 		none
none 		trace
trace
T:00:45:00 WinXP 125.58.75.125 (-):
. 		n/a US:microsoft.com
US:download.microsoft.com
US:192.221.99.126:80
US:198.78.220.124:80
US:199.93.44.126:80 		135 pcap raw alerts
ruleset 		other
59 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
8 of 33		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
b7082104e4
[Firefox: 9 hits: 06-18 to 06-24] 		none[4]
none [4] 		none:none
none:none
 tElock|
tElock| 		none
none 		trace
trace
T:00:55:00 Win2K-f 65.255.191.174 (SPEAKEASY.NET):
US. 		n/a US:microsoft.com
US:download.microsoft.com 		135 pcap raw alerts
ruleset 		http
76 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 32
0 of 32		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
73f1082158
[Firefox:82 hits: 06-18 to 06-25]
b5919931fe
[Firefox:31 hits: 06-20 to 06-25] 		none[4]
73f1082158[1]
b5919931fe[1] 		none:none
ASM:Graph
ASM:Graph
 tElock|
Armadillo|
ASProtect| 		none
lines=81
lines=90 		trace
trace
trace
T:00:59:00 WinXP 152.66.57.2 (BME.HU):
BUDAPEST UNIVERSITY OF TECHNOLOGY AND ECONOMICS,
BUDAPEST, BUDAPEST, HU. 		217.170.244.2:443   445 pcap raw alerts
ruleset 		shell
ftp
irc
27 lines 		Yeah : 1.8
profile 		none summary
tarball 		25 of 28 7fdfe363d5
[Firefox:2723 hits: 12-31 to 06-25] 		10862ea8b8 [0] ASM:Graph
 FSG| lines=1933
embedded dns 		trace
T:01:01:00 Win2K-f 116.123.138.219 (-):
HANARO TELECOM,
SEOUL, KYONGGI-DO, KR. 		n/a US:microsoft.com
:proxim.ircgalaxy.pl
US:download.microsoft.com
US:192.221.110.126:80
US:192.221.99.124:80
US:199.93.41.124:80 		135 pcap raw alerts
ruleset 		other
114 lines 		Yeah : 1.3
profile 		none summary
tarball 		30 of 33
32 of 33		 0a2b1894da
NEW
414b95a784
NEW 		none[none]
none [none] 		none:none
none:none
 none|none
none|none 		none
none 		none
none
T:01:07:00 Win2K-f 218.169.51.23 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
01:13:00 Win2K-f 75.49.225.67 (SBCGLOBAL.NET):
PPPOX POOL - BRAS6.STLSMO,
SOUTH FORK, MISSOURI, US. (DSL) 		n/a   135 pcap raw alerts
ruleset 		other
11 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
T:01:41:00 WinXP 116.126.135.34 (-):
HANARO TELECOM,
SEOUL, KYONGGI-DO, KR. 		n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:64.62.216.56:80 		135 pcap raw alerts
ruleset 		http
106 lines 		Yeah : 1.3
profile 		none summary
tarball 		1 of 33
0 of 33
31 of 33		 68bda5c857
NEW
e07c29c4ae
[Firefox:33 hits: 06-19 to 06-25]
f611613956
NEW 		none[none]
e07c29c4ae[1]
none [none] 		none:none
ASM:Graph
none:none
 none|none
FSG|
none|none 		none
lines=92
none 		none
trace
none
01:42:00 Win2K-f 116.126.135.34 (-):
HANARO TELECOM,
SEOUL, KYONGGI-DO, KR. 		n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:64.62.216.56:80 		135 pcap raw alerts
ruleset 		other
105 lines 		Yeah : 1.3
profile 		none summary
tarball 		1 of 33
31 of 33		 68bda5c857
NEW
f611613956
NEW 		none[none]
none [none] 		none:none
none:none
 none|none
none|none 		none
none 		none
none
T:02:01:00 WinXP 122.100.32.143 (-):
SEODAEGU CABLE TV,
TAEGU, KYONGSANG-BUKTO, KR. 		n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com 		135 pcap raw alerts
ruleset 		http
176 lines 		Yeah : 1.3
profile 		none summary
tarball 		32 of 33
30 of 33		 9963e9c1ff
NEW
a647a60592
NEW 		none[none]
none [none] 		none:none
none:none
 none|none
none|none 		none
none 		none
none
02:18:00 WinXP 91.124.247.148 (UKRTEL.NET):
UKRTELECOM,
BROVARY, KYYIVS'KA OBLAST', UA. 		n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		31 of 32 1e5df7ba74
[Firefox:24 hits: 03-24 to 06-18] 		a5331b711f [0] ASM:Graph
 PolyEnE| lines=68 trace
T:02:22:00 WinXP 124.100.179.201 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
15 lines 		Yeah : 1.3
profile 		none summary
tarball 		31 of 32 741e3b03b3
[Firefox:72 hits: 09-28 to 06-25] 		e0197e8a64 [0] ASM:Graph
 none|none lines=62 trace
T:03:02:00 Win2K-f 208.77.183.46 (MYCOMSPAN.COM):
COMSPAN BANDON NETWORK LLC,
BANDON, OREGON, US. 		n/a US:microsoft.com
US:download.microsoft.com
US:64.62.216.10:80
US:64.62.216.56:80 		135 pcap raw alerts
ruleset 		other
59 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
8 of 33		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
b7082104e4
[Firefox: 9 hits: 06-18 to 06-24] 		none[4]
none [4] 		none:none
none:none
 tElock|
tElock| 		none
none 		trace
trace
03:06:00 WinXP 121.102.210.202 (HI-HO.NE.JP):
PANASONIC NETWORK SERVICES INC,
JP. 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
15 lines 		Yeah : 1.3
profile 		none summary
tarball 		29 of 29 831f4ee0a7
[Firefox:656 hits: 07-11 to 06-24] 		eb7546c600 [0] ASM:Graph
 none|none lines=61 trace
T:03:13:00 WinXP 65.68.19.187 (-):
POPLAR PCS,
JONESBORO, ARKANSAS, US. (100Mbps) 		n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:205.128.66.126:80 		135 pcap raw alerts
ruleset 		http
114 lines 		Yeah : 1.3
profile 		none summary
tarball 		32 of 33
28 of 32
0 of 33		 3f0a5b2ebe
[Firefox: 3 hits: 06-18 to 06-20]
c6bfb5f0f2
[Firefox: 3 hits: 06-18 to 06-20]
e07c29c4ae
[Firefox:33 hits: 06-19 to 06-25] 		none[4]
c6bfb5f0f2[1]
e07c29c4ae[1] 		none:none
ASM:Graph
ASM:Graph
 PolyEnE|
Armadillo|
FSG| 		none
lines=81
lines=92 		trace
trace
trace
03:45:00 Win2K-f 202.157.62.37 (KCN-TV.NE.JP):
KUMAMOTO CABLE NETWORK CORPORATION,
JP. 		n/a US:microsoft.com
US:download.microsoft.com
US:64.62.216.10:80
US:64.62.216.56:80 		135 pcap raw alerts
ruleset 		other
75 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 32		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
73f1082158
[Firefox:82 hits: 06-18 to 06-25] 		none[4]
73f1082158[1] 		none:none
ASM:Graph
 tElock|
Armadillo| 		none
lines=81 		trace
trace
