Multiperspective Malware Analysis Page

Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

28 June 2008
<prev> <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]

Time
Victim
OS
Infection
Source
C&C
Server
DNS Lookups &
Failed Connects Infection
Port
Packet
Trace
Detection
Signatures
Infection
Chatter
BotHunter
Analysis
Behavioral
Cluster
Forensic
Logs
Antivirus
Labels
Packed Malware_Binary Unpacked egg.exe
Unpacked egg.asm
Packer PEID
Data Strings
Syscall Trace

T:00:07:00 Win2K-f 77.20.209.218 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 31 of 32 d601941576
NEW none[none] none:none
none|none none none

00:20:00 WinXP 123.254.2.25 (PIKARA.NE.JP):
STNET INCORPORATED,
TAKAMATSU, KAGAWA, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:00:20:00 Win2K-f 118.240.193.171 (-):
. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:00:21:00 Win2K-f 118.237.17.166 (-):
. n/a 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 31 of 33 da36e2acf7
NEW none[none] none:none
none|none none none

00:22:00 WinXP 60.239.55.63 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 1.3
profile none summary
tarball 29 of 29 831f4ee0a7
[Firefox:662 hits: 07-11 to 06-27] eb7546c600 [0] ASM:Graph
none|none lines=61 trace

00:22:00 Win2K-f 85.179.18.67 (ALICEDSL.DE):
HANSENET-ADSL,
DE. (DSL) n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 21 of 32 80887f3824
NEW none[none] none:none
none|none none none

T:00:23:00 Win2K-f 220.102.214.109 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

00:26:00 WinXP 59.103.14.57 (-):
. n/a EU:siliconfireware.ru
GB:welcome3.smile.co.uk
:wpad
GB:195.92.84.198:80
DE:212.227.111.29:80
DE:217.11.54.126:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 a12cab51ef
[Firefox:1073 hits: 05-01 to 06-27] 40f7f463c4 [0] ASM:Graph
ASPack| lines=281
embedded dns trace

00:27:00 Win2K-f 222.146.121.197 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
TOKYO, TOKYO, JP. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 29 of 33 9d32aaa9ba
NEW none[none] none:none
none|none none none

T:00:29:00 WinXP 220.138.39.229 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 217.170.244.2:443 445 pcap raw alerts
ruleset shell
ftp
irc
28 lines Yeah : 1.8
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2746 hits: 12-31 to 06-27] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

T:00:31:00 Win2K-f 217.30.154.30 (NET.PL):
STATIC BROADBAND SERVICES,
WROCLAW, DOLNOSLASKIE, PL. (DIAL) n/a 445 pcap raw alerts
ruleset ftp
21 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:00:32:00 Win2K-f 91.64.178.71 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
19 lines Yeah : 1.3
profile none summary
tarball 32 of 33 037d04feed
NEW none[none] none:none
none|none none none

T:00:33:00 WinXP 78.97.26.164 (ASTRAL.RO):
ASTRAL TELECOM SA,
RO. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
46 lines Yeah : 1.8
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

00:40:00 Win2K-f 218.43.172.21 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
SASEBO, NAGASAKI, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

00:45:00 Win2K-f 77.20.208.195 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset other
24 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:00:48:00 Win2K-f 221.188.188.11 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:00:49:00 WinXP 118.6.139.236 (-):
. 69.247.147.113:12351 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
49 lines Yeah : 1.8
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:00:53:00 WinXP 123.254.9.137 (PIKARA.NE.JP):
STNET INCORPORATED,
TAKAMATSU, KAGAWA, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 e3460d2a4a
NEW none[none] none:none
none|none none none

00:54:00 Win2K-f 210.151.139.129 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

00:55:00 WinXP 88.134.88.123 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 32 3dab831bee
NEW none[none] none:none
none|none none none

00:58:00 Win2K-f 83.234.145.57 (-):
(IR001812) BAYKALPHONECOMPANY,
RU. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
20 lines Yeah : 1.3
profile none summary
tarball 13 of 33 18101f06ca
NEW none[none] none:none
none|none none none

T:01:00:00 WinXP 222.149.49.183 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
37 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:01:11:00 Win2K-f 92.47.84.247 (IKBCC.COM):
EU-ZZ,
UK. n/a US:hail.dns2go.com
SA:scorti1.dns2go.com
US:208.101.48.210:7000 445 pcap raw alerts
ruleset ftp
19 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1542 hits: 04-27 to 06-27] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

01:11:00 Win2K-f 123.254.1.48 (PIKARA.NE.JP):
STNET INCORPORATED,
TAKAMATSU, KAGAWA, JP. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 32 c9825e1fd3
NEW none[none] none:none
none|none none none

01:11:00 WinXP 119.94.163.212 (-):
. n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:204.2.133.57:80
US:204.2.133.73:80 135 pcap raw alerts
ruleset other
113 lines Yeah : 1.3
profile none summary
tarball 29 of 32
32 of 33 43efc9961b
NEW
e816be3cf1
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

01:11:00 Win2K-f 78.8.22.73 (NET.PL):
DIALOG,
WROCLAW, DOLNOSLASKIE, PL. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
21 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

01:15:00 WinXP 118.3.249.57 (-):
. n/a 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 1.3
profile none summary
tarball 31 of 32 741e3b03b3
[Firefox:80 hits: 09-28 to 06-27] e0197e8a64 [0] ASM:Graph
none|none lines=62 trace

T:01:16:00 Win2K-f 220.105.61.227 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 69.247.147.113:13001 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
48 lines Yeah : 1.8
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

01:19:00 Win2K-f 125.174.25.216 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a :proxima.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 b6075d6a91
NEW none[none] none:none
none|none none none

01:24:00 Win2K-f 218.44.80.254 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:01:25:00 Win2K-f 41.249.252.178 (IAM.NET.MA):
AFRINIC,
MA. n/a US:game.qtas.net 445 pcap raw alerts
ruleset http
16 lines Yeah : 0.8
profile none summary
tarball 2 of 33 d4010bbd11
NEW none[none] none:none
none|none none none

T:01:25:00 WinXP 61.34.136.54 (BORA.NET):
DACOM CORP,
SEOUL, KYONGGI-DO, KR. n/a US:microsoft.com
US:download.microsoft.com
US:12.190.48.97:80 135 pcap raw alerts
ruleset http
96 lines Yeah : 1.3
profile none summary
tarball 0 of 33
29 of 32
0 of 33 57ce4acac2
[Firefox:25 hits: 06-17 to 06-27]
83f26f5044
[Firefox: 2 hits: 06-20 to 06-24]
e07c29c4ae
[Firefox:39 hits: 06-19 to 06-27] 57ce4acac2 [1]
none [4]
e07c29c4ae[1] ASM:Graph
none:none
ASM:Graph
Armadillo|
tElock|
FSG| lines=81
none
lines=92 trace
trace
trace

T:01:26:00 WinXP 118.105.147.5 (-):
. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
40 lines Yeah : 1.8
profile none summary
tarball 30 of 33 505238d7ef
NEW none[none] none:none
none|none none none

T:01:32:00 Win2K-f 81.71.239.112 (WANADOO.NL):
WANADOO NEDERLAND BV,
MILANO, LOMBARDIA, IT. (DSL) n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 23 of 33 cf153403d1
NEW none[none] none:none
none|none none none

01:32:00 WinXP 213.155.174.16 (DELTANET.PL):
AMSK,
SZCZECIN, ZACHODNIOPOMORSKIE, PL. (100Mbps) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 27 of 33 3f81d961cf
NEW none[none] none:none
none|none none none

T:01:35:00 Win2K-f 211.135.246.168 (MESH.AD.JP):
BIGLOBE-CIDR-BLK,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

01:36:00 WinXP 60.33.43.60 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:01:37:00 WinXP 122.146.240.3 (SPARQNET.NET):
NEW CENTURY INFOCOMM TECH. CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a 135 pcap raw alerts
ruleset other
18 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

01:39:00 Win2K-f 220.229.78.210 (SPARQNET.NET):
NEW CENTURY INFOCOMM TECH CO. LTD,
KAOHSIUNG, KAO-HSIUNG, TW. (DSL) n/a US:microsoft.com
US:download.microsoft.com
US:12.190.48.65:80
US:12.190.48.97:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:248 hits: 06-17 to 06-27]
73f1082158
[Firefox:98 hits: 06-18 to 06-27] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:01:48:00 WinXP 92.17.51.94 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. 69.247.147.113:13001 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
52 lines Yeah : 1.8
profile none summary
tarball 20 of 33 962e6b9fcf
NEW none[none] none:none
none|none none none

T:01:50:00 Win2K-f 217.211.149.44 (TELIA.COM):
TELIA NETWORK SERVICES,
UMEå, VASTERBOTTEN, SE. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 70e613ae4c
NEW none[none] none:none
none|none none none

T:01:55:00 Win2K-f 88.134.84.253 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

01:56:00 Win2K-f 91.36.251.146 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
DE. (DIAL) n/a 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

01:58:00 WinXP 122.42.16.26 (-):
POWERCOMM,
KR. n/a :proxim.ircgalaxy.pl
US:mx1.hotmail.com
BE:ftp.scarlet.be
US:maila.microsoft.com
US:yutunrz.1dumb.com
US:mailin-02.mx.aol.com
SE:ftp.icq.com
US:mcduii.3-a.net
CA:xx.sqlteam.info
:jdjsloy.dynserv.com
**:wyqggvow.afraid.org
:nttstziinpa.hn.org
US:fcnhysydw.yi.org
CA:xx.enterhere.biz
US:dlivmg.1dumb.com
US:neytteybbo.3-a.net
:fzzdik.dynserv.com
:pkvgzaecagx.afraid.org
:yraqztt.hn.org
US:kpxvrvdefs.yi.org
US:qeqfsvxousx.1dumb.com
US:imtoey.3-a.net
:jrscqsshxs.dynserv.com
:yjjtuvsro.afraid.org
:firradbqzku.hn.org
US:dgwigom.yi.org
US:mfltoqgqt.1dumb.com
US:ksfvgfrf.3-a.net
:uhqoyjlu.dynserv.com
:bdtjkffl.afraid.org
:ipurfbqpsdj.hn.org
US:orugtuapnzu.yi.org
US:143.215.15.145:80
BE:193.74.22.160:80
SE:209.170.96.108:80
CA:67.43.236.98:5190
CA:67.43.236.99:5190 135 pcap raw alerts
ruleset other
701 lines Yeah : 1.3
profile none summary
tarball none 745ae23613
[Firefox: 2 hits: 06-23 to 06-27] none[4] none:none
PeCompact| none trace

T:02:02:00 Win2K-f 91.65.236.237 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 f7fe13b098
NEW none[none] none:none
none|none none none

02:04:00 Win2K-f 218.168.78.246 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a 445 pcap raw alerts
ruleset shell
ftp
16 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:02:04:00 Win2K-f 91.65.48.3 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
41 lines Yeah : 1.8
profile none summary
tarball 20 of 33 04165531d9
NEW none[none] none:none
none|none none none

02:07:00 WinXP 122.30.124.214 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 22 of 32 36e0a23eee
NEW none[none] none:none
none|none none none

T:02:14:00 WinXP 58.90.177.240 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
18 lines Yeah : 1.3
profile none summary
tarball 27 of 32 6c36e19037
[Firefox: 4 hits: 06-22 to 06-27] none[4] none:none
none|none none trace

02:17:00 Win2K-f 60.237.171.98 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:02:17:00 Win2K-f 85.177.103.23 (ALICEDSL.DE):
HANSENET-ADSL,
DE. (DSL) n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

02:22:00 Win2K-f 82.235.10.53 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 81a3e42a02
NEW none[none] none:none
none|none none none

T:02:28:00 WinXP 125.100.49.181 (UCOM.NE.JP):
IML,
JP. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
65 lines Yeah : 1.8
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

02:30:00 Win2K-f 123.222.251.57 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:02:33:00 Win2K-f 78.8.22.73 (NET.PL):
DIALOG,
WROCLAW, DOLNOSLASKIE, PL. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
49 lines Yeah : 1.8
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

02:34:00 Win2K-f 91.65.79.41 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 32 of 33 5f73d18a7b
NEW none[none] none:none
none|none none none

T:02:36:00 WinXP 213.170.208.65 (-):
DIAL SERVICES IP POOL,
IRAKLEION, IRAKLION (CRETE), GR. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
60 lines Yeah : 1.8
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

