Multiperspective Malware Analysis Page

Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

29 June 2008
<prev> <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]

Time
Victim
OS
Infection
Source
C&C
Server
DNS Lookups &
Failed Connects Infection
Port
Packet
Trace
Detection
Signatures
Infection
Chatter
BotHunter
Analysis
Behavioral
Cluster
Forensic
Logs
Antivirus
Labels
Packed Malware_Binary Unpacked egg.exe
Unpacked egg.asm
Packer PEID
Data Strings
Syscall Trace

00:10:00 WinXP 123.222.128.144 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

00:12:00 WinXP 92.47.253.240 (IKBCC.COM):
EU-ZZ,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:00:15:00 Win2K-f 91.196.53.253 (-):
PP KOM I TEX,
LVIV, L'VIVS'KA OBLAST', UA. 210.245.211.11:65520 HK:proxima.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:206.251.244.226:80
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset irc
6 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

00:16:00 WinXP 213.77.199.26 (TPNET.PL):
TELEKOMUNIKACJA POLSKA S.A. CST,
LUBLIN, LUBELSKIE, PL. n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:1367 hits: 12-31 to 06-28] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

T:00:21:00 Win2K-f 76.216.91.204 (SBCGLOBAL.NET):
PPPOX POOL - BRAS6.STLSMO,
DALLAS, TEXAS, US. n/a US:microsoft.com
US:download.microsoft.com
US:12.190.48.65:80
US:12.190.48.97:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:255 hits: 06-17 to 06-28]
a08f3b74a4
[Firefox:96 hits: 06-18 to 06-28] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

00:22:00 Win2K-f 122.19.146.101 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
32 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:00:23:00 Win2K-f 202.247.95.110 (MESH.AD.JP):
C&C INTERNET SERVICE MESH (NEC CORPORATION),
TOKYO, TOKYO, JP. 217.170.244.2:443
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
irc
29 lines Yeah : 1.8
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2762 hits: 12-31 to 06-28] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

T:00:26:00 WinXP 121.114.92.29 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:chat-shqip.org
US:wr.mcboo.com
US:w3bs.chat-shqip.org
US:206.251.244.226:80
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
http
70 lines Yeah : 1.8
profile none summary
tarball 31 of 33
25 of 33
27 of 33 851f546ec1
NEW
897d59617c
[Firefox:17 hits: 06-28 to 06-28]
a014934a72
[Firefox:19 hits: 06-28 to 06-28] none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

T:00:27:00 Win2K-f 122.29.93.162 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset ftp
irc
34 lines Yeah : 1.8
profile none summary
tarball 32 of 33 26ac4391e0
NEW none[none] none:none
none|none none none

00:28:00 Win2K-f 77.20.208.34 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 31 of 32 d601941576
NEW none[none] none:none
none|none none none

T:00:40:00 WinXP 118.105.191.112 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 505238d7ef
[Firefox: 2 hits: 06-28 to 06-28] none[none] none:none
none|none none none

00:40:00 WinXP 121.87.17.195 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. n/a HK:proxima.ircgalaxy.pl
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 7cf4ee51d1
NEW none[none] none:none
none|none none none

T:00:44:00 Win2K-f 118.160.16.204 (-):
. 217.170.244.2:443
CZ:217.170.244.2:443 445 pcap raw alerts
ruleset shell
ftp
irc
28 lines Yeah : 1.8
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2762 hits: 12-31 to 06-28] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

00:44:00 WinXP 213.55.66.177 (TELECOM.NET.ET):
ETHIOPIAN TELECOMMUNICATION CORPORATION,
ET. (DSL) n/a 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:00:56:00 WinXP 221.171.48.68 (MESH.AD.JP):
BIGLOBE-CIDR-BLK,
JP. n/a 445 pcap raw alerts
ruleset ftp
18 lines Yeah : 1.3
profile none summary
tarball 30 of 33 3c90603ba6
NEW none[none] none:none
none|none none none

T:00:57:00 Win2K-f 124.86.145.115 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:01:02:00 Win2K-f 203.136.71.84 (MESH.AD.JP):
C&C INTERNET SERVICE MESH (NEC CORPORATION),
JP. 217.170.244.2:443
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
irc
32 lines Yeah : 1.8
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2762 hits: 12-31 to 06-28] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

01:08:00 WinXP 118.236.21.22 (-):
. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 29 of 33 0d0fa96607
NEW none[none] none:none
none|none none none

01:09:00 Win2K-f 124.101.227.194 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 30 of 32 f996d83caa
NEW none[none] none:none
none|none none none

01:10:00 WinXP 83.131.91.23 (APEXCOVANTAGE.COM):
T-COM CROATIA INTERNET NETWORK,
ZAGREB, GRAD ZAGREB, HR. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
21 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:01:14:00 Win2K-f 119.11.35.209 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 13 of 33 f1b47fc2d7
NEW none[none] none:none
none|none none none

T:01:15:00 WinXP 125.102.38.55 (UCOM.NE.JP):
G-OS0025N,
JP. (100Mbps) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

01:16:00 Win2K-f 119.11.105.112 (-):
. n/a 445 pcap raw alerts
ruleset other
11 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:01:17:00 WinXP 4.246.225.92 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
SAN JOSE, CALIFORNIA, US. (DIAL