03:58:00 Win2K-f 211.74.249.230 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a  
CZ:217.170.244.2:443
CZ:82.114.64.251:443 		445 pcap raw alerts
ruleset 		shell
ftp
17 lines 		Yeah : 1.3
profile 		none summary
tarball 		25 of 28 7fdfe363d5
[Firefox:2723 hits: 12-31 to 06-25] 		10862ea8b8 [0] ASM:Graph
 FSG| lines=1933
embedded dns 		trace
04:05:00 WinXP 118.237.15.107 (-):
. 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		31 of 32 27b945de66
[Firefox: 3 hits: 06-20 to 06-22] 		none[4] none:none
 none|none none trace
T:04:26:00 WinXP 194.125.185.214 (EIRCOM.NET):
EIRCOM LTD,
DUBLIN, DUBLIN, IE. 		194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 1.3
profile 		none summary
tarball 		26 of 28 7d99b0e910
[Firefox:3095 hits: 12-31 to 06-25] 		7a70e1b592 [0] ASM:Graph
 PolyEnE| lines=68 trace
T:04:39:00 WinXP 116.123.1.178 (-):
HANARO TELECOM,
SEOUL, KYONGGI-DO, KR. 		n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:64.62.216.10:80
US:64.62.216.56:80 		135 pcap raw alerts
ruleset 		other
113 lines 		Yeah : 1.3
profile 		none summary
tarball 		30 of 33
29 of 33		 6ec2a8994b
[Firefox: 2 hits: 06-18 to 06-24]
857b781ca9
[Firefox: 2 hits: 06-18 to 06-24] 		none[4]
857b781ca9[1] 		none:none
ASM:Graph
 tElock|
Armadillo| 		none
lines=82 		trace
trace
04:48:00 WinXP 61.228.149.222 (PRESTONAUTO.COM):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a :proxim.ircgalaxy.pl
CZ:217.170.244.2:443
CZ:82.114.64.251:443 		445 pcap raw alerts
ruleset 		shell
ftp
17 lines 		Yeah : 1.3
profile 		none summary
tarball 		32 of 33 1514bbf1d6
NEW 		none[none] none:none
 none|none none none
T:04:51:00 WinXP 24.136.42.156 (COX.NET):
COX COMMUNICATIONS INC,
GAINESVILLE, FLORIDA, US. (100Mbps) 		n/a US:microsoft.com
US:download.microsoft.com
US:64.62.216.10:80
US:64.62.216.56:80 		135 pcap raw alerts
ruleset 		other
79 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 33		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
a08f3b74a4
[Firefox:71 hits: 06-18 to 06-25] 		none[4]
a08f3b74a4[1] 		none:none
ASM:Graph
 tElock|
Armadillo| 		none
lines=81 		trace
trace
T:05:04:00 WinXP 122.53.117.71 (PLDT.NET):
IPG,
PH. 		n/a US:microsoft.com
US:download.microsoft.com
:proxim.ircgalaxy.pl
US:64.62.216.10:80
US:64.62.216.56:80 		135 pcap raw alerts
ruleset 		other
126 lines 		Yeah : 1.3
profile 		none summary
tarball 		29 of 33
33 of 33		 16874933ea
[Firefox: 8 hits: 06-18 to 06-25]
76ee340669
[Firefox: 8 hits: 06-18 to 06-25] 		16874933ea [1]
none [4] 		ASM:Graph
none:none
 Armadillo|
PolyEnE| 		lines=82
none 		trace
trace
T:05:22:00 WinXP 211.11.88.50 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 		n/a   445 pcap raw alerts
ruleset 		ftp
12 lines 		Yeah : 0.8
profile 		none summary
tarball 		29 of 29 831f4ee0a7
[Firefox:656 hits: 07-11 to 06-24] 		eb7546c600 [0] ASM:Graph
 none|none lines=61 trace
T:05:23:00 WinXP 201.69.78.3 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		n/a RU:moscow-advokat.ru
NL:diemen.nl.eu.undernet.org
:los-angeles.ca.us.undernet.org
SE:viking.dal.net
:brussels.be.eu.undernet.org
:caen.fr.eu.undernet.org
SE:vancouver.dal.net 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 1.3
profile 		none summary
tarball 		25 of 25 7f60162c2c
[Firefox:1355 hits: 12-31 to 06-25] 		1aad8e4632 [0] ASM:Graph
 PolyEnE| lines=93
embedded dns 		trace
T:05:24:00 Win2K-f 75.14.253.81 (-):
REFAT M HIJAZ DBA,
PLANO, TEXAS, US. (100Mbps) 		n/a US:microsoft.com
US:download.microsoft.com 		135 pcap raw alerts
ruleset 		http
76 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 33		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
a08f3b74a4
[Firefox:71 hits: 06-18 to 06-25] 		none[4]
a08f3b74a4[1] 		none:none
ASM:Graph
 tElock|
Armadillo| 		none
lines=81 		trace
trace
T:05:48:00 Win2K-f 203.70.197.221 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		217.170.244.2:443  
CZ:217.170.244.2:443 		445 pcap raw alerts
ruleset 		shell
ftp
irc
27 lines 		Yeah : 1.8
profile 		none summary
tarball 		25 of 28 7fdfe363d5
[Firefox:2723 hits: 12-31 to 06-25] 		10862ea8b8 [0] ASM:Graph
 FSG| lines=1933
embedded dns 		trace
05:49:00 WinXP 75.35.242.131 (SBCGLOBAL.NET):
PPOX POOL - RBACK6.BCVLOH,
CLEVELAND, OHIO, US. (DSL) 		n/a US:microsoft.com
US:download.microsoft.com
US:64.62.216.10:80
US:64.62.216.56:80 		135 pcap raw alerts
ruleset 		other
60 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
8 of 33		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
b7082104e4
[Firefox: 9 hits: 06-18 to 06-24] 		none[4]
none [4] 		none:none
none:none
 tElock|
tElock| 		none
none 		trace
trace
06:12:00 WinXP 64.141.65.231 (MERCURYSPEED.COM):
BIG PIPE INC,
KAMLOOPS, BRITISH COLUMBIA, CA. 		n/a US:microsoft.com
US:download.microsoft.com
US:199.93.46.124:80
US:207.123.46.125:80
US:8.12.202.125:80 		135 pcap raw alerts
ruleset 		other
77 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 32		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
73f1082158
[Firefox:82 hits: 06-18 to 06-25] 		none[4]
73f1082158[1] 		none:none
ASM:Graph
 tElock|
Armadillo| 		none
lines=81 		trace
trace
T:06:16:00 Win2K-f 24.87.54.168 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
RICHMOND, BRITISH COLUMBIA, CA. (DSL) 		n/a   135 pcap raw alerts
ruleset 		other
18 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
T:06:21:00 WinXP 81.155.118.230 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
LONDON, ENGLAND, UK. (DSL) 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		29 of 29 1a2c0e6130
[Firefox:438 hits: 12-31 to 06-25] 		048df78048 [0] ASM:Graph
 none|none lines=61 trace
06:30:00 WinXP 12.76.224.243 (ATT.NET):
AT&T WORLDNET SERVICES,