02:37:00 WinXP 217.211.149.44 (TELIA.COM):
TELIA NETWORK SERVICES,
UMEå, VASTERBOTTEN, SE. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 70e613ae4c
NEW none[none] none:none
none|none none none

T:02:45:00 Win2K-f 125.200.53.200 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 e7895f2da4
NEW none[none] none:none
none|none none none

T:02:48:00 Win2K-f 116.80.60.57 (INFOWEB.NE.JP):
INFOWEB(FUJITSU LTD.),
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

02:51:00 Win2K-f 82.234.37.37 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 19 of 32 6a76b8aff8
NEW none[none] none:none
none|none none none

02:53:00 Win2K-f 92.2.59.151 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a 445 pcap raw alerts
ruleset other
10 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:02:53:00 WinXP 119.11.76.96 (-):
. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
38 lines Yeah : 1.8
profile none summary
tarball 12 of 32 9c668a6e50
NEW none[none] none:none
none|none none none

02:54:00 WinXP 88.134.124.65 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 a8cc75cf36
NEW none[none] none:none
none|none none none

T:02:54:00 WinXP 78.148.60.73 (OPALTELECOM.NET):
OPAL TELECOMMUNICATIONS INTERNET SERVICE PROVIDER,
UK. n/a 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball 6 of 33 15072090fb
NEW none[none] none:none
none|none none none

T:02:58:00 WinXP 221.244.142.197 (UCOM.NE.JP):
N-OS,
JP. (100Mbps) 69.247.147.113:13001 :proxima.ircgalaxy.pl
US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
57 lines Yeah : 1.8
profile none summary
tarball 31 of 33 5c1c6b10f5
NEW none[none] none:none
none|none none none

T:02:59:00 WinXP 125.201.234.149 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. (DSL) 69.247.147.113:13001 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
47 lines Yeah : 1.8
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:03:02:00 Win2K-f 92.8.61.107 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 eab50c3dea
NEW none[none] none:none
none|none none none

T:03:05:00 Win2K-f 82.246.187.36 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. 69.247.147.113:13001 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
41 lines Yeah : 1.8
profile none summary
tarball 10 of 33 8c6b98ffe4
NEW none[none] none:none
none|none none none

03:05:00 Win2K-f 122.26.37.72 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

03:07:00 Win2K-f 123.218.2.14 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
40 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:03:09:00 WinXP 91.65.59.101 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. 69.247.147.113:12351 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
41 lines Yeah : 1.8
profile none summary
tarball 22 of 33 1da58eb89a
NEW none[none] none:none
none|none none none

03:13:00 WinXP 86.166.255.205 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
UK. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 21 of 33 7a680ee6ed
NEW none[none] none:none
none|none none none

03:16:00 WinXP 88.134.9.112 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 3b4a0f77ad
NEW none[none] none:none
none|none none none

T:03:24:00 WinXP 219.107.186.140 (MESH.AD.JP):
BIGLOBE-CIDR-BLK,
JP. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
18 lines Yeah : 1.3
profile none summary
tarball 31 of 33 9c304036ce
NEW none[none] none:none
none|none none none

03:28:00 WinXP 218.223.223.97 (CTT.NE.JP):
CABLE TELEVISION TOYAMA INCORPORETED,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:03:29:00 Win2K-f 88.134.95.234 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
http
41 lines Yeah : 1.3
profile none summary
tarball 31 of 33 58ba8e9efd
NEW none[none] none:none
none|none none none

T:03:31:00 Win2K-f 91.65.235.157 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:03:33:00 WinXP 80.129.68.150 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
GRIESHEIM, HESSEN, DE. 69.247.147.113:13001 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
50 lines Yeah : 1.8
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

03:35:00 WinXP 221.244.242.156 (UCOM.NE.JP):
USKT,
JP. (100Mbps) n/a :proxima.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 13 of 33 5e274d064b
NEW none[none] none:none
none|none none none

03:42:00 WinXP 60.56.218.231 (EONET.NE.JP):
K-OPTICOM CORPORATION,
OSAKA, OSAKA, JP. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 17 of 33 0a1e5d0968
NEW none[none] none:none
none|none none none

T:03:44:00 WinXP 24.106.224.53 (RR.COM):
ROAD RUNNER HOLDCO LLC,
COLUMBUS, OHIO, US. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

03:47:00 Win2K-f 86.147.235.197 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
LONDON, ENGLAND, UK. n/a 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

03:47:00 Win2K-f 81.28.113.172 (NS2.SAMA.JO):
INTERNET USERS (DSL DIALUP),
JO. (DSL) n/a 445 pcap raw alerts
ruleset ftp
20 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

03:49:00 WinXP 213.137.113.223 (ADSL1-010.PTT.YU):
JP PTTS SRBIJA,
CS. (DSL) n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:03:51:00 Win2K-f 83.103.222.87 (-):
ASTRAL-ALBA-DOCSIS,
RO. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 715a467a22
NEW none[none] none:none
none|none none none

03:53:00 WinXP 77.20.210.140 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 e7d78a305b
NEW none[none] none:none
none|none none none

T:03:59:00 Win2K-f 202.70.250.29 (ONINET.NE.JP):
OKAYAMA NETWORK INC,
OKAYAMA, OKAYAMA, JP. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

04:00:00 WinXP 118.1.42.241 (-):
. n/a :proxima.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 741b65507e
NEW none[none] none:none
none|none none none

T:04:05:00 WinXP 219.114.245.178 (ZAQ.NE.JP):
KITAKAWACHI CABLE NET CO LTD,
JP. n/a US:microsoft.com
US:download.microsoft.com
US:192.221.99.126:80
US:207.123.37.126:80
US:4.23.60.125:80 135 pcap raw alerts
ruleset other
78 lines Yeah : 1.3
profile none summary
tarball 0 of 33
33 of 33 2e45ae247e
NEW
53bfe15e91
[Firefox:248 hits: 06-17 to 06-27] none[none]
none [4] none:none
none:none
none|none
tElock| none
none none
trace

04:09:00 Win2K-f 88.134.222.130 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 32 of 33 d160f9372c
NEW none[none] none:none
none|none none none

T:04:10:00 Win2K-f 78.149.200.45 (OPALTELECOM.NET):
OPAL TELECOMMUNICATIONS INTERNET SERVICE PROVIDER,
UK. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 27 of 33 78422b8304
NEW none[none] none:none
none|none none none

04:11:00 WinXP 123.254.9.54 (PIKARA.NE.JP):
STNET INCORPORATED,
TAKAMATSU, KAGAWA, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:04:11:00 Win2K-f 91.67.201.241 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 32 of 33 399a88233f
NEW none[none] none:none
none|none none none

04:11:00 WinXP 85.152.188.225 (CM-85-152-59-10.TELECABLE.ES):
TELECABLE,
ES. (DSL) n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 31 of 32 1e5df7ba74
[Firefox:25 hits: 03-24 to 06-26] a5331b711f [0] ASM:Graph
PolyEnE| lines=68 trace

T:04:14:00 WinXP 61.229.31.253 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 217.170.244.2:443
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
irc
27 lines Yeah : 1.8
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2746 hits: 12-31 to 06-27] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

04:21:00 Win2K-f 220.96.236.31 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

04:27:00 Win2K-f 60.38.126.144 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:04:28:00 WinXP 81.41.34.99 (RIMA-TDE.NET):
TELEFONICA DE ESPANA SAU,
ES. 69.247.147.113:12351 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
55 lines Yeah : 1.8
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:04:36:00 Win2K-f 85.177.100.12 (ALICEDSL.DE):
HANSENET-ADSL,
HAMBURG, HAMBURG, DE. (DSL) n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:04:37:00 WinXP 91.65.248.76 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
47 lines Yeah : 1.8
profile none summary
tarball 19 of 33 5a4417c997
NEW none[none] none:none
none|none none none

T:04:38:00 Win2K-f 124.102.128.123 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:04:38:00 WinXP 211.212.0.79 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:207.123.37.126:80 135 pcap raw alerts
ruleset http
115 lines Yeah : 1.3
profile none summary
tarball 32 of 33
23 of 33
0 of 33 45c2c388ef
NEW
669d794740
NEW
e07c29c4ae
[Firefox:39 hits: 06-19 to 06-27] none[none]
none [none]
e07c29c4ae[1] none:none
none:none
ASM:Graph
none|none
none|none
FSG| none
none
lines=92 none
none
trace

T:04:42:00 WinXP 77.20.200.155 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 69.247.147.113:13001 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
42 lines Yeah : 1.8
profile none summary
tarball 32 of 33 037d04feed
NEW none[none] none:none
none|none none none

04:49:00 WinXP 218.167.85.193 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2746 hits: 12-31 to 06-27] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

04:51:00 WinXP 122.134.75.94 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 083800cc78
NEW none[none] none:none
none|none none none

T:04:52:00 WinXP 91.65.32.229 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
53 lines Yeah : 1.8
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:04:53:00 Win2K-f 78.151.65.148 (OPALTELECOM.NET):
OPAL TELECOMMUNICATIONS INTERNET SERVICE PROVIDER,
UK. 69.247.147.113:12351 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
43 lines Yeah : 1.8
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:04:54:00 WinXP 121.84.189.62 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. 69.247.147.113:12351 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
44 lines Yeah : 1.8
profile none summary
tarball 28 of 33 967f3e2619
NEW none[none] none:none
none|none none none

T:04:58:00 Win2K-f 91.65.222.151 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

05:00:00 WinXP 78.151.94.224 (OPALTELECOM.NET):
OPAL TELECOMMUNICATIONS INTERNET SERVICE PROVIDER,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
29 lines Yeah : 1.3
profile none summary
tarball 32 of 33 3f8d1c3246
NEW none[none] none:none
none|none none none

05:02:00 WinXP 124.102.153.91 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 1f7c55af5a
NEW none[none] none:none
none|none none none

T:05:04:00 WinXP 217.230.254.251 (T-DIALIN.NET):
DEUTSCHE TELEKOM AG,
BERLIN, BERLIN, DE. (DIAL) n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 ed7b4f1a74
NEW none[none] none:none
none|none none none

05:07:00 Win2K-f 124.13.133.162 (TM.NET.MY):
TELEKOM MALAYSIA BERHAD,
MY. n/a 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 29 of 33 27b7ae3960
NEW none[none] none:none
none|none none none

05:10:00 Win2K-f 60.254.230.105 (EMOBILE.AD.JP):
EMOBILE LTD,
TOKYO, TOKYO, JP. n/a :proxim.ircgalaxy.pl
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 31 of 33 ae9d781de1
NEW none[none] none:none
none|none none none

05:12:00 Win2K-f 91.65.32.229 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:05:16:00 WinXP 118.236.87.23 (-):
. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
41 lines Yeah : 1.8
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:05:18:00 Win2K-f 221.127.234.5 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 25 of 32 cd6fdcc911
NEW none[none] none:none
none|none none none

05:21:00 WinXP 122.26.224.231 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:mx1.hotmail.com
US:ftp.newaol.com
US:yutunrz.1dumb.com
US:maila.microsoft.com 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 31 of 33 c9bd83d1ec
NEW none[none] none:none
none|none none none

05:26:00 WinXP 124.85.109.124 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:05:29:00 Win2K-f 122.16.126.45 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

05:36:00 WinXP 122.133.164.101 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a US:dlivmg.1dumb.com
US:143.215.15.145:80 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 663bde7a19
NEW none[none] none:none
none|none none none

05:37:00 Win2K-f 92.8.157.194 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 12 of 33 ac164e8362
NEW none[none] none:none
none|none none none

T:05:49:00 Win2K-f 77.20.130.179 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
33 lines Yeah : 1.3
profile none summary
tarball 20 of 33 91766d8de7
NEW none[none] none:none
none|none none none

T:05:49:00 WinXP 92.4.242.199 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
31 lines Yeah : 1.3
profile none summary
tarball 26 of 33 b96c53aded
NEW none[none] none:none
none|none none none

05:51:00 Win2K-f 222.151.38.92 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 32 of 33 0d4eb498e6
NEW none[none] none:none
none|none none none

T:05:53:00 Win2K-f 88.134.144.208 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
BEXBACH, SAARLAND, DE. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
49 lines Yeah : 1.8
profile none summary
tarball 12 of 33 4cc51d389e
NEW none[none] none:none
none|none none none

T:05:53:00 WinXP 217.253.186.119 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
DE. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
34 lines Yeah : 1.8
profile none summary
tarball 32 of 33 2b3445b5be
NEW none[none] none:none
none|none none none

05:53:00 WinXP 118.236.163.9 (-):
. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 17 of 33 99ff8d066b
NEW none[none] none:none
none|none none none

05:55:00 WinXP 221.170.199.109 (MESH.AD.JP):
BIGLOBE-CIDR-BLK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

05:59:00 WinXP 125.195.157.132 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 da7aac0dc4
[Firefox: 2 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:06:04:00 Win2K-f 123.254.48.62 (PIKARA.NE.JP):
STNET INCORPORATED,
TAKAMATSU, KAGAWA, JP. 69.247.147.113:13001 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
42 lines Yeah : 1.8
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:06:07:00 Win2K-f 92.40.116.79 (IKBCC.COM):
EU-ZZ,
UK. 217.170.244.2:443
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
irc
28 lines Yeah : 1.8
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2746 hits: 12-31 to 06-27] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

T:06:09:00 WinXP 82.155.210.179 (DSL.TELEPAC.PT):
TELEPAC - COMUNICACOES INTERACTIVAS SA,
LISBON, LISBOA, PT. (DSL) 69.247.147.113:13001 :proxim.ircgalaxy.pl
US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
40 lines Yeah : 1.8
profile none summary
tarball 31 of 33 4669e220b3
NEW none[none] none:none
none|none none none

06:11:00 Win2K-f 118.236.125.250 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

06:12:00 WinXP 219.162.170.201 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

06:17:00 WinXP 77.125.239.80 (INTER.NET.IL):
EURONET DIGITAL COMMUNICATIONS,
IL. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
20 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2746 hits: 12-31 to 06-27] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

T:06:18:00 Win2K-f 202.225.227.135 (MESH.AD.JP):
C&C INTERNET SERVICE MESH (NEC CORPORATION),
JP. 217.170.244.2:443 :proxim.ircgalaxy.pl
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
irc
32 lines Yeah : 1.8
profile none summary
tarball 30 of 33 9eea6a9b95
NEW none[none] none:none
none|none none none

T:06:18:00 WinXP 117.99.15.38 (XLRI.AC.IN):
BHARTI AIRTEL LTD,
DELHI, DELHI, IN. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 31 of 32 fd57febe23
[Firefox: 4 hits: 05-19 to 06-01] none[4] none:none
PolyEnE| none trace

06:29:00 WinXP 151.21.87.2 (21-151.LIBERO.IT):
FREE INTERNET DIAL-UP SERVICES,
ROME, LAZIO, IT. (DIAL) n/a US:hail.dns2go.com
SA:scorti1.dns2go.com
US:208.101.48.210:7000
SA:88.85.242.244:7000 445 pcap raw alerts
ruleset ftp
14 lines Yeah : 0.8
profile none summary
tarball 21 of 32 5f78ff609d
[Firefox:1542 hits: 04-27 to 06-27] d4a06bdc3a [0] ASM:Graph
none|none lines=4 trace

T:06:30:00 WinXP 124.96.190.171 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 69.247.147.113:13001 :proxim.ircgalaxy.pl
US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
41 lines Yeah : 1.8
profile none summary
tarball 19 of 33 329e6cf324
NEW none[none] none:none
none|none none none

06:31:00 WinXP 92.10.1.73 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 31 of 33 f4a8c4177e
NEW none[none] none:none
none|none none none

06:36:00 Win2K-f 87.0.183.171 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
IT. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 4f3df56c30
NEW none[none] none:none
none|none none none

06:43:00 WinXP 118.8.175.207 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 23 of 33 b37cf87dd5
NEW none[none] none:none
none|none none none

06:44:00 Win2K-f 211.213.56.59 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a :proxima.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:206.33.45.125:80 135 pcap raw alerts
ruleset other
86 lines Yeah : 1.3
profile none summary
tarball 31 of 33
0 of 33 168aab35a3
[Firefox:15 hits: 06-17 to 06-26]
4c3df24b32
[Firefox:26 hits: 06-17 to 06-27] none[4]
4c3df24b32[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

06:50:00 WinXP 217.238.62.177 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
DE. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 30 of 33 c61f930b01
NEW none[none] none:none
none|none none none

T:06:56:00 Win2K-f 218.168.74.16 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a 445 pcap raw alerts
ruleset shell
ftp
16 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:07:03:00 Win2K-f 91.64.202.249 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 2f77607e42
NEW none[none] none:none
none|none none none

07:08:00 Win2K-f 118.104.228.1 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:07:09:00 Win2K-f 125.215.127.132 (PIKARA.NE.JP):
PIKARA(STNET INCORPORATED),
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:07:12:00 WinXP 122.53.180.139 (PLDT.NET):
IPG,
PH. n/a 135 pcap raw alerts
ruleset other
250 lines Yeah : 1.3
profile none summary
tarball 29 of 33 17ba465ce2
NEW none[none] none:none
none|none none none

07:14:00 WinXP 124.60.119.144 (-):
POWERCOM,
KR. n/a :proxima.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:192.221.99.126:80
PL:195.78.66.134:65520
US:199.93.41.126:80
US:205.128.66.126:80 135 pcap raw alerts
ruleset other
86 lines Yeah : 1.3
profile none summary
tarball 0 of 33
32 of 33 4c3df24b32
[Firefox:26 hits: 06-17 to 06-27]
58408136a4
NEW 4c3df24b32 [1]
none [none] ASM:Graph
none:none
Armadillo|
none|none lines=81
none trace
none

T:07:14:00 Win2K-f 85.240.154.148 (DSL.TELEPAC.PT):
PT.COM - COMUNICACOES INTERACTIVAS S.A,
PT. (DSL) n/a US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
40 lines Yeah : 1.3
profile none summary
tarball 13 of 33 ffb3b175e5
NEW none[none] none:none
none|none none none

07:15:00 WinXP 125.215.99.80 (PIKARA.NE.JP):
PIKARA(STNET INCORPORATED),
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:07:16:00 WinXP 123.225.1.80 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. 69.247.147.113:12351 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
42 lines Yeah : 1.8
profile none summary
tarball 19 of 33 89bedfb6e4
NEW none[none] none:none
none|none none none

T:07:16:00 Win2K-f 125.232.97.238 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset other
0 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:07:22:00 WinXP 61.228.164.111 (PRESTONAUTO.COM):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2746 hits: 12-31 to 06-27] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

07:24:00 WinXP 217.68.182.92 (PRIMACOM.NET):
PRIMACOM-HEADENDS,
LEIPZIG, SACHSEN, DE. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 32 of 33 77e8c157d9
NEW none[none] none:none
none|none none none

07:27:00 Win2K-f 122.25.221.242 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
PL:195.78.66.134:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 f14e24a495
NEW none[none] none:none
none|none none none

07:31:00 Win2K-f 217.202.49.69 (-):
TELECOM ITALIA MOBILE,
IT. n/a :proxim.ircgalaxy.pl
PL:195.78.66.134:65520 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 30 of 33 1990417914
NEW none[none] none:none
none|none none none

T:07:32:00 Win2K-f 71.106.30.230 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
LOS ANGELES, CALIFORNIA, US. (DSL) n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
PL:195.78.66.134:65520
US:199.93.53.126:80 135 pcap raw alerts
ruleset other
113 lines Yeah : 1.3
profile none summary
tarball 23 of 33
32 of 33 851db880e7
NEW
f15bd2d1cf
NEW 851db880e7 [1]
none [4] ASM:Graph
none:none
Armadillo|
PolyEnE| lines=81
none trace
trace

T:07:38:00 WinXP 217.68.182.92 (PRIMACOM.NET):
PRIMACOM-HEADENDS,
LEIPZIG, SACHSEN, DE. n/a :proxim.ircgalaxy.pl
UA:citi-bank.ru
US:adult-empire.com
UA:194.54.90.246:80
PL:195.78.66.134:65520 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 32 of 33 77e8c157d9
NEW none[none] none:none
none|none none none

07:45:00 Win2K-f 92.1.116.230 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a :proxim.ircgalaxy.pl
PL:195.78.66.134:65520 445 pcap raw alerts
ruleset ftp
21 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

07:45:00 Win2K-f 122.18.194.14 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a :proxim.ircgalaxy.pl
PL:195.78.66.134:65520 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 31 of 33 78396cddf0
NEW none[none] none:none
none|none none none

07:47:00 WinXP 125.215.127.132 (PIKARA.NE.JP):
PIKARA(STNET INCORPORATED),
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:07:47:00 Win2K-f 122.133.183.127 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 da7aac0dc4
[Firefox: 2 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:07:58:00 WinXP 88.134.166.149 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DRESDEN, SACHSEN, DE. 69.247.147.113:12351 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
46 lines Yeah : 1.8
profile none summary
tarball 32 of 33 530856613e
NEW none[none] none:none
none|none none none

T:08:01:00 Win2K-f 118.0.166.254 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

08:04:00 WinXP 118.8.152.117 (-):
. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
PL:195.78.66.134:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 32 of 33 26ac4391e0
NEW none[none] none:none
none|none none none

T:08:05:00 WinXP 210.147.24.32 (MESH.AD.JP):
C&C INTERNET SERVICE MESH(NEC CORPORATION),
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
29 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:08:09:00 Win2K-f 82.103.194.234 (ELISA-LAAJAKAISTA.FI):
JYVASVIESTIN-NET,
FI. n/a :proxim.ircgalaxy.pl
PL:195.78.66.134:65520 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 17939ecf71
NEW none[none] none:none
none|none none none

T:08:13:00 WinXP 118.236.165.5 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
32 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

08:14:00 WinXP 58.87.162.231 (SO-NET.NE.JP):
SO-NET SERVICE,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 29 of 29 831f4ee0a7
[Firefox:662 hits: 07-11 to 06-27] eb7546c600 [0] ASM:Graph
none|none lines=61 trace

08:16:00 Win2K-f 88.134.166.49 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DRESDEN, SACHSEN, DE. n/a 445 pcap raw alerts
ruleset ftp
29 lines Yeah : 1.3
profile none summary
tarball 32 of 33 3b4a0f77ad
NEW none[none] none:none
none|none none none

T:08:17:00 WinXP 222.150.214.221 (PLALA.OR.JP):
PLALA NETWORKS INC,
YOKOHAMA, KANAGAWA, JP. 69.247.147.113:12351 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
52 lines Yeah : 1.8
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:08:22:00 Win2K-f 221.243.224.19 (UCOM.NE.JP):
UCOM CORP,
JP. (100Mbps) 69.247.147.113:12351 :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
PL:195.78.66.134:65520
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
35 lines Yeah : 1.8
profile none summary
tarball 20 of 33 a65ac1ec9c
NEW none[none] none:none
none|none none none

T:08:23:00 Win2K-f 124.101.233.219 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
29 lines Yeah : 1.3
profile none summary
tarball 18 of 33 efd5c6e84a
NEW none[none] none:none
none|none none none

08:24:00 WinXP 118.236.209.79 (-):
. n/a 445 pcap raw alerts
ruleset other
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:08:24:00 Win2K-f 62.255.12.83 (NTLI.NET):
NTL INTERNET,
CHELTENHAM, ENGLAND, UK. (DIAL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
19 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

08:33:00 Win2K-f 92.10.6.235 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
21 lines Yeah : 1.3
profile none summary
tarball 12 of 33 ac164e8362
NEW none[none] none:none
none|none none none

08:33:00 WinXP 118.166.171.211 (-):
. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2746 hits: 12-31 to 06-27] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

T:08:40:00 WinXP 124.103.238.97 (CULPEPPER.COM):
OPEN COMPUTER NETWORK,
JP. 69.247.147.113:13001 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
45 lines Yeah : 1.8
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

08:43:00 WinXP 122.221.187.142 (UCOM.NE.JP):
UCOM CORP,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 21 of 33 0726dd069b
NEW none[none] none:none
none|none none none

08:44:00 Win2K-f 119.72.0.202 (-):
. n/a :proxim.ircgalaxy.pl
PL:195.78.66.134:65520 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 30 of 33 a44176b901
NEW none[none] none:none
none|none none none

08:46:00 Win2K-f 122.135.176.6 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:08:47:00 Win2K-f 83.171.135.192 (HERZOMEDIA.DE):
HERZO MEDIA GMBH & CO.KG,
DE. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:08:53:00 WinXP 207.144.164.230 (INFOAVE.NET):
INFO AVENUE INTERNET SERVICES LLC,
MYRTLE BEACH, SOUTH CAROLINA, US. 69.247.147.113:12351 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
46 lines Yeah : 1.8
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:08:57:00 Win2K-f 80.136.231.188 (T-DIALIN.NET):
DEUTSCHE TELEKOM AG,
DE. (DIAL) n/a 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 30 of 33 14716d13aa
NEW none[none] none:none
none|none none none