JACKSONVILLE, NORTH CAROLINA, US. (DIAL) 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
20 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
06:35:00 WinXP 86.155.86.7 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
SWANSEA, WALES, UK. 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		29 of 29 831f4ee0a7
[Firefox:656 hits: 07-11 to 06-24] 		eb7546c600 [0] ASM:Graph
 none|none lines=61 trace
06:44:00 Win2K-f 61.228.154.199 (PRESTONAUTO.COM):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a :proxim.ircgalaxy.pl
CZ:217.170.244.2:443
CZ:82.114.64.251:443 		445 pcap raw alerts
ruleset 		shell
ftp
17 lines 		Yeah : 1.3
profile 		none summary
tarball 		32 of 33 1514bbf1d6
NEW 		none[none] none:none
 none|none none none
06:47:00 WinXP 86.130.205.213 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
LONDON, ENGLAND, UK. 		n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		26 of 28 7d99b0e910
[Firefox:3095 hits: 12-31 to 06-25] 		7a70e1b592 [0] ASM:Graph
 PolyEnE| lines=68 trace
07:12:00 WinXP 78.130.73.159 (REV.OPTIMUS.PT):
OPTIMUS TELECOMUNICAGUES S.A,
PT. 		n/a EU:siliconfireware.ru
EU:ebookfinaltrash.ru
:wpad
DE:212.227.111.29:80
DE:217.11.54.126:80
EU:78.47.200.154:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		29 of 30 af79e0c602
[Firefox:10 hits: 07-19 to 06-11] 		none[4] none:none
 ASPack| none trace
T:07:25:00 WinXP 4.245.103.64 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
MODESTO, CALIFORNIA, US. (DIAL) 		n/a DE:siliconfireware.ru
US:searchportal.information.com
US:spi.domainsponsor.com
:www.proxy-socks.net
:wpad
:landdev1.lap.internal 		445 pcap raw alerts
ruleset 		http
http
http
11 lines 		Yeah : 0.8
profile 		none summary
tarball 		29 of 29 a12cab51ef
[Firefox:1066 hits: 05-01 to 06-25] 		40f7f463c4 [0] ASM:Graph
 ASPack| lines=281
embedded dns 		trace
07:27:00 WinXP 118.237.44.9 (-):
. 		n/a   445 pcap raw alerts
ruleset 		ftp
12 lines 		Yeah : 0.8
profile 		none summary
tarball 		31 of 32 27b945de66
[Firefox: 3 hits: 06-20 to 06-22] 		none[4] none:none
 none|none none trace
07:44:00 WinXP 217.68.183.152 (PRIMACOM.NET):
PRIMACOM-HEADENDS,
LEIPZIG, SACHSEN, DE. 		n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		32 of 33 77e8c157d9
NEW 		none[none] none:none
 none|none none none
07:47:00 WinXP 117.99.10.131 (XLRI.AC.IN):
BHARTI AIRTEL LTD,
DELHI, DELHI, IN. 		n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		25 of 25 7f60162c2c
[Firefox:1355 hits: 12-31 to 06-25] 		1aad8e4632 [0] ASM:Graph
 PolyEnE| lines=93
embedded dns 		trace
07:51:00 Win2K-f 92.40.240.167 (IKBCC.COM):
EU-ZZ,
UK. 		n/a  
CZ:217.170.244.2:443
CZ:82.114.64.251:443 		445 pcap raw alerts
ruleset 		shell
ftp
17 lines 		Yeah : 1.3
profile 		none summary
tarball 		25 of 28 7fdfe363d5
[Firefox:2723 hits: 12-31 to 06-25] 		10862ea8b8 [0] ASM:Graph
 FSG| lines=1933
embedded dns 		trace
T:08:01:00 Win2K-f 85.180.13.228 (ALICEDSL.DE):
HANSENET-ADSL,
DE. (DSL) 		n/a   445 pcap raw alerts
ruleset 		shell
4 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
08:03:00 WinXP 123.0.68.196 (CC9.NE.JP):
CABLE TV CORPORATION,
JP. 		n/a US:microsoft.com
US:download.microsoft.com
US:199.93.41.124:80
US:205.128.79.126:80
US:4.23.60.125:80 		135 pcap raw alerts
ruleset 		other
76 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 33		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
a08f3b74a4
[Firefox:71 hits: 06-18 to 06-25] 		none[4]
a08f3b74a4[1] 		none:none
ASM:Graph
 tElock|
Armadillo| 		none
lines=81 		trace
trace
08:05:00 WinXP 85.181.58.35 (ALICEDSL.DE):
HANSENET-ADSL,
DE. (DSL) 		n/a   445 pcap raw alerts
ruleset 		shell
5 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
08:07:00 WinXP 118.237.38.246 (-):
. 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
13 lines 		Yeah : 0.8
profile 		none summary
tarball 		31 of 32 27b945de66
[Firefox: 3 hits: 06-20 to 06-22] 		none[4] none:none
 none|none none trace
T:08:08:00 WinXP 67.150.21.161 (MDSG-PACWEST.COM):
PAC-WEST MANAGED MODEM NAS POOL,
LOS ANGELES, CALIFORNIA, US. 		194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 1.3
profile 		none summary
tarball 		26 of 28 7d99b0e910
[Firefox:3095 hits: 12-31 to 06-25] 		7a70e1b592 [0] ASM:Graph
 PolyEnE| lines=68 trace
T:08:12:00 WinXP 65.184.127.122 (RR.COM):
ROAD RUNNER HOLDCO LLC,
FAYETTEVILLE, NORTH CAROLINA, US. 		n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		26 of 28 7d99b0e910
[Firefox:3095 hits: 12-31 to 06-25] 		7a70e1b592 [0] ASM:Graph
 PolyEnE| lines=68 trace
08:30:00 WinXP 218.160.68.138 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAOYUAN, T'AI-WAN, TW. 		n/a :proxim.ircgalaxy.pl
CZ:217.170.244.2:443
CZ:82.114.64.251:443 		445 pcap raw alerts
ruleset 		shell
ftp
18 lines 		Yeah : 1.3
profile 		none summary
tarball 		29 of 32 2f5a49b768
NEW 		none[4] none:none
 FSG| none trace
08:36:00 Win2K-f 24.136.42.156 (COX.NET):
COX COMMUNICATIONS INC,
GAINESVILLE, FLORIDA, US. (100Mbps) 		n/a US:microsoft.com
US:download.microsoft.com
US:205.128.79.124:80 		135 pcap raw alerts
ruleset 		other
79 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 33		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
a08f3b74a4
[Firefox:71 hits: 06-18 to 06-25] 		none[4]
a08f3b74a4[1] 		none:none
ASM:Graph
 tElock|
Armadillo| 		none
lines=81 		trace
trace
T:08:51:00 Win2K-f 66.56.160.31 (RR.COM):
ROAD RUNNER HOLDCO LLC,
WINSTON SALEM, NORTH CAROLINA, US. 		n/a   135 pcap raw alerts
ruleset 		other
18 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
T:09:02:00 WinXP 220.215.237.216 (CATV02.ITSCOM.JP):
ITS COMMUNICATIONS INC,
JP. 		n/a   445 pcap raw alerts
ruleset 		ftp