08:57:00 Win2K-f 82.48.21.73 (POOL8248.INTERBUSINESS.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
LIVORNO, TOSCANA, IT. n/a 445 pcap raw alerts
ruleset ftp
20 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:08:58:00 WinXP 125.198.13.106 (MESH.AD.JP):
NEC CORPORATION,
JP. 69.247.147.113:13001 US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:ircd.zief.pl
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
43 lines Yeah : 1.8
profile none summary
tarball 31 of 33 a666364b88
NEW none[none] none:none
none|none none none

09:00:00 WinXP 88.134.127.89 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset other
19 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

09:02:00 WinXP 82.244.41.219 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. n/a 445 pcap raw alerts
ruleset other
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:09:05:00 WinXP 88.134.30.243 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. (DSL) 69.247.147.113:12351 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
43 lines Yeah : 1.8
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:09:08:00 WinXP 218.52.172.180 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a :proxima.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:12.190.48.65:80
US:12.190.48.97:80
PL:195.78.66.134:65520 135 pcap raw alerts
ruleset other
86 lines Yeah : 1.3
profile none summary
tarball 31 of 33
0 of 33 168aab35a3
[Firefox:15 hits: 06-17 to 06-26]
4c3df24b32
[Firefox:26 hits: 06-17 to 06-27] none[4]
4c3df24b32[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

09:14:00 WinXP 88.134.125.35 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

09:19:00 WinXP 24.87.133.196 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
SURREY, BRITISH COLUMBIA, CA. (DSL) 67.43.236.66:8080 72.10.172.211:8080 :proxim.ircgalaxy.pl
CA:xx.enterhere.biz
CA:xx.ka3ek.com
CA:xx.sqlteam.info
PL:195.78.66.134:65520
CA:67.43.226.242:8080
CA:67.43.236.66:8080
CA:67.43.236.98:1863
CA:67.43.236.98:5190
CA:67.43.236.99:1863
CA:67.43.236.99:5190
CA:72.10.172.211:8080 135 pcap raw alerts
ruleset other
328 lines Yeah : 1.8
profile none summary
tarball 30 of 32 7793f134c7
NEW none[none] none:none
none|none none none

T:09:27:00 Win2K-f 218.43.33.200 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
PENANG, PULAU PINANG, MY. 69.247.147.113:12351 :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
PL:195.78.66.134:65520
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
49 lines Yeah : 1.8
profile none summary
tarball 16 of 33 c6f8fb9835
NEW none[none] none:none
none|none none none

T:09:28:00 Win2K-f 124.85.109.124 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

09:28:00 Win2K-f 213.202.37.82 (QUICKNET.CH):
QUICKNET IS AN ISP IN SWITZERLAND,
BERN, BERN, CH. (DSL) n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 31 of 33 8330acdf7c
NEW none[none] none:none
none|none none none

09:33:00 WinXP 88.134.111.176 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 f668c2636e
NEW none[none] none:none
none|none none none

T:09:33:00 WinXP 60.254.241.99 (EMOBILE.AD.JP):
EMOBILE LTD,
TOKYO, TOKYO, JP. 69.247.147.113:13001 :proxim.ircgalaxy.pl
US:chat-shqip.org
PL:195.78.66.134:65520 445 pcap raw alerts
ruleset ftp
irc
44 lines Yeah : 1.8
profile none summary
tarball 22 of 33 869081411d
NEW none[none] none:none
none|none none none

09:42:00 Win2K-f 98.105.66.252 (-):
. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2746 hits: 12-31 to 06-27] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

T:09:45:00 WinXP 118.236.163.119 (-):
. 69.247.147.113:13001 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
42 lines Yeah : 1.8
profile none summary
tarball 26 of 33 3886ec849f
NEW none[none] none:none
none|none none none

09:47:00 WinXP 221.190.141.147 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

09:49:00 WinXP 122.16.168.216 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:09:53:00 Win2K-f 83.178.158.129 (TELE2.RU):
TELE2 INTERNET PROVIDER,
SE. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
PL:195.78.66.134:80
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball 20 of 33 fe58de7629
NEW none[none] none:none
none|none none none

T:09:58:00 WinXP 209.213.27.104 (BACKROADS.NET):
BACKROADS INTERNET INC,
LAURENS, SOUTH CAROLINA, US. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:10:07:00 WinXP 119.72.27.138 (-):
. 69.247.147.113:13001 :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
PL:195.78.66.134:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
40 lines Yeah : 1.8
profile none summary
tarball 30 of 33 a44176b901
NEW none[none] none:none
none|none none none

T:10:07:00 Win2K-f 85.183.227.225 (HANSENET.DE):
HANSENET TELEKOMMUNIKATION GMBH,
HAMBURG, HAMBURG, DE. n/a :proxim.ircgalaxy.pl
PL:195.78.66.134:65520 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 31 of 33 a2d2bcffc5
NEW none[none] none:none
none|none none none

10:08:00 Win2K-f 119.72.27.138 (-):
. n/a :proxim.ircgalaxy.pl
PL:195.78.66.134:65520 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 30 of 33 a44176b901
NEW none[none] none:none
none|none none none

10:10:00 Win2K-f 58.91.53.146 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 15 of 33 a793802e3c
NEW none[none] none:none
none|none none none

10:11:00 Win2K-f 124.87.206.20 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
PL:195.78.66.134:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 22 of 33 d41dfd98f0
NEW none[none] none:none
none|none none none

10:15:00 WinXP 62.11.116.38 (DIALUP.TISCALI.IT):
TISCALI ITALIA SPA,
IT. (DIAL) n/a DE:siliconfireware.ru
:wpad
DE:212.227.111.29:80
DE:217.11.54.126:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 df17a625ee
[Firefox:474 hits: 05-04 to 06-26] 9bbdd086c5 [0] ASM:Graph
ASPack| lines=186
embedded dns trace

10:20:00 WinXP 81.41.136.165 (RIMA-TDE.NET):
TELEFONICA DE ESPANA SAU,
ES. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
PL:195.78.66.134:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
19 lines Yeah : 1.3
profile none summary
tarball 30 of 32 381d0bfce7
NEW none[none] none:none
none|none none none

10:23:00 WinXP 221.126.129.225 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball 11 of 32 b36b95f94d
NEW none[none] none:none
none|none none none

10:23:00 Win2K-f 85.181.23.43 (ALICEDSL.DE):
HANSENET-ADSL,
MUNICH, BAYERN, DE. (DSL) n/a 445 pcap raw alerts
ruleset shell
4 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:10:23:00 Win2K-f 89.42.149.27 (JUMP.RO):
SC AZURE SOFTWARE SRL,
RO. 69.247.147.113:12351 US:chat-shqip.org
US:w3bs.chat-shqip.org
PL:195.78.66.134:80
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset irc
20 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

10:39:00 WinXP 85.180.63.170 (ALICEDSL.DE):
HANSENET-ADSL,
STUTTGART, BADEN-WURTTEMBERG, DE. (DSL) n/a :proxim.ircgalaxy.pl
PL:195.78.66.134:65520
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 30 of 33 d9580e831d
NEW none[none] none:none
none|none none none

T:10:45:00 WinXP 70.184.254.67 (COX.NET):
COX COMMUNICATIONS,
OKLAHOMA CITY, OKLAHOMA, US. n/a US:microsoft.com
US:download.microsoft.com
US:12.190.48.97:80 135 pcap raw alerts
ruleset http
77 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:248 hits: 06-17 to 06-27]
a08f3b74a4
[Firefox:93 hits: 06-18 to 06-27] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:10:47:00 Win2K-f 201.231.95.27 (SRC.ORG):
CABLEVISION S.A,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) n/a 445 pcap raw alerts
ruleset ftp
32 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

10:49:00 Win2K-f 222.148.11.154 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

10:53:00 WinXP 118.236.189.225 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:11:01:00 WinXP 219.68.75.32 (GIGA.NET.TW):
HOSHIN GIGAMEDIA CENTER INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a RU:moscow-advokat.ru
:los-angeles.ca.us.undernet.org
NO:london.uk.eu.undernet.org
NL:diemen.nl.eu.undernet.org
:flanders.be.eu.undernet.org
AT:graz.at.eu.undernet.org
SE:coins.dal.net
:washington.dc.us.undernet.org
SE:vancouver.dal.net
US:lia.zanet.net
SE:viking.dal.net
:lulea.se.eu.undernet.org
:gaspode.zanet.org.za
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:1363 hits: 12-31 to 06-27] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

T:11:02:00 WinXP 125.194.223.65 (MESH.AD.JP):
NEC CORPORATION,
JP. 69.247.147.113:13001 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
41 lines Yeah : 1.8
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

11:03:00 Win2K-f 118.236.165.5 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

11:04:00 WinXP 123.222.144.117 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 31 of 33 05d02aef50
NEW none[none] none:none
none|none none none

11:11:00 WinXP 83.171.135.192 (HERZOMEDIA.DE):
HERZO MEDIA GMBH & CO.KG,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 4066a6423d
NEW none[none] none:none
none|none none none

11:20:00 Win2K-f 89.42.149.27 (JUMP.RO):
SC AZURE SOFTWARE SRL,
RO. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 29 of 32 af6b693cdf
NEW none[none] none:none
none|none none none

T:11:22:00 WinXP 98.135.112.239 (-):
. 217.170.244.2:443
CZ:217.170.244.2:443 445 pcap raw alerts
ruleset shell
ftp
irc
27 lines Yeah : 1.8
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2746 hits: 12-31 to 06-27] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

T:11:23:00 WinXP 85.181.23.43 (ALICEDSL.DE):
HANSENET-ADSL,
MUNICH, BAYERN, DE. (DSL) 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
36 lines Yeah : 1.8
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:11:25:00 Win2K-f 208.75.153.248 (DISCOVER-NET.NET):
DISCOVERNET,
EAU CLAIRE, WISCONSIN, US. n/a US:microsoft.com
US:download.microsoft.com
US:12.190.48.65:80
US:12.190.48.97:80 135 pcap raw alerts
ruleset other
59 lines Yeah : 1.3
profile none summary
tarball 33 of 33
8 of 33 53bfe15e91
[Firefox:248 hits: 06-17 to 06-27]
b7082104e4
[Firefox:15 hits: 06-18 to 06-27] none[4]
none [4] none:none
none:none
tElock|
tElock| none
none trace
trace

11:27:00 WinXP 122.21.223.180 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 2143b20ae7
NEW none[none] none:none
none|none none none

11:29:00 Win2K-f 85.177.77.249 (ALICEDSL.DE):
HANSENET-ADSL,
DE. (DSL) n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 70505b82df
NEW none[none] none:none
none|none none none

T:11:29:00 WinXP 221.190.141.147 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
53 lines Yeah : 1.8
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

11:29:00 WinXP 85.181.16.28 (ALICEDSL.DE):
HANSENET-ADSL,
DE. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:11:32:00 Win2K-f 123.224.97.210 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
41 lines Yeah : 1.8
profile none summary
tarball 19 of 33 89bedfb6e4
NEW none[none] none:none
none|none none none

T:11:35:00 Win2K-f 80.145.226.47 (T-DIALIN.NET):
DEUTSCHE TELEKOM AG,
ULM, BADEN-WURTTEMBERG, DE. (DIAL) n/a :proxim.ircgalaxy.pl
PL:195.78.66.134:65520 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 31 of 33 fceb0a8e7e
NEW none[none] none:none
none|none none none

T:11:39:00 WinXP 91.67.134.188 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
42 lines Yeah : 1.8
profile none summary
tarball 19 of 33 7cdd05c351
NEW none[none] none:none
none|none none none

11:39:00 Win2K-f 118.19.149.102 (-):
. n/a :proxim.ircgalaxy.pl
PL:195.78.66.134:65520
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 9750d49a0f
NEW none[none] none:none
none|none none none

T:11:40:00 WinXP 89.245.198.46 (VERSANETONLINE.DE):
VERSATEL NORD-DEUTSCHLAND GMBH,
DE. n/a 445 pcap raw alerts
ruleset other
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:11:41:00 WinXP 89.245.218.136 (VERSANETONLINE.DE):
VERSATEL NORD-DEUTSCHLAND GMBH,
DE. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
40 lines Yeah : 1.8
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:11:43:00 Win2K-f 85.179.160.137 (ALICEDSL.DE):
HANSENET-ADSL,
DE. (DSL) n/a 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

11:53:00 Win2K-f 91.67.134.188 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 19 of 33 7cdd05c351
NEW none[none] none:none
none|none none none

11:57:00 Win2K-f 96.14.192.69 (-):
. n/a :proxim.ircgalaxy.pl
HK:210.245.211.11:65520
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 31 of 33 4f0fd7c481
NEW none[none] none:none
none|none none none

11:58:00 WinXP 219.107.230.83 (MESH.AD.JP):
BIGLOBE-CIDR-BLK,
TOKYO, TOKYO, JP. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 488b95e869
NEW none[none] none:none
none|none none none

T:11:59:00 Win2K-f 89.178.21.28 (CORBINA.RU):
BROADBAND CUSTOMERS IN MOSCOW,
MOSCOW, MOSKVA, RU. 210.245.211.11:65520 DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com 445 pcap raw alerts
ruleset irc
http
48 lines Yeah : 0.8
profile none summary
tarball 25 of 33
27 of 33 897d59617c
NEW
a014934a72
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:12:00:00 Win2K-f 92.4.19.6 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 b96c53aded
NEW none[none] none:none
none|none none none

T:12:01:00 Win2K-f 91.64.70.169 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
SCHWEINFURT, BAYERN, DE. n/a 445 pcap raw alerts
ruleset ftp
29 lines Yeah : 1.3
profile none summary
tarball 31 of 33 24376e4bba
NEW none[none] none:none
none|none none none

T:12:01:00 WinXP 96.10.81.152 (-):
. 210.245.211.11:65520 :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com
IL:dl.mcboo.com
US:b152.mcboo.com
US:b155.mcboo.com 135 pcap raw alerts
ruleset irc
http
1205 lines Yeah : 1.8
profile none summary
tarball 31 of 32
29 of 33
25 of 33
27 of 33
0 of 33 5378ab9d2d
NEW
60a6e7e23c
NEW
897d59617c
NEW
a014934a72
NEW
e07c29c4ae
[Firefox:39 hits: 06-19 to 06-27] none[none]
none [none]
none [none]
none [none]
e07c29c4ae[1] none:none
none:none
none:none
none:none
ASM:Graph
none|none
none|none
none|none
none|none
FSG| none
none
none
none
lines=92 none
none
none
none
trace

T:12:23:00 Win2K-f 92.9.205.61 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 12 of 33 9a32965bc8
NEW none[none] none:none
none|none none none

12:28:00 WinXP 82.237.126.53 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 24 of 33 ffb780c7d5
NEW none[none] none:none
none|none none none

12:30:00 Win2K-f 118.236.164.184 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

12:32:00 WinXP 4.162.105.40 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
US. (DIAL) n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2746 hits: 12-31 to 06-27] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

T:12:33:00 Win2K-f 82.25.39.76 (NTL.COM):
NTLI,
UK. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:12:33:00 WinXP 123.222.144.117 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 05d02aef50
NEW none[none] none:none
none|none none none

T:12:38:00 Win2K-f 86.133.172.166 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
LONDON, ENGLAND, UK. n/a 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 25 of 33 b01772eda8
NEW none[none] none:none
none|none none none

12:41:00 WinXP 98.26.214.156 (-):
. n/a EU:siliconfireware.ru
:www.proxy-socks.net
:wpad
GB:new.egg.com
DE:212.227.111.29:80
DE:217.11.54.126:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 a12cab51ef
[Firefox:1073 hits: 05-01 to 06-27] 40f7f463c4 [0] ASM:Graph
ASPack| lines=281
embedded dns trace

12:41:00 Win2K-f 202.225.174.233 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 702fe1335a
NEW none[none] none:none
none|none none none

12:45:00 Win2K-f 217.251.232.46 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
18 lines Yeah : 1.3
profile none summary
tarball 13 of 32 eef5a13b95
NEW none[none] none:none
none|none none none

T:12:49:00 WinXP 118.236.189.225 (-):
. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
54 lines Yeah : 1.8
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

12:49:00 WinXP 89.245.204.104 (VERSANETONLINE.DE):
VERSATEL NORD-DEUTSCHLAND GMBH,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 19 of 33 c75b9affa9
NEW none[none] none:none
none|none none none

T:12:51:00 Win2K-f 202.70.210.168 (PIKARA.NE.JP):
PIKARA(STNET INCORPORATED),
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:12:58:00 WinXP 81.181.17.239 (-):
GENIUS NETWORK SYSTEM SRL,
GALATI, GALATI, RO. (DSL) n/a US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
29 lines Yeah : 1.3
profile none summary
tarball 15 of 33 9dc58da41a
NEW none[none] none:none
none|none none none

T:13:03:00 Win2K-f 85.177.58.130 (ALICEDSL.DE):
HANSENET-ADSL,
HAMBURG, HAMBURG, DE. (DSL) 69.247.147.113:13001 :proxim.ircgalaxy.pl
US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
51 lines Yeah : 1.8
profile none summary
tarball 19 of 33 536227ab5f
NEW none[none] none:none
none|none none none

13:06:00 Win2K-f 210.151.206.11 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:13:11:00 Win2K-f 92.20.108.102 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
47 lines Yeah : 1.8
profile none summary
tarball 12 of 33 9a32965bc8
NEW none[none] none:none
none|none none none

13:13:00 WinXP 125.194.223.65 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

13:17:00 Win2K-f 86.133.172.166 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
LONDON, ENGLAND, UK. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 25 of 33 b01772eda8
NEW none[none] none:none
none|none none none

T:13:26:00 Win2K-f 80.32.89.249 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
SABADELL, CATALUñA, ES. n/a 445 pcap raw alerts
ruleset ftp
22 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:13:26:00 Win2K-f 221.191.223.216 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

13:28:00 WinXP 122.120.0.205 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a 445 pcap raw alerts
ruleset shell
3 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

13:31:00 Win2K-f 92.22.173.60 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 31 of 33 f4a8c4177e
NEW none[none] none:none
none|none none none

T:13:33:00 WinXP 118.108.184.198 (-):
. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
43 lines Yeah : 1.8
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:13:34:00 Win2K-f 92.12.250.189 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. 69.247.147.113:12351 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
36 lines Yeah : 1.8
profile none summary
tarball 12 of 33 ac164e8362
NEW none[none] none:none
none|none none none

13:49:00 WinXP 221.190.61.200 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 12 of 33 a96d6f6d31
NEW none[none] none:none
none|none none none

T:13:50:00 Win2K-f 58.88.120.9 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
TOKYO, TOKYO, JP. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
48 lines Yeah : 1.8
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

13:55:00 Win2K-f 80.218.182.112 (HISPEED.CH):
CABLECOMMAIN-NET,
ZURICH, ZURICH, CH. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 31 of 33 aae6342c89
NEW none[none] none:none
none|none none none

13:56:00 WinXP 81.69.143.77 (EURONET.NL):
WANADOO NEDERLAND BV,
BREDA, NOORD-BRABANT, NL. (DSL) n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 31 of 33 0d9ef4672f
NEW none[none] none:none
none|none none none

13:59:00 Win2K-f 86.139.2.3 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
UK. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 30 of 33 f45e30fd8a
NEW none[none] none:none
none|none none none

T:14:02:00 WinXP 201.22.101.38 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a :proxim.ircgalaxy.pl
RU:moscow-advokat.ru
NL:diemen.nl.eu.undernet.org
:brussels.be.eu.undernet.org
:los-angeles.ca.us.undernet.org
SE:broadway.ny.us.dal.net
SE:qis.md.us.dal.net
SE:ozbytes.dal.net
:flanders.be.eu.undernet.org
AT:graz.at.eu.undernet.org
SE:viking.dal.net
:gaspode.zanet.org.za
US:lia.zanet.net
NO:london.uk.eu.undernet.org 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 32 of 33 84d2f5cb5b
NEW none[none] none:none
none|none none none

T:14:08:00 WinXP 78.8.22.137 (NET.PL):
DIALOG,
WROCLAW, DOLNOSLASKIE, PL. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
46 lines Yeah : 1.8
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

14:17:00 Win2K-f 203.73.248.127 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a 445 pcap raw alerts
ruleset shell
9 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

14:18:00 Win2K-f 217.237.116.136 (T-DIALIN.NET):
DEUTSCHE TELEKOM AG,
TRIER, RHEINLAND-PFALZ, DE. (DIAL) n/a 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

14:23:00 WinXP 125.195.107.13 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

14:28:00 Win2K-f 221.191.249.210 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 dd1195e952
NEW none[none] none:none
none|none none none

T:14:28:00 Win2K-f 78.146.77.216 (-):
OPAL TELECOM DSL,
LONDON, ENGLAND, UK. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 1a9fa0fa9f
NEW none[none] none:none
none|none none none

14:30:00 Win2K-f 58.188.245.46 (EONET.NE.JP):
K-OPTICOM CORPORATION,
OSAKA, OSAKA, JP. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 17 of 33 64477225c9
NEW none[none] none:none
none|none none none

14:30:00 WinXP 121.87.114.58 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:14:32:00 Win2K-f 222.145.167.60 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
TOKYO, TOKYO, JP. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 d60e1eb1a2
NEW none[none] none:none
none|none none none

T:14:36:00 Win2K-f 122.17.222.35 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 69.247.147.113:12351 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
33 lines Yeah : 1.8
profile none summary
tarball 16 of 33 3027d57000
[Firefox: 2 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:14:43:00 WinXP 207.144.75.217 (INFOAVE.NET):
INFO AVENUE INTERNET SERVICES LLC,
MYRTLE BEACH, SOUTH CAROLINA, US. 69.247.147.113:12351 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
52 lines Yeah : 1.8
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

14:46:00 WinXP 82.244.98.50 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. n/a 445 pcap raw alerts
ruleset other
11 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:14:48:00 Win2K-f 4.244.117.85 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
KANSAS CITY, MISSOURI, US. (DIAL) n/a 445 pcap raw alerts
ruleset shell
3 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:14:50:00 Win2K-f 124.84.165.206 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
41 lines Yeah : 1.8
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

14:54:00 Win2K-f 84.187.230.157 (T-DIALIN.NET):
DEUTSCHE TELEKOM AG,
AACHEN, NORDRHEIN-WESTFALEN, DE. (DIAL) n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:14:57:00 WinXP 91.66.91.58 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
43 lines Yeah : 1.8
profile none summary
tarball 31 of 33 f7fe13b098
NEW none[none] none:none
none|none none none

14:59:00 WinXP 24.243.122.240 (RR.COM):
ROAD RUNNER HOLDCO LLC,
CORPUS CHRISTI, TEXAS, US. n/a SE:kavkazcenter.com
SE:kavkazcenter.net
FI:kavkazchat.com
US:chechenpress.info
GB:chechenpress.co.uk
US:shaheeds.org
:daymohk.info
:chripress.org
:marsho.dk
RU:www.bbin.ru
:wpad
DE:siliconfireware.ru
:www.proxy-socks.net
RU:195.200.213.52:80
GB:217.194.210.198:80
US:69.25.142.48:80
US:72.29.65.216:80
FI:80.81.183.162:80
SE:88.80.5.157:80
SE:88.80.5.15:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 ab5e47bf8d
[Firefox:53 hits: 05-10 to 06-26] none[3] none:none
ASPack| none trace

T:15:00:00 Win2K-f 92.40.242.123 (IKBCC.COM):
EU-ZZ,
UK. 217.170.244.2:443 :proxim.ircgalaxy.pl
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
irc
28 lines Yeah : 1.8
profile none summary
tarball 31 of 33 1f11f69842
NEW none[none] none:none
none|none none none

15:01:00 WinXP 61.229.31.253 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2746 hits: 12-31 to 06-27] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

T:15:04:00 WinXP 124.86.216.151 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 13 of 33 1b9c549867
NEW none[none] none:none
none|none none none

15:04:00 WinXP 85.181.129.154 (ALICEDSL.DE):
HANSENET-ADSL,
DE. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

15:05:00 WinXP 118.236.143.152 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

15:06:00 Win2K-f 122.120.2.220 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a 445 pcap raw alerts
ruleset shell
3 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