12 lines 		Yeah : 0.8
profile 		none summary
tarball 		31 of 32 741e3b03b3
[Firefox:72 hits: 09-28 to 06-25] 		e0197e8a64 [0] ASM:Graph
 none|none lines=62 trace
T:09:05:00 WinXP 61.216.232.190 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
16 lines 		Yeah : 1.3
profile 		none summary
tarball 		31 of 32 741e3b03b3
[Firefox:72 hits: 09-28 to 06-25] 		e0197e8a64 [0] ASM:Graph
 none|none lines=62 trace
T:09:11:00 WinXP 66.137.92.42 (SWBELL.NET):
DIAL POOL - NAS1.LGVWTX,
CARTHAGE, TEXAS, US. (DIAL) 		n/a EU:siliconfireware.ru
:wpad
DE:212.227.111.29:80
DE:217.11.54.126:80
EU:78.47.200.154:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		29 of 29 df17a625ee
[Firefox:473 hits: 05-04 to 06-24] 		9bbdd086c5 [0] ASM:Graph
 ASPack| lines=186
embedded dns 		trace
09:14:00 WinXP 123.224.237.161 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. 		n/a   445 pcap raw alerts
ruleset 		shell
2 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
09:35:00 Win2K-f 122.54.56.43 (PLDT.NET):
IPG,
PH. 		n/a US:microsoft.com
US:download.microsoft.com
:proxim.ircgalaxy.pl
US:199.93.41.126:80 		135 pcap raw alerts
ruleset 		other
126 lines 		Yeah : 1.3
profile 		none summary
tarball 		29 of 33
33 of 33		 16874933ea
[Firefox: 8 hits: 06-18 to 06-25]
76ee340669
[Firefox: 8 hits: 06-18 to 06-25] 		16874933ea [1]
none [4] 		ASM:Graph
none:none
 Armadillo|
PolyEnE| 		lines=82
none 		trace
trace
T:09:38:00 WinXP 220.215.143.144 (CATV02.ITSCOM.JP):
ITS COMMUNICATIONS INC,
JP. 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
15 lines 		Yeah : 1.3
profile 		none summary
tarball 		31 of 32 741e3b03b3
[Firefox:72 hits: 09-28 to 06-25] 		e0197e8a64 [0] ASM:Graph
 none|none lines=62 trace
T:09:53:00 WinXP 123.224.237.161 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. 		n/a   445 pcap raw alerts
ruleset 		shell
3 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
09:57:00 WinXP 41.214.181.129 (-):
. 		n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		26 of 28 7d99b0e910
[Firefox:3095 hits: 12-31 to 06-25] 		7a70e1b592 [0] ASM:Graph
 PolyEnE| lines=68 trace
10:06:00 Win2K-f 219.250.201.52 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 		n/a :proxima.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:204.160.126.124:80
US:205.128.66.126:80
US:207.123.46.125:80 		135 pcap raw alerts
ruleset 		other
86 lines 		Yeah : 1.3
profile 		none summary
tarball 		31 of 33
0 of 33		 168aab35a3
[Firefox:13 hits: 06-17 to 06-22]
4c3df24b32
[Firefox:21 hits: 06-17 to 06-23] 		none[4]
4c3df24b32[1] 		none:none
ASM:Graph
 tElock|
Armadillo| 		none
lines=81 		trace
trace
T:10:07:00 WinXP 124.115.15.45 (163DATA.COM.CN):
CHINANET SHANXI(SN) PROVINCE NETWORK,
BEIJING, BEIJING, CN. 		n/a US:microsoft.com
US:download.microsoft.com
US:204.160.126.124:80
US:205.128.66.126:80
US:207.123.46.125:80 		135 pcap raw alerts
ruleset 		other
76 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 33		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
a08f3b74a4
[Firefox:71 hits: 06-18 to 06-25] 		none[4]
a08f3b74a4[1] 		none:none
ASM:Graph
 tElock|
Armadillo| 		none
lines=81 		trace
trace
10:16:00 WinXP 122.2.39.19 (PLDT.NET):
JNEC7300I03_CONSUMER,
CEBU, CEBU CITY, PH. 		n/a US:microsoft.com
US:download.microsoft.com
US:199.93.53.125:80
US:207.123.44.125:80
US:207.123.46.125:80 		135 pcap raw alerts
ruleset 		other
237 lines 		Yeah : 1.3
profile 		none summary
tarball 		29 of 33
31 of 33		 10e9845a09
NEW
e0faf35825
NEW 		none[none]
none [none] 		none:none
none:none
 none|none
none|none 		none
none 		none
none
10:42:00 WinXP 60.238.143.170 (MESH.AD.JP):
NEC CORPORATION,
JP. 		n/a  
CZ:217.170.244.2:443
CZ:82.114.64.251:443 		445 pcap raw alerts
ruleset 		shell
ftp
18 lines 		Yeah : 1.3
profile 		none summary
tarball 		25 of 28 7fdfe363d5
[Firefox:2723 hits: 12-31 to 06-25] 		10862ea8b8 [0] ASM:Graph
 FSG| lines=1933
embedded dns 		trace
T:11:07:00 Win2K-f 71.136.17.66 (-):
MILANO DESIGN,
PLANO, TEXAS, US. (100Mbps) 		n/a US:microsoft.com
US:download.microsoft.com 		135 pcap raw alerts
ruleset 		http
86 lines 		Yeah : 1.3
profile 		none summary
tarball 		3 of 33
33 of 33
0 of 32		 73ce2b74da
NEW
79c01ec060
[Firefox: 2 hits: 06-18 to 06-19]
b5919931fe
[Firefox:31 hits: 06-20 to 06-25] 		73ce2b74da [1]
none [4]
b5919931fe[1] 		ASM:Graph
none:none
ASM:Graph
 Armadillo|
tElock|
ASProtect| 		lines=81
none
lines=90 		trace
trace
trace
11:19:00 WinXP 12.226.244.31 (MCHSI.COM):
MEDIACOM COMMUNICATIONS CORP,
ARNOLDS PARK, IOWA, US. 		n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		29 of 29 986b59708d
[Firefox:301 hits: 05-03 to 06-24] 		8a00217866 [0] ASM:Graph
 PolyEnE| lines=57 trace
T:11:26:00 Win2K-f 70.182.2.254 (COX.NET):
COX COMMUNICATIONS INC,
CROWLEY, LOUISIANA, US. 		n/a US:microsoft.com
US:download.microsoft.com
US:199.93.41.126:80
US:199.93.53.126:80
US:204.160.126.124:80 		135 pcap raw alerts
ruleset 		other
75 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 32		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
73f1082158
[Firefox:82 hits: 06-18 to 06-25] 		none[4]
73f1082158[1] 		none:none
ASM:Graph
 tElock|
Armadillo| 		none
lines=81 		trace
trace
T:11:49:00 WinXP 61.229.39.224 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		217.170.244.2:443  
CZ:217.170.244.2:443 		445 pcap raw alerts
ruleset 		shell
ftp
irc
27 lines 		Yeah : 1.8
profile 		none summary
tarball 		25 of 28 7fdfe363d5
[Firefox:2723 hits: 12-31 to 06-25] 		10862ea8b8 [0] ASM:Graph
 FSG| lines=1933
embedded dns 		trace
12:00:00 Win2K-f 68.150.163.32 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
SPRUCE GROVE, ALBERTA, CA. (DSL) 		72.10.172.218:9928 CA:tai.ihshsd8.com
:sisxteen.oihduhdd.net
CA:wiger.blacktiehsbdcs.com
CA:72.10.172.218:3938
CA:72.10.172.218:9928 		135 pcap raw alerts
ruleset 		other
266 lines 		Yeah : 1.8
profile 		none summary
tarball 		29 of 32 f5704d7334
NEW 		none[4] none:none
 StarForce| none trace
12:02:00 WinXP 4.91.130.145 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
US. (DIAL) 		n/a US:microsoft.com
US:download.microsoft.com
US:192.221.110.125:80
US:199.93.53.125:80
US:8.12.202.125:80 		135 pcap raw alerts
ruleset 		other
75 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 32		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
73f1082158
[Firefox:82 hits: 06-18 to 06-25] 		none[4]
73f1082158[1] 		none:none
ASM:Graph
 tElock|
Armadillo| 		none
lines=81 		trace
trace
T:12:09:00 Win2K-f 67.62.51.160 (CAVTEL.NET):
CAVALIER,
BALTIMORE, MARYLAND, US. 		n/a   135 pcap raw alerts
ruleset 		other
18 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
T:12:12:00 WinXP 119.72.49.153 (-):
. 		n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		25 of 25 7f60162c2c
[Firefox:1355 hits: 12-31 to 06-25] 		1aad8e4632 [0] ASM:Graph
 PolyEnE| lines=93
embedded dns 		trace
12:29:00 WinXP 118.87.29.72 (-):
. 		n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 		135 pcap raw alerts
ruleset 		other
122 lines 		Yeah : 1.3
profile 		none summary
tarball 		31 of 33
29 of 33		 e4adeadeca
NEW
e6a2c2e247
NEW 		none[none]
none [none] 		none:none
none:none
 none|none
none|none 		none
none 		none
none
T:12:36:00 Win2K-f 209.29.94.250 (TELUS.COM):
TELUS COMMUNICATIONS INC,
TORONTO, ONTARIO, CA. (DIAL) 		n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 		135 pcap raw alerts
ruleset 		other
76 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 32		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
73f1082158
[Firefox:82 hits: 06-18 to 06-25] 		none[4]
73f1082158[1] 		none:none
ASM:Graph
 tElock|
Armadillo| 		none
lines=81 		trace
trace
12:39:00 WinXP 4.240.213.55 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
ANGEL FIRE, NEW MEXICO, US. (DIAL) 		n/a   445 pcap raw alerts
ruleset 		shell
3 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
13:02:00 WinXP 82.79.253.7 (RDSNET.RO):
RCS-RDS-CABLELINK,
BAIA MARE, MARAMURES, RO. 		n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		32 of 33 8a79fbda68
NEW 		none[none] none:none
 none|none none none
T:13:22:00 WinXP 172.162.198.226 (AOL.COM):
AMERICA ONLINE,
US. 		n/a   135 pcap raw alerts
ruleset 		other
11 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
13:24:00 WinXP 98.105.219.182 (-):
. 		n/a   445 pcap raw alerts
ruleset 		shell
shell
ftp
21 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
13:26:00 Win2K-f 59.103.3.248 (-):
. 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
17 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
13:40:00 Win2K-f 196.208.97.51 (TELKOM-IPNET.CO.ZA):
AFRINIC,
CAPE TOWN, WESTERN CAPE, ZA. 		n/a US:microsoft.com
US:download.microsoft.com
US:198.78.220.126:80
US:207.123.37.125:80
US:8.12.202.125:80 		135 pcap raw alerts
ruleset 		other
82 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 33		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
57ce4acac2
[Firefox:22 hits: 06-17 to 06-25] 		none[4]
57ce4acac2[1] 		none:none
ASM:Graph
 tElock|
Armadillo| 		none
lines=81 		trace
trace
13:52:00 WinXP 96.15.211.79 (-):
. 		n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:192.221.110.126:80
US:199.93.53.125:80
US:4.23.60.126:80 		135 pcap raw alerts
ruleset 		other
113 lines 		Yeah : 1.3
profile 		none summary
tarball 		28 of 33
31 of 33		 6d86a1ff5a
NEW
7f6e032fc0
NEW 		none[none]
none [none] 		none:none
none:none
 none|none
none|none 		none
none 		none
none
14:04:00 WinXP 66.76.167.120 (COX-INTERNET.COM):
SUDDENLINK COMMUNICATIONS,
TYLER, TEXAS, US. 		n/a US:microsoft.com
US:download.microsoft.com
US:199.93.41.126:80
US:204.160.126.126:80
US:207.123.46.125:80 		135 pcap raw alerts
ruleset 		other
59 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
8 of 33		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
b7082104e4
[Firefox: 9 hits: 06-18 to 06-24] 		none[4]
none [4] 		none:none
none:none
 tElock|
tElock| 		none
none 		trace
trace
14:29:00 Win2K-f 80.41.190.112 (AS9105.COM):
TISCALI UK LTD,
LONDON, ENGLAND, UK. (DSL) 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
16 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
T:14:36:00 WinXP 4.226.12.106 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
DALLAS, TEXAS, US. (DIAL) 		n/a   135 pcap raw alerts
ruleset 		other
6 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:14:40:00 WinXP 87.57.189.144 (IP.TELE.DK):
TELEDANMARK,
DK. 		n/a   445 pcap raw alerts
ruleset 		other
0 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:14:53:00 Win2K-f 92.40.25.147 (IKBCC.COM):
EU-ZZ,
UK. 		217.170.244.2:443  
CZ:217.170.244.2:443
CZ:82.114.64.251:443 		445 pcap raw alerts
ruleset 		shell
ftp
irc
36 lines 		Yeah : 1.8
profile 		none summary
tarball 		25 of 28 7fdfe363d5
[Firefox:2723 hits: 12-31 to 06-25] 		10862ea8b8 [0] ASM:Graph
 FSG| lines=1933
embedded dns 		trace
15:09:00 Win2K-f 216.30.232.170 (AUSTINCPAAC.COM):
FIBERNET OF WEST VIRGINIA,
CHARLESTON, WEST VIRGINIA, US. (100Mbps) 		n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80 		135 pcap raw alerts
ruleset 		other
113 lines 		Yeah : 1.3
profile 		none summary
tarball 		none
none		 dc20b6fe59
[Firefox: 2 hits: 06-23 to 06-25]
f97070ef2b
[Firefox: 2 hits: 06-23 to 06-25] 		dc20b6fe59 [1]
none [4] 		ASM:Graph
none:none
 Armadillo|
PolyEnE| 		lines=81
none 		trace
trace