15:07:00 Win2K-f 121.73.12.149 (TELSTRACLEAR.NET):
TELSTRACLEAR WELLINGTON CABLE CUSTOMERS,
WELLINGTON, WELLINGTON, NZ. (DSL) n/a 135 pcap raw alerts
ruleset other
10 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:15:09:00 Win2K-f 124.102.166.33 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:15:12:00 WinXP 66.19.76.39 (USLEC.NET):
USLEC CORP,
TAMPA, FLORIDA, US. n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:248 hits: 06-17 to 06-27]
a08f3b74a4
[Firefox:93 hits: 06-18 to 06-27] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:15:17:00 Win2K-f 92.8.77.188 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a 445 pcap raw alerts
ruleset ftp
16 lines Yeah : 1.3
profile none summary
tarball 8 of 33 3453dc922c
NEW none[none] none:none
none|none none none

T:15:20:00 WinXP 91.64.196.79 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 24376e4bba
NEW none[none] none:none
none|none none none

15:21:00 Win2K-f 24.67.135.214 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
COURTENAY, BRITISH COLUMBIA, CA. (DSL) n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:207.123.44.126:80 135 pcap raw alerts
ruleset other
94 lines Yeah : 1.3
profile none summary
tarball 31 of 33
1 of 33 48f8b1a711
[Firefox: 2 hits: 06-19 to 06-27]
aecf2a5fc9
[Firefox: 2 hits: 06-19 to 06-27] none[4]
aecf2a5fc9[1] none:none
ASM:Graph
PolyEnE|
Armadillo| none
lines=81 trace
trace

15:22:00 Win2K-f 217.211.148.224 (TELIA.COM):
TELIA NETWORK SERVICES,
UMEå, VASTERBOTTEN, SE. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 83aa1e7d14
NEW none[none] none:none
none|none none none

15:23:00 WinXP 208.79.97.28 (-):
GLOBAL CARIBBEAN NETWORK,
GP. n/a CA:xx.nadnadzz.info
CA:xx.enterhere.biz
CA:67.43.236.98:10324
CA:67.43.236.98:1863
CA:67.43.236.99:10324
CA:67.43.236.99:1863 135 pcap raw alerts
ruleset other
303 lines Yeah : 1.3
profile none summary
tarball 12 of 33 df5bd48747
NEW none[none] none:none
none|none none none

15:24:00 WinXP 201.69.190.214 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
19 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:15:25:00 WinXP 121.93.183.82 (INFOWEB.NE.JP):
INFOWEB(FUJITSU LTD.),
TOKYO, TOKYO, JP. (DIAL) 217.170.244.2:443
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
irc
28 lines Yeah : 1.8
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2746 hits: 12-31 to 06-27] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

T:15:39:00 WinXP 60.44.191.160 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
YOKOHAMA, KANAGAWA, JP. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 32 00710a2ffa
NEW none[none] none:none
none|none none none

15:41:00 Win2K-f 125.197.6.33 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

15:47:00 WinXP 217.127.80.27 (RIMA-TDE.NET):
TELEFONICA DE ESPANA SAU (NCC#2001038578),
VIGO, GALICIA, ES. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 23 of 33 a4554db76d
NEW none[none] none:none
none|none none none

15:47:00 WinXP 116.124.145.131 (-):
HANARO TELECOM,
SEOUL, KYONGGI-DO, KR. n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:198.78.220.124:80
US:199.93.44.124:80
US:8.12.202.125:80 135 pcap raw alerts
ruleset other
135 lines Yeah : 1.3
profile none summary
tarball 30 of 33
30 of 33 69be040d0b
NEW
81bbbeac34
NEW none[4]
81bbbeac34[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=82 trace
trace

15:53:00 Win2K-f 92.10.185.201 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
22 lines Yeah : 1.3
profile none summary
tarball 30 of 32 aadc4f43de
NEW none[none] none:none
none|none none none

15:54:00 WinXP 92.8.81.36 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
19 lines Yeah : 1.3
profile none summary
tarball 12 of 33 9a32965bc8
NEW none[none] none:none
none|none none none

15:56:00 Win2K-f 124.84.165.206 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:16:02:00 WinXP 70.119.3.24 (RR.COM):
ROAD RUNNER HOLDCO LLC,
OVIEDO, FLORIDA, US. n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 29 of 29 9b82db3489
NEW none[none] none:none
none|none none none

T:16:05:00 WinXP 117.102.149.255 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 13 of 33 c5a2efda72
NEW none[none] none:none
none|none none none

16:08:00 WinXP 87.21.134.199 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
LA SPEZIA, LIGURIA, IT. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 19 of 33 456e972bb3
NEW none[none] none:none
none|none none none

T:16:09:00 Win2K-f 119.72.15.53 (-):
. n/a 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 31 of 33 1ee8e6f219
NEW none[none] none:none
none|none none none

16:10:00 WinXP 117.102.149.255 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 13 of 33 c5a2efda72
NEW none[none] none:none
none|none none none

16:19:00 WinXP 78.149.245.210 (OPALTELECOM.NET):
OPAL TELECOMMUNICATIONS INTERNET SERVICE PROVIDER,
UK. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 22 of 33 4365e3a428
NEW none[none] none:none
none|none none none

16:20:00 Win2K-f 92.8.77.188 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a 445 pcap raw alerts
ruleset ftp
16 lines Yeah : 1.3
profile none summary
tarball 9 of 33 ac1674d23a
NEW none[none] none:none
none|none none none

T:16:21:00 WinXP 118.105.154.90 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 505238d7ef
NEW none[none] none:none
none|none none none

16:24:00 Win2K-f 85.176.106.198 (ALICEDSL.DE):
HANSENET-ADSL,
HAMBURG, HAMBURG, DE. (DSL) n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 21 of 32 262cb4f094
NEW none[none] none:none
none|none none none

16:27:00 WinXP 88.134.236.19 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
KAUFBEUREN, BAYERN, DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 637d52f4b8
NEW none[none] none:none
none|none none none

T:16:27:00 Win2K-f 82.246.145.27 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 8c6b98ffe4
NEW none[none] none:none
none|none none none

T:16:27:00 WinXP 4.131.139.21 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
LOS ANGELES, CALIFORNIA, US. (DIAL) n/a 445 pcap raw alerts
ruleset shell
ftp
12 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:16:30:00 WinXP 58.188.216.139 (EONET.NE.JP):
K-OPTICOM CORPORATION,
OSAKA, OSAKA, JP. n/a 445 pcap raw alerts
ruleset other
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

16:31:00 WinXP 4.225.81.97 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
OHIO, US. (DIAL) n/a 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:16:36:00 Win2K-f 4.252.38.68 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
PRINCE GEORGE, VIRGINIA, US. (DIAL) n/a 445 pcap raw alerts
ruleset shell
11 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:16:42:00 WinXP 213.39.214.234 (HANSENET.DE):
HANSENET TELEKOMMUNIKATION GMBH,
HAMBURG, HAMBURG, DE. (DSL) n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 24 of 33 c10d29a192
NEW none[none] none:none
none|none none none

T:16:44:00 Win2K-f 118.7.122.32 (-):
. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:16:46:00 Win2K-f 122.135.148.96 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 fac31be9e4
NEW none[none] none:none
none|none none none

16:47:00 Win2K-f 209.213.27.104 (BACKROADS.NET):
BACKROADS INTERNET INC,
LAURENS, SOUTH CAROLINA, US. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

16:48:00 WinXP 218.223.85.176 (ACROSS.OR.JP):
DREAM WAVE SHIZUOKA CO. LTD,
SHIZUOKA, SHIZUOKA, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:16:57:00 WinXP 124.86.73.211 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
30 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:17:02:00 WinXP 202.70.250.29 (ONINET.NE.JP):
OKAYAMA NETWORK INC,
OKAYAMA, OKAYAMA, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:17:11:00 Win2K-f 123.218.234.145 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:17:12:00 WinXP 217.237.116.136 (T-DIALIN.NET):
DEUTSCHE TELEKOM AG,
TRIER, RHEINLAND-PFALZ, DE. (DIAL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
20 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:17:15:00 Win2K-f 60.254.219.250 (EMOBILE.AD.JP):
EMOBILE LTD,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 24 of 33 b0e611cca4
NEW none[none] none:none
none|none none none

17:23:00 WinXP 210.147.70.2 (MESH.AD.JP):
C&C INTERNET SERVICE MESH(NEC CORPORATION),
JP. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
18 lines Yeah : 1.3
profile none summary
tarball 30 of 33 98d36cfd23
NEW none[none] none:none
none|none none none

17:23:00 WinXP 221.126.249.153 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 12 of 33 24f621c693
NEW none[none] none:none
none|none none none

17:40:00 Win2K-f 118.111.81.5 (-):
. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

17:43:00 Win2K-f 122.24.117.192 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

17:45:00 WinXP 120.75.103.93 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

17:47:00 WinXP 60.56.221.143 (EONET.NE.JP):
K-OPTICOM CORPORATION,
OSAKA, OSAKA, JP. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 17 of 33 64477225c9
NEW none[none] none:none
none|none none none

T:17:49:00 WinXP 201.93.0.199 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a DE:siliconfireware.ru
US:searchportal.information.com
RU:www.bbin.ru
RU:www.binbank.ru
:wpad
US:208.73.212.12:80
DE:212.227.111.29:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
http
http
http
23 lines Yeah : 0.8
profile none summary
tarball 29 of 29 a12cab51ef
[Firefox:1073 hits: 05-01 to 06-27] 40f7f463c4 [0] ASM:Graph
ASPack| lines=281
embedded dns trace

17:53:00 Win2K-f 119.72.20.77 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 423f9090c5
NEW none[none] none:none
none|none none none

T:18:01:00 Win2K-f 119.72.20.77 (-):
. n/a 445 pcap raw alerts
ruleset shell
4 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:18:06:00 Win2K-f 118.1.44.135 (-):
. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 aa7cc8c90d
NEW none[none] none:none
none|none none none

T:18:09:00 WinXP 80.248.240.114 (SUOMICOM.FI):
SUOMI COMMUNICATIONS LTD,
FI. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 30 of 33 caf6884079
NEW none[none] none:none
none|none none none

T:18:09:00 WinXP 202.84.102.114 (MLY-CDO-SER.PHILCOM.PH):
PHILCOM CORPORATION,
CAGAYAN DE ORO, MISAMIS ORIENTAL, PH. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:3109 hits: 12-31 to 06-27] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:18:10:00 WinXP 123.218.220.216 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 72.10.172.218:8492 CA:jiets.soidudrf.com
CA:abc.ihshsd8.com
CA:72.10.172.218:8492 445 pcap raw alerts
ruleset ftp
irc
35 lines Yeah : 1.8
profile none summary
tarball 30 of 33 40dad11b69
NEW none[none] none:none
none|none none none

T:18:13:00 Win2K-f 118.237.25.21 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 24 of 33 fc0c35d5d2
NEW none[none] none:none
none|none none none

18:16:00 Win2K-f 82.103.194.234 (ELISA-LAAJAKAISTA.FI):
JYVASVIESTIN-NET,
FI. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 31 of 33 17939ecf71
NEW none[none] none:none
none|none none none

18:16:00 WinXP 219.162.233.25 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
KOBE, HYOGO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 13 of 33 9c98b12453
NEW none[none] none:none
none|none none none

18:17:00 WinXP 98.25.100.214 (-):
. n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:1363 hits: 12-31 to 06-27] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

T:18:17:00 WinXP 98.25.100.214 (-):
. n/a RU:moscow-advokat.ru
AT:graz.at.eu.undernet.org
:gaspode.zanet.org.za
:los-angeles.ca.us.undernet.org
SE:ced.dal.net
SE:viking.dal.net
SE:qis.md.us.dal.net
:flanders.be.eu.undernet.org
US:lia.zanet.net
SE:broadway.ny.us.dal.net
SE:ozbytes.dal.net
:caen.fr.eu.undernet.org
SE:coins.dal.net
SE:vancouver.dal.net
:washington.dc.us.undernet.org
:lulea.se.eu.undernet.org
NO:london.uk.eu.undernet.org
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:1363 hits: 12-31 to 06-27] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

18:22:00 Win2K-f 122.135.168.229 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 28 of 33 a9c8d121f2
NEW none[none] none:none
none|none none none

18:22:00 WinXP 124.102.76.178 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

18:24:00 Win2K-f 123.222.120.162 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

18:27:00 WinXP 76.211.89.70 (SBCGLOBAL.NET):
PPPOX POOL - RBACK4.SPFDMO,
SPRINGFIELD, MISSOURI, US. n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset other
0 lines Yeah : 0.8
profile none summary
tarball 29 of 29 d175bad0e6
[Firefox:14 hits: 06-08 to 04-05] dfb15f5463 [0] ASM:Graph
tElock| lines=81
embedded dns trace

T:18:32:00 Win2K-f 118.237.39.21 (-):
. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:18:35:00 WinXP 125.215.84.14 (MCBNET.NE.JP):
MITOYO CATV BROADCAST NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

18:36:00 WinXP 123.220.5.62 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:18:37:00 Win2K-f 124.102.29.84 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 210.245.211.11:65520 :proxima.ircgalaxy.pl
US:chat-shqip.org
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:w3bs.chat-shqip.org
US:wr.mcboo.com
US:206.251.244.226:80
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
http
75 lines Yeah : 1.8
profile none summary
tarball 13 of 33
25 of 33
27 of 33 4a6ba0f5ba
NEW
897d59617c
NEW
a014934a72
NEW none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

18:40:00 Win2K-f 122.134.239.106 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

18:44:00 Win2K-f 125.215.84.14 (MCBNET.NE.JP):
MITOYO CATV BROADCAST NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:18:45:00 WinXP 24.25.158.22 (RR.COM):
ROAD RUNNER HOLDCO LLC,
CAMBRIDGE, NEW YORK, US. n/a US:microsoft.com
US:download.microsoft.com
US:198.78.220.124:80
US:204.160.126.124:80 135 pcap raw alerts
ruleset http
77 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32
0 of 33 53bfe15e91
[Firefox:248 hits: 06-17 to 06-27]
73f1082158
[Firefox:98 hits: 06-18 to 06-27]
e07c29c4ae
[Firefox:39 hits: 06-19 to 06-27] none[4]
73f1082158[1]
e07c29c4ae[1] none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
FSG| none
lines=81
lines=92 trace
trace
trace

18:53:00 WinXP 4.224.237.86 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
FAIRBORN, OHIO, US. (DIAL) n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:3109 hits: 12-31 to 06-27] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:18:55:00 Win2K-f 125.102.14.156 (UCOM.NE.JP):
IML,
JP. 210.245.211.11:65520 US:ksn.a1001186.wrs.mcboo.com
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
http
77 lines Yeah : 1.8
profile none summary
tarball 25 of 33
23 of 33
27 of 33 897d59617c
NEW
8bb54a6958
NEW
a014934a72
NEW none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

T:18:57:00 WinXP 118.1.160.67 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:18:58:00 Win2K-f 121.83.102.252 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. 210.245.211.11:65520 :proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset ftp
irc
http
71 lines Yeah : 1.8
profile none summary
tarball 30 of 33
27 of 33 223df07723
NEW
a014934a72
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

19:00:00 WinXP 122.53.119.252 (PLDT.NET):
IPG,
PH. n/a US:microsoft.com
US:download.microsoft.com
:proxim.ircgalaxy.pl
US:12.190.48.65:80
US:12.190.48.97:80
HK:210.245.211.11:65520 135 pcap raw alerts
ruleset other
127 lines Yeah : 1.3
profile none summary
tarball 29 of 33
33 of 33 16874933ea
[Firefox:10 hits: 06-18 to 06-26]
76ee340669
[Firefox:10 hits: 06-18 to 06-26] 16874933ea [1]
none [4] ASM:Graph
none:none
Armadillo|
PolyEnE| lines=82
none trace
trace

T:19:00:00 WinXP 124.102.76.178 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

19:03:00 WinXP 123.254.9.232 (PIKARA.NE.JP):
STNET INCORPORATED,
TAKAMATSU, KAGAWA, JP. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 32 c9825e1fd3
NEW none[none] none:none
none|none none none

T:19:11:00 Win2K-f 221.126.73.3 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 29 of 33 202a01088b
NEW none[none] none:none
none|none none none

T:19:12:00 WinXP 220.144.247.127 (MESH.AD.JP):
NEC CORPORATION,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

19:14:00 WinXP 121.84.154.55 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 22 of 33 d5306e3eec
NEW none[none] none:none
none|none none none

19:14:00 Win2K-f 124.86.153.132 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a :proxim.ircgalaxy.pl
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 56fd048da4
NEW none[none] none:none
none|none none none

T:19:17:00 Win2K-f 4.90.52.175 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
SEADRIFT, TEXAS, US. (DIAL) 210.245.211.11:65520 US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com
IL:dl.mcboo.com
US:b152.mcboo.com
HK:210.245.211.11:65520
US:4.90.52.175:21 445 pcap raw alerts
ruleset shell
irc
http
120 lines Yeah : 1.8
profile none summary
tarball 25 of 33
27 of 33 897d59617c
NEW
a014934a72
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:19:17:00 Win2K-f 123.254.9.232 (PIKARA.NE.JP):
STNET INCORPORATED,
TAKAMATSU, KAGAWA, JP. 210.245.211.11:65520 :proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com
IL:dl.mcboo.com
US:206.251.244.226:80
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset ftp
irc
http
166 lines Yeah : 1.8
profile none summary
tarball 25 of 33
27 of 33
30 of 32 897d59617c
NEW
a014934a72
NEW
c9825e1fd3
NEW none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

19:19:00 WinXP 118.236.186.45 (-):
. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 30 of 33 4d71da6f08
NEW none[none] none:none
none|none none none

T:19:20:00 Win2K-f 122.135.168.229 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 28 of 33 a9c8d121f2
NEW none[none] none:none
none|none none none

19:23:00 WinXP 60.34.41.185 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

19:24:00 Win2K-f 118.1.199.85 (-):
. n/a :proxima.ircgalaxy.pl
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 31 of 33 a4fbe49195
NEW none[none] none:none
none|none none none

19:32:00 WinXP 122.16.142.82 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 17 of 33 0e78be6c38
NEW none[none] none:none
none|none none none

T:19:36:00 WinXP 218.47.189.214 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:19:36:00 WinXP 220.105.125.168 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 210.245.211.11:65520 :proxima.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com
US:206.251.244.226:80
HK:210.245.211.11:65520
DE:85.114.143.2:80 445 pcap raw alerts
ruleset ftp
irc
http
83 lines Yeah : 1.8
profile none summary
tarball 25 of 33
27 of 33
31 of 33 897d59617c
NEW
a014934a72
NEW
d1bd2fd489
NEW none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

T:19:37:00 WinXP 12.218.248.147 (MCHSI.COM):
MEDIACOM COMMUNICATIONS CORP,
MOBILE, ALABAMA, US. n/a RU:moscow-advokat.ru
SE:viking.dal.net
NL:diemen.nl.eu.undernet.org
US:lia.zanet.net
AT:graz.at.eu.undernet.org
NO:london.uk.eu.undernet.org
:los-angeles.ca.us.undernet.org
SE:vancouver.dal.net
SE:ozbytes.dal.net
SE:ced.dal.net
:washington.dc.us.undernet.org
:lulea.se.eu.undernet.org
SE:qis.md.us.dal.net
:caen.fr.eu.undernet.org
:brussels.be.eu.undernet.org 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:1363 hits: 12-31 to 06-27] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

19:41:00 Win2K-f 58.89.136.30 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 31 of 33 6be5b3dab0
NEW none[none] none:none
none|none none none

T:19:45:00 Win2K-f 92.40.177.226 (IKBCC.COM):
EU-ZZ,
UK. 217.170.244.2:443
CZ:217.170.244.2:443 445 pcap raw alerts
ruleset shell
ftp
irc
27 lines Yeah : 1.8
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2746 hits: 12-31 to 06-27] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

19:48:00 WinXP 121.87.10.228 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 23 of 33 cf153403d1
NEW none[none] none:none
none|none none none

19:51:00 WinXP 219.110.167.54 (CATV02.ITSCOM.JP):
ITS COMMUNICATIONS INC,
JP. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
18 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2746 hits: 12-31 to 06-27] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

19:52:00 WinXP 118.109.135.216 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

19:52:00 WinXP 118.7.255.89 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:19:54:00 Win2K-f 203.78.33.141 (SMARTONE-VODAFONE.COM):
SMARTONE MOBILE COMMUNICATIONS LTD,
TIN SHUI WAI, HONG KONG (SAR), HK. 210.245.211.11:65520 US:ksn.a1001186.wrs.mcboo.com
HK:210.245.211.11:65520 135 pcap raw alerts
ruleset irc
http
54 lines Yeah : 0.8
profile none summary
tarball 25 of 33
27 of 33 897d59617c
NEW
a014934a72
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

19:56:00 Win2K-f 122.132.154.89 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 13 of 33 5acf6590b6
NEW none[none] none:none
none|none none none

19:57:00 Win2K-f 24.234.135.188 (COX.NET):
COX COMMUNICATIONS INC,
LAS VEGAS, NEVADA, US. n/a US:microsoft.com
US:download.microsoft.com
US:192.221.99.124:80 135 pcap raw alerts
ruleset other
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:248 hits: 06-17 to 06-27]
a08f3b74a4
[Firefox:93 hits: 06-18 to 06-27] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:19:58:00 Win2K-f 220.137.102.221 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 217.170.244.2:443 :proxim.ircgalaxy.pl
CZ:217.170.244.2:443 445 pcap raw alerts
ruleset shell
ftp
irc
29 lines Yeah : 1.8
profile none summary
tarball 30 of 33 97f74b5f47
NEW none[none] none:none
none|none none none

T:20:11:00 WinXP 82.244.11.81 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. n/a 445 pcap raw alerts
ruleset other
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

20:13:00 WinXP 123.224.92.165 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:20:14:00 Win2K-f 60.254.198.172 (EMOBILE.AD.JP):
EMOBILE LTD,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:20:22:00 Win2K-f 93.81.111.20 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 210.245.211.11:65520 :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset irc
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

20:24:00 Win2K-f 122.18.178.17 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 8 of 33 b2fae7acd0
NEW none[none] none:none
none|none none none

T:20:39:00 WinXP 203.70.104.209 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 217.170.244.2:443 445 pcap raw alerts
ruleset shell
ftp
irc
29 lines Yeah : 1.8
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2746 hits: 12-31 to 06-27] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

20:45:00 Win2K-f 124.96.229.226 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

20:45:00 WinXP 125.58.79.154 (-):
. n/a US:microsoft.com
US:download.microsoft.com
US:198.78.220.126:80
US:207.123.44.125:80
US:4.23.60.126:80 135 pcap raw alerts
ruleset other
98 lines Yeah : 1.3
profile none summary
tarball 32 of 33
26 of 33 2851817490
NEW
ed4acd1f8e
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

20:47:00 WinXP 210.79.129.133 (MEDIATTI.NET):
MEDIATTI COMMUNICATIONS INC,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 29 of 29 831f4ee0a7
[Firefox:662 hits: 07-11 to 06-27] eb7546c600 [0] ASM:Graph
none|none lines=61 trace

T:20:48:00 Win2K-f 61.230.228.48 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 210.245.211.11:65520
HK:210.245.211.11:65520
TW:61.230.228.48:21 445 pcap raw alerts
ruleset shell
irc
18 lines Yeah : 1.8
profile none summary
tarball none none none none none none none

20:55:00 Win2K-f 119.72.0.213 (-):
. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 17 of 33 43b324d347
NEW none[none] none:none
none|none none none

T:20:57:00 WinXP 118.236.194.233 (-):
. 210.245.211.11:65520 :proxim.ircgalaxy.pl
US:chat-shqip.org
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:w3bs.chat-shqip.org
US:wr.mcboo.com
IL:dl.mcboo.com
US:b156.mcboo.com
US:206.251.244.226:80
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
http
107 lines Yeah : 1.8
profile none summary
tarball 25 of 33
17 of 33
27 of 33 897d59617c
NEW
99ff8d066b
NEW
a014934a72
NEW none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

20:57:00 Win2K-f 221.127.140.139 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:21:01:00 Win2K-f 81.69.143.77 (EURONET.NL):
WANADOO NEDERLAND BV,
BREDA, NOORD-BRABANT, NL. (DSL) 210.245.211.11:65520 :proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com
US:206.251.244.226:80 445 pcap raw alerts
ruleset ftp
irc
http
77 lines Yeah : 1.8
profile none summary
tarball 25 of 33
27 of 33
29 of 33 897d59617c
NEW
a014934a72
NEW
b2575fb7f0
NEW none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