T:15:09:00 Win2K-f 208.127.234.211 (DSLEXTREME.COM):
DSL EXTREME,
WINNETKA, CALIFORNIA, US. 		n/a US:microsoft.com
:proxim.ircgalaxy.pl
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 		135 pcap raw alerts
ruleset 		other
113 lines 		Yeah : 1.3
profile 		none summary
tarball 		29 of 33
30 of 33		 2ef2f78792
[Firefox: 3 hits: 06-21 to 06-22]
b7a332eb7c
[Firefox: 3 hits: 06-21 to 06-22] 		2ef2f78792 [1]
none [4] 		ASM:Graph
none:none
 Armadillo|
tElock| 		lines=82
none 		trace
trace
15:14:00 WinXP 80.191.115.169 (-):
REGIONAL LIBRARAY OF SCIENCE AND TECHNOLOGY,
SHIRAZ, FARS, IR. 		n/a DE:siliconfireware.ru
:www.proxy-socks.net
:wpad
DE:212.227.111.29:80
DE:217.11.54.126:80
EU:78.47.200.154:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		29 of 29 a12cab51ef
[Firefox:1066 hits: 05-01 to 06-25] 		40f7f463c4 [0] ASM:Graph
 ASPack| lines=281
embedded dns 		trace
T:15:26:00 Win2K-f 85.240.200.158 (DSL.TELEPAC.PT):
PT.COM - COMUNICACOES INTERACTIVAS S.A,
LEIRIA, LEIRIA, PT. (DSL) 		n/a US:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
15 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1532 hits: 04-27 to 06-25] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
15:46:00 Win2K-f 71.148.35.37 (SBCGLOBAL.NET):
KASSA KASSA,
PLANO, TEXAS, US. (DSL) 		n/a US:microsoft.com
US:download.microsoft.com
US:205.128.79.124:80
US:207.123.46.125:80
US:8.12.202.125:80 		135 pcap raw alerts
ruleset 		other
75 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 33		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
a08f3b74a4
[Firefox:71 hits: 06-18 to 06-25] 		none[4]
a08f3b74a4[1] 		none:none
ASM:Graph
 tElock|
Armadillo| 		none
lines=81 		trace
trace
15:47:00 WinXP 218.168.156.64 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a   445 pcap raw alerts
ruleset 		shell
3 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
15:47:00 WinXP 24.84.52.42 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
BURNABY, BRITISH COLUMBIA, CA. (DSL) 		n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:205.128.79.124:80
US:207.123.46.125:80
US:8.12.202.125:80 		135 pcap raw alerts
ruleset 		other
120 lines 		Yeah : 1.3
profile 		none summary
tarball 		32 of 33
29 of 33		 1a3a423319
NEW
d4c7af762e
NEW 		none[none]
none [none] 		none:none
none:none
 none|none
none|none 		none
none 		none
none
T:16:01:00 WinXP 218.168.156.64 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 		n/a   445 pcap raw alerts
ruleset 		shell
3 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
16:12:00 WinXP 59.104.27.235 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a   135 pcap raw alerts
ruleset 		other
1040 lines 		Yeah : 1.3
profile 		none summary
tarball 		28 of 33 fef22f6b67
NEW 		none[none] none:none
 none|none none none
T:16:37:00 WinXP 66.53.215.204 (MDSG-PACWEST.COM):
PAC-WEST MANAGED MODEM NAS POOL,
LOS ANGELES, CALIFORNIA, US. 		n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		29 of 29 a0139d7ad8
[Firefox:442 hits: 05-02 to 06-23] 		d9e9662db1 [0] ASM:Graph
 PolyEnE| lines=68 trace
16:38:00 WinXP 66.220.226.13 (VERMONTEL.NET):
VERMONT TELEPHONE COMPANY INC,
CHESTER, VERMONT, US. 		n/a US:www.yahoo.com
US:www.altavista.com
:jbeegvia.ru 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		31 of 32 17028f1eda
[Firefox:14 hits: 09-29 to 06-25] 		none[3] none:none
 tElock| none trace
16:39:00 Win2K-f 4.91.135.231 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
US. 		n/a US:microsoft.com
US:download.microsoft.com
US:199.93.44.124:80 		135 pcap raw alerts
ruleset 		other
77 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 32		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
73f1082158
[Firefox:82 hits: 06-18 to 06-25] 		none[4]
73f1082158[1] 		none:none
ASM:Graph
 tElock|
Armadillo| 		none
lines=81 		trace
trace
T:16:40:00 WinXP 24.69.99.242 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. (DSL) 		n/a US:microsoft.com
US:download.microsoft.com
:proxim.ircgalaxy.pl
US:199.93.41.126:80 		135 pcap raw alerts
ruleset 		http
96 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
29 of 33
0 of 33		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
9755a5d861
[Firefox: 3 hits: 06-21 to 06-25]
e07c29c4ae
[Firefox:33 hits: 06-19 to 06-25] 		none[4]
9755a5d861[1]
e07c29c4ae[1] 		none:none
ASM:Graph
ASM:Graph
 tElock|
Armadillo|
FSG| 		none
lines=81
lines=92 		trace
trace
trace
16:47:00 Win2K-f 24.222.241.105 (EASTLINK.CA):
EASTLINK,
BEDFORD, NOVA SCOTIA, CA. 		n/a US:microsoft.com
US:download.microsoft.com
US:192.221.99.126:80 		135 pcap raw alerts
ruleset 		other
75 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 33		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
a08f3b74a4
[Firefox:71 hits: 06-18 to 06-25] 		none[4]
a08f3b74a4[1] 		none:none
ASM:Graph
 tElock|
Armadillo| 		none
lines=81 		trace
trace
T:16:54:00 Win2K-f 200.43.90.191 (NET.AR):
MIDAS-TELECOM,
BUENOS AIRES, BUENOS AIRES, AR. 		n/a US:hail.dns2go.com 445 pcap raw alerts
ruleset 		ftp
irc
23 lines 		Yeah : 0.8
profile 		none summary
tarball 		21 of 32 5f78ff609d
[Firefox:1532 hits: 04-27 to 06-25] 		d4a06bdc3a [0] ASM:Graph
 none|none lines=4 trace
T:17:15:00 Win2K-f 206.171.178.219 (LEMOORENET.COM):
LEMOORE NET,
LEMOORE, CALIFORNIA, US. 		n/a US:microsoft.com
US:download.microsoft.com
US:199.93.41.124:80 		135 pcap raw alerts
ruleset 		http
89 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 33
0 of 32		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
a08f3b74a4
[Firefox:71 hits: 06-18 to 06-25]
b5919931fe
[Firefox:31 hits: 06-20 to 06-25] 		none[4]
a08f3b74a4[1]
b5919931fe[1] 		none:none
ASM:Graph
ASM:Graph
 tElock|
Armadillo|
ASProtect| 		none
lines=81
lines=90 		trace
trace
trace
17:25:00 Win2K-f 190.84.21.201 (CABLE.NET.CO):
TV CABLE S.A,
SANTAFé DE BOGOTá, DISTRITO CAPITAL, CO. (DSL) 		n/a US:hail.dns2go.com
CN:scorti1.dns2go.com
US:208.101.48.210:7000
CN:61.185.73.17:7000 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		18 of 32 7e28dac8de
[Firefox:27 hits: 04-27 to 06-06] 		none[4] none:none
 none|none none trace
17:34:00 Win2K-f 68.243.79.186 (SPCSDNS.NET):
SPRINT PCS,
RESTON, VIRGINIA, US. (DSL) 		n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80 		135 pcap raw alerts
ruleset 		other
88 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 32		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
73f1082158
[Firefox:82 hits: 06-18 to 06-25] 		none[4]
73f1082158[1] 		none:none
ASM:Graph
 tElock|
Armadillo| 		none
lines=81 		trace
trace
17:38:00 WinXP 118.86.201.168 (-):
. 		n/a DE:siliconfireware.ru
GB:new.egg.com
:wpad
DE:212.227.111.29:80
DE:217.11.54.126:80
GB:217.145.225.22:80
EU:78.47.200.154:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		29 of 29 a12cab51ef
[Firefox:1066 hits: 05-01 to 06-25] 		40f7f463c4 [0] ASM:Graph
 ASPack| lines=281
embedded dns 		trace
T:17:45:00 WinXP 4.228.219.104 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
LAS VEGAS, NEVADA, US. (DIAL) 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		31 of 33 0655ae8aff
NEW 		none[none] none:none
 none|none none none
T:18:03:00 WinXP 70.125.96.56 (RR.COM):
ROAD RUNNER HOLDCO LLC,
DEATSVILLE, ALABAMA, US. 		n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 1.3
profile 		none summary
tarball 		26 of 28 7d99b0e910
[Firefox:3095 hits: 12-31 to 06-25] 		7a70e1b592 [0] ASM:Graph
 PolyEnE| lines=68 trace
18:27:00 WinXP 130.13.55.61 (QWEST.NET):
QWEST BROADBAND SERVICES INC,
PHOENIX, ARIZONA, US. 		69.42.216.90:9890 :f.unicat.org
69.42.216.90:9890 		445 pcap raw alerts
ruleset 		ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		13 of 31 e8d4d8cde1
[Firefox:291 hits: 03-31 to 06-13] 		fda109a6fd [0] ASM:Graph
 ASProtect| lines=583
embedded dns 		trace
T:18:28:00 WinXP 151.118.190.188 (QWEST.NET):
QWEST BROADBAND,
PHOENIX, ARIZONA, US. 		n/a EU:siliconfireware.ru
US:searchportal.information.com
US:sprw.information.com
US:spi.domainsponsor.com
:www.proxy-socks.net
:wpad 		445 pcap raw alerts
ruleset 		http
http
http
15 lines 		Yeah : 0.8
profile 		none summary
tarball 		29 of 29 a12cab51ef
[Firefox:1066 hits: 05-01 to 06-25] 		40f7f463c4 [0] ASM:Graph
 ASPack| lines=281
embedded dns 		trace
T:18:34:00 WinXP 130.13.55.61 (QWEST.NET):
QWEST BROADBAND SERVICES INC,
PHOENIX, ARIZONA, US. 		69.42.216.90:9890 :f.unicat.org 445 pcap raw alerts
ruleset 		ftp
irc
40 lines 		Yeah : 1.3
profile 		none summary
tarball 		13 of 31 e8d4d8cde1
[Firefox:291 hits: 03-31 to 06-13] 		fda109a6fd [0] ASM:Graph
 ASProtect| lines=583
embedded dns 		trace
T:18:38:00 Win2K-f 89.214.68.10 (-):
TMN - TELECOMUNICACOES MOVEIS NACIONAIS SA,
PT. 		217.170.244.2:443 :proxim.ircgalaxy.pl
CZ:217.170.244.2:443
CZ:82.114.64.251:443 		445 pcap raw alerts
ruleset 		shell
ftp
irc
29 lines 		Yeah : 1.8
profile 		none summary
tarball 		31 of 33 f783b1c9c7
NEW 		none[none] none:none
 none|none none none
18:44:00 Win2K-f 58.226.13.80 (HANANET.NET):
HANARO TELECOM INC,
KR. 		n/a US:microsoft.com
:proxima.ircgalaxy.pl
US:download.microsoft.com
US:199.93.53.125:80 		135 pcap raw alerts
ruleset 		other
86 lines 		Yeah : 1.3
profile 		none summary
tarball 		31 of 33
0 of 33		 168aab35a3
[Firefox:13 hits: 06-17 to 06-22]
4c3df24b32
[Firefox:21 hits: 06-17 to 06-23] 		none[4]
4c3df24b32[1] 		none:none
ASM:Graph
 tElock|
Armadillo| 		none
lines=81 		trace
trace
18:50:00 WinXP 58.91.50.27 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
15 lines 		Yeah : 1.3
profile 		none summary
tarball 		29 of 29 831f4ee0a7
[Firefox:656 hits: 07-11 to 06-24] 		eb7546c600 [0] ASM:Graph
 none|none lines=61 trace
18:58:00 WinXP 4.162.231.193 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
MCKINNEY, TEXAS, US. (DIAL) 		n/a  
CZ:217.170.244.2:443
CZ:82.114.64.251:443 		445 pcap raw alerts
ruleset 		shell
ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		25 of 28 7fdfe363d5
[Firefox:2723 hits: 12-31 to 06-25] 		10862ea8b8 [0] ASM:Graph
 FSG| lines=1933
embedded dns 		trace
19:01:00 WinXP 216.27.123.254 (PRIMELINK1.NET):
PRIMELINK INC,
PLATTSBURGH, NEW YORK, US. 		n/a   135 pcap raw alerts
ruleset 		other
7 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:19:18:00 Win2K-f 218.238.212.115 (HANANET.NET):
HANARO TELECOM INC,
POHANG, CHEJU-DO, KR. 		n/a :proxima.ircgalaxy.pl 139 pcap raw alerts
ruleset 		shell
http
ftp
8 lines 		Yeah : 1.3
profile 		none summary
tarball 		31 of 33 9068b365f2
NEW 		none[none] none:none
 none|none none none
T:19:23:00 Win2K-f 24.77.151.82 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
VERNON, BRITISH COLUMBIA, CA. 		n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 		135 pcap raw alerts
ruleset 		other
113 lines 		Yeah : 1.3
profile 		none summary
tarball 		28 of 33
30 of 33		 12df83cb4f
[Firefox: 3 hits: 06-19 to 06-24]
2e7dc3f066
[Firefox: 3 hits: 06-19 to 06-24] 		12df83cb4f [1]
none [4] 		ASM:Graph
none:none
 Armadillo|
tElock| 		lines=82
none 		trace
trace
T:19:28:00 Win2K-f 209.127.92.18 (-):
MEADOR COMPANY,
PASADENA, TEXAS, US. 		n/a   135 pcap raw alerts
ruleset 		other
18 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
T:19:37:00 Win2K-f 4.131.209.109 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
POLLOCK PINES, CALIFORNIA, US. (DIAL) 		217.170.244.2:443  
CZ:217.170.244.2:443 		445 pcap raw alerts
ruleset 		shell