21:01:00 WinXP 122.16.119.227 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:21:03:00 Win2K-f 12.75.136.156 (ATT.NET):
AT&T WORLDNET SERVICES,
MINNEAPOLIS, MINNESOTA, US. (DIAL) n/a 445 pcap raw alerts
ruleset shell
ftp
16 lines Yeah : 1.3
profile none summary
tarball 27 of 32 6c36e19037
[Firefox: 4 hits: 06-22 to 06-27] none[4] none:none
none|none none trace

21:09:00 WinXP 4.162.171.232 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
NASHVILLE, TENNESSEE, US. (DIAL) n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
HK:210.245.211.11:65520
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
130 lines Yeah : 1.3
profile none summary
tarball 32 of 33
29 of 33 5097c25982
NEW
a8b87527e7
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:21:09:00 WinXP 125.2.28.154 (INFOWEB.NE.JP):
INFOWEB(FUJITSU LTD.),
TOKYO, TOKYO, JP. (DIAL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

21:17:00 Win2K-f 122.17.206.249 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a :proxima.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 13 of 33 4a6ba0f5ba
NEW none[none] none:none
none|none none none

T:21:18:00 Win2K-f 92.40.29.3 (IKBCC.COM):
EU-ZZ,
UK. 210.245.211.11:65520 US:ksn.a1001186.wrs.mcboo.com
:proxim.ircgalaxy.pl
HK:210.245.211.11:65520
92.40.29.3:8228 445 pcap raw alerts
ruleset shell
irc
http
99 lines Yeah : 1.8
profile none summary
tarball 25 of 33
27 of 33 897d59617c
NEW
a014934a72
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:21:19:00 WinXP 221.127.32.187 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 29 of 33 202a01088b
NEW none[none] none:none
none|none none none

21:20:00 Win2K-f 122.25.25.148 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset other
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

21:22:00 WinXP 221.126.143.92 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a 445 pcap raw alerts
ruleset ftp
21 lines Yeah : 1.3
profile none summary
tarball 29 of 33 d430794b4e
NEW none[none] none:none
none|none none none

21:35:00 WinXP 122.16.239.192 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

21:38:00 Win2K-f 118.236.130.150 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

21:40:00 WinXP 82.246.145.27 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 8c6b98ffe4
NEW none[none] none:none
none|none none none

T:21:40:00 Win2K-f 202.70.241.145 (ONINET.NE.JP):
OKAYAMA NETWORK INC,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:21:42:00 Win2K-f 60.37.143.85 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
KOH SAMUI, SURAT THANI, TH. 210.245.211.11:65520 US:ksn.a1001186.wrs.mcboo.com 445 pcap raw alerts
ruleset irc
http
49 lines Yeah : 0.8
profile none summary
tarball 25 of 33
27 of 33 897d59617c
NEW
a014934a72
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:21:55:00 Win2K-f 123.254.41.91 (PIKARA.NE.JP):
STNET INCORPORATED,
TAKAMATSU, KAGAWA, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

21:56:00 Win2K-f 222.158.61.104 (INFOWEB.NE.JP):
INFOWEB(FUJITSU LTD.),
TOKYO, TOKYO, JP. (DIAL) n/a :proxim.ircgalaxy.pl
HK:210.245.211.11:65520
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
18 lines Yeah : 1.3
profile none summary
tarball 31 of 33 a02e900feb
NEW none[none] none:none
none|none none none

T:22:00:00 WinXP 219.162.107.249 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:22:06:00 WinXP 118.6.29.206 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:22:08:00 Win2K-f 124.102.153.91 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 29 of 32 7a1715e823
NEW none[none] none:none
none|none none none

T:22:08:00 WinXP 68.206.155.81 (RR.COM):
ROAD RUNNER HOLDCO LLC,
COPPERAS COVE, TEXAS, US. n/a EU:siliconfireware.ru
US:searchportal.information.com
US:sprw.information.com
US:spi.domainsponsor.com
RU:www.bbin.ru
:wpad
RU:www.binbank.ru
GB:new.egg.com
CA:www.bmo.com 445 pcap raw alerts
ruleset http
http
http
http
38 lines Yeah : 0.8
profile none summary
tarball 29 of 29 a12cab51ef
[Firefox:1073 hits: 05-01 to 06-27] 40f7f463c4 [0] ASM:Graph
ASPack| lines=281
embedded dns trace

22:12:00 Win2K-f 78.8.20.211 (NET.PL):
DIALOG,
WROCLAW, DOLNOSLASKIE, PL. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:22:20:00 WinXP 60.236.102.31 (MESH.AD.JP):
NEC CORPORATION,
YOKOHAMA, KANAGAWA, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 da7aac0dc4
[Firefox: 2 hits: 06-27 to 06-27] none[none] none:none
none|none none none

22:23:00 WinXP 118.236.179.158 (-):
. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 31 of 33 1ff6cb719b
NEW none[none] none:none
none|none none none

T:22:24:00 WinXP 60.254.248.36 (EMOBILE.AD.JP):
EMOBILE LTD,
TOKYO, TOKYO, JP. 210.245.211.11:65520 :proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:wr.mcboo.com
IL:dl.mcboo.com
:www.speed-runner.com
US:b157.mcboo.com
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
http
http
http
http
413 lines Yeah : 1.8
profile none summary
tarball 8 of 33
21 of 33
30 of 33
0 of 33
25 of 33
27 of 33
27 of 33 1ac39aea6b
NEW
7b1de9d82d
NEW
8151e719af
NEW
820bef376c
NEW
897d59617c
NEW
a014934a72
NEW
d6fbe37100
NEW none[none]
none [none]
none [none]
none [none]
none [none]
none [none]
none [none] none:none
none:none
none:none
none:none
none:none
none:none
none:none
none|none
none|none
none|none
none|none
none|none
none|none
none|none none
none
none
none
none
none
none none
none
none
none
none
none
none

22:24:00 Win2K-f 118.6.29.206 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:22:25:00 WinXP 218.42.219.4 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 29 of 29 3ae357d17b
[Firefox:724 hits: 05-01 to 06-27] 462a7be171 [0] ASM:Graph
PolyEnE| lines=73 trace

T:22:37:00 Win2K-f 61.228.95.84 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. 217.170.244.2:443 445 pcap raw alerts
ruleset shell
ftp
irc
27 lines Yeah : 1.8
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2746 hits: 12-31 to 06-27] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

22:43:00 WinXP 60.237.215.10 (MESH.AD.JP):
NEC CORPORATION,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 5e442de5a7
NEW none[none] none:none
none|none none none

T:22:43:00 WinXP 219.160.206.42 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 210.245.211.11:65520 :proxima.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:chat-shqip.org
US:wr.mcboo.com
IL:dl.mcboo.com
US:dl.targetsaver.com
US:w3bs.chat-shqip.org
US:a.targetsaver.com
US:b103.mcboo.com
HK:210.245.211.11:65520
US:216.133.246.157:80
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
http
http
http
http
http
http
1401 lines Yeah : 1.8
profile none summary
tarball 25 of 33
13 of 33
25 of 33
27 of 33
17 of 33 215317b391
NEW
72ad569b0a
NEW
897d59617c
NEW
a014934a72
NEW
c4cbb2e5e5
NEW none[none]
none [none]
none [none]
none [none]
none [none] none:none
none:none
none:none
none:none
none:none
none|none
none|none
none|none
none|none
none|none none
none
none
none
none none
none
none
none
none

T:22:45:00 Win2K-f 122.16.239.192 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

22:47:00 Win2K-f 118.236.139.113 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

22:49:00 WinXP 124.86.145.115 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
29 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:22:50:00 WinXP 118.8.151.204 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

22:53:00 WinXP 219.160.206.42 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a :proxima.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 13 of 33 72ad569b0a
NEW none[none] none:none
none|none none none

T:22:53:00 Win2K-f 122.26.112.130 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox: 9 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:22:57:00 WinXP 61.203.196.192 (FCV.NE.JP):
THE FOUNDATION OF FUKUOKA CABLE VISION,
FUKUOKA, FUKUOKA, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox: 5 hits: 06-27 to 06-27] none[none] none:none
none|none none none

22:59:00 Win2K-f 91.66.33.107 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 31 of 33 d8a2d17ef8
NEW none[none] none:none
none|none none none

T:23:00:00 WinXP 217.227.92.70 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
DE. 210.245.211.11:65520 :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com
US:206.251.244.226:80
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
http
74 lines Yeah : 1.8
profile none summary
tarball 25 of 33
27 of 33
22 of 33 897d59617c
NEW
a014934a72
NEW
d48d7d0d4b
NEW none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

T:23:04:00 Win2K-f 122.30.103.69 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 210.245.211.11:65520 :proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com
US:206.251.244.226:80
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset ftp
irc
http
88 lines Yeah : 1.8
profile none summary
tarball 31 of 33
25 of 33
27 of 33 0dabcf7a6a
NEW
897d59617c
NEW
a014934a72
NEW none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

23:04:00 Win2K-f 63.18.136.192 (UU.NET):
UUNET TECHNOLOGIES INC,
CONNERSVILLE, INDIANA, US. n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
HK:210.245.211.11:65520
CZ:217.170.244.2:443
US:72.247.30.81:80
CZ:82.114.64.251:443 135 pcap raw alerts
ruleset other
98 lines Yeah : 1.3
profile none summary
tarball 31 of 33
28 of 32 4d80398b09
NEW
9bc67c754e
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:23:09:00 Win2K-f 122.133.161.148 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

23:12:00 WinXP 87.59.237.222 (ADSL-DHCP.TELE.DK):
TDC-TELEDANMARK-BREDBAANDSADSL-NET,
DK. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:3109 hits: 12-31 to 06-27] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:23:12:00 Win2K-f 60.32.38.122 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:23:14:00 WinXP 221.126.129.98 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a 445 pcap raw alerts
ruleset other
11 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:23:19:00 WinXP 209.213.27.104 (BACKROADS.NET):
BACKROADS INTERNET INC,
LAURENS, SOUTH CAROLINA, US. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:23:25:00 Win2K-f 92.10.28.22 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a :proxim.ircgalaxy.pl
HK:210.245.211.11:80 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 32 of 33 eab50c3dea
NEW none[none] none:none
none|none none none

23:27:00 WinXP 122.26.247.176 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 24 of 33 662706f23c
NEW none[none] none:none
none|none none none

23:37:00 Win2K-f 125.215.67.97 (PIKARA.NE.JP):
PIKARA(STNET INCORPORATED),
JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

23:38:00 WinXP 80.136.241.143 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
DE. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:80
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 31 of 33 5ca5ac8e03
NEW none[none] none:none
none|none none none

T:23:40:00 Win2K-f 222.234.180.79 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. 210.245.211.11:65520 :proxima.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:207.123.37.126:80
HK:210.245.211.11:65520 135 pcap raw alerts
ruleset http
irc
754 lines Yeah : 1.8
profile none summary
tarball 0 of 33
30 of 32
27 of 33
0 of 32 4c3df24b32
[Firefox:26 hits: 06-17 to 06-27]
8390780c27
[Firefox: 4 hits: 06-18 to 06-23]
a014934a72
NEW
b5919931fe
[Firefox:38 hits: 06-20 to 06-27] 4c3df24b32 [1]
none [4]
none [none]
b5919931fe[1] ASM:Graph
none:none
none:none
ASM:Graph
Armadillo|
tElock|
none|none
ASProtect| lines=81
none
none
lines=90 trace
trace
none
trace

T:23:41:00 WinXP 118.236.253.21 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 2be4b098c5
NEW none[none] none:none
none|none none none

T:23:50:00 WinXP 60.47.190.122 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 31 of 32 741e3b03b3
[Firefox:80 hits: 09-28 to 06-27] e0197e8a64 [0] ASM:Graph
none|none lines=62 trace

T:23:51:00 Win2K-f 220.106.251.56 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
OKINAWA, OKINAWA, JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

23:53:00 WinXP 220.106.251.56 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
OKINAWA, OKINAWA, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:12 hits: 06-27 to 06-27] none[none] none:none
none|none none none

T:23:59:00 Win2K-f 118.110.109.41 (-):
. 210.245.211.11:65520 US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com
IL:dl.mcboo.com
US:b156.mcboo.com
:proxima.ircgalaxy.pl
US:microsoft.com
118.110.109.41:21
US:206.71.190.187:80
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset shell
irc
http
85 lines Yeah : 1.8
profile none summary
tarball 25 of 33
27 of 33 897d59617c
NEW
a014934a72
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

23:59:00 Win2K-f 60.32.38.122 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
29 lines Yeah : 1.3
profile none summary
tarball none none none none none none none