ftp
irc
29 lines 		Yeah : 1.8
profile 		none summary
tarball 		25 of 28 7fdfe363d5
[Firefox:2723 hits: 12-31 to 06-25] 		10862ea8b8 [0] ASM:Graph
 FSG| lines=1933
embedded dns 		trace
T:19:38:00 WinXP 64.38.66.192 (SPEAKEASY.NET):
US. 		n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 		135 pcap raw alerts
ruleset 		other
112 lines 		Yeah : 1.3
profile 		none summary
tarball 		28 of 33
30 of 33		 aa152fbe50
NEW
c8509af349
NEW 		none[none]
none [none] 		none:none
none:none
 none|none
none|none 		none
none 		none
none
19:54:00 Win2K-f 4.154.205.144 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
SPRINGFIELD, MASSACHUSETTS, US. (DIAL) 		n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 		135 pcap raw alerts
ruleset 		other
75 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 33		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
a08f3b74a4
[Firefox:71 hits: 06-18 to 06-25] 		none[4]
a08f3b74a4[1] 		none:none
ASM:Graph
 tElock|
Armadillo| 		none
lines=81 		trace
trace
T:20:03:00 Win2K-f 98.133.191.132 (-):
ALLTEL SIP CUSTOMERS - ATLANTA,
ATLANTA, GEORGIA, US. 		n/a :proxim.ircgalaxy.pl
CA:dong.nagitiriheiwu.net 		445 pcap raw alerts
ruleset 		shell
ftp
irc
http
27 lines 		Yeah : 1.3
profile 		none summary
tarball 		29 of 33
none		 47d63d7107
NEW
5fc82b3c06
NEW 		none[none]
none [none] 		none:none
none:none
 none|none
none|none 		none
none 		none
none
T:20:25:00 WinXP 125.197.252.140 (MESH.AD.JP):
NEC CORPORATION,
JP. 		n/a :proxima.ircgalaxy.pl
US:mx1.hotmail.com
US:mailin-04.mx.aol.com
SE:ftp.icq.com
US:mailin-01.mx.aol.com
US:yutunrz.1dumb.com 		445 pcap raw alerts
ruleset 		shell
ftp
http
31 lines 		Yeah : 1.3
profile 		none summary
tarball 		32 of 33 849a9ea382
NEW 		none[none] none:none
 none|none none none
20:38:00 WinXP 69.150.181.202 (SWBELL.NET):
STLSMO ADSL BRAS1 PPPOX,
ST. LOUIS, MISSOURI, US. (DSL) 		n/a SE:kavkazcenter.com
SE:kavkazcenter.net
FI:kavkazchat.com
US:chechenpress.info
GB:chechenpress.co.uk
:shaheeds.org
:daymohk.info
:chripress.org
:marsho.dk
RU:www.bbin.ru
:wpad
DE:siliconfireware.ru
RU:195.200.213.52:80
GB:217.194.210.198:80
US:69.25.142.48:80
US:72.29.65.216:80
FI:80.81.183.162:80
SE:88.80.5.157:80
SE:88.80.5.15:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		29 of 29 ab5e47bf8d
[Firefox:52 hits: 05-10 to 06-23] 		none[3] none:none
 ASPack| none trace
20:42:00 WinXP 123.50.70.135 (-):
MANA INTERNET SERVICE PROVIDER,
PAPEETE, FRENCH POLYNESIA, PF. 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
14 lines 		Yeah : 0.8
profile 		none summary
tarball 		31 of 32 741e3b03b3
[Firefox:72 hits: 09-28 to 06-25] 		e0197e8a64 [0] ASM:Graph
 none|none lines=62 trace
T:20:42:00 WinXP 61.231.145.28 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAOYUAN, T'AI-WAN, TW. 		n/a :proxima.ircgalaxy.pl 445 pcap raw alerts
ruleset 		http
5 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:21:12:00 Win2K-f 98.132.184.133 (-):
ALLTEL SIP CUSTOMERS - CHARLOTTE,
WAUKEGAN, ILLINOIS, US. 		217.170.244.2:443   445 pcap raw alerts
ruleset 		shell
ftp
irc
27 lines 		Yeah : 1.8
profile 		none summary
tarball 		25 of 28 7fdfe363d5
[Firefox:2723 hits: 12-31 to 06-25] 		10862ea8b8 [0] ASM:Graph
 FSG| lines=1933
embedded dns 		trace
21:15:00 Win2K-f 4.242.141.73 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
US. (DIAL) 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
19 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
21:16:00 WinXP 221.142.178.40 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 		n/a :proxima.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 		135 pcap raw alerts
ruleset 		other
86 lines 		Yeah : 1.3
profile 		none summary
tarball 		0 of 33
31 of 33		 a08f3b74a4
[Firefox:71 hits: 06-18 to 06-25]
ddd2a2b264
NEW 		a08f3b74a4 [1]
none [4] 		ASM:Graph
none:none
 Armadillo|
tElock| 		lines=81
none 		trace
trace
T:21:41:00 Win2K-f 59.115.129.85 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 		217.170.244.2:443 :proxima.ircgalaxy.pl 445 pcap raw alerts
ruleset 		shell
ftp
irc
31 lines 		Yeah : 1.8
profile 		none summary
tarball 		31 of 33 d7b333c3a4
NEW 		none[none] none:none
 none|none none none
T:21:59:00 WinXP 4.226.165.215 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
MEMPHIS, TENNESSEE, US. (DIAL) 		194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 1.3
profile 		none summary
tarball 		26 of 28 7d99b0e910
[Firefox:3095 hits: 12-31 to 06-25] 		7a70e1b592 [0] ASM:Graph
 PolyEnE| lines=68 trace
T:22:29:00 WinXP 61.221.133.226 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
KAOHSIUNG, KAO-HSIUNG, TW. 		n/a US:microsoft.com
US:download.microsoft.com 		135 pcap raw alerts
ruleset 		http
76 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 33		 53bfe15e91
[Firefox:202 hits: 06-17 to 06-25]
57ce4acac2
[Firefox:22 hits: 06-17 to 06-25] 		none[4]
57ce4acac2[1] 		none:none
ASM:Graph
 tElock|
Armadillo| 		none
lines=81 		trace
trace
T:22:49:00 WinXP 122.106.127.147 (OPTUSNET.COM.AU):
OPTUS INTERNET - RETAIL,
SYDNEY, NEW SOUTH WALES, AU. 		n/a   135 pcap raw alerts
ruleset 		other
18 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
23:42:00 WinXP 79.42.240.136 (SRC.ORG):
TELECOM ITALIA NET,
ROME, LAZIO, IT. 		n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		29 of 29 d42c1cc7c0
[Firefox:305 hits: 05-01 to 06-25] 		af9ca5bed1 [0] ASM:Graph
 PolyEnE| lines=54 trace
T:23:42:00 WinXP 79.42.240.136 (SRC.ORG):
TELECOM ITALIA NET,
ROME, LAZIO, IT. 		n/a   445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		29 of 29 d42c1cc7c0
[Firefox:305 hits: 05-01 to 06-25] 		af9ca5bed1 [0] ASM:Graph
 PolyEnE| lines=54 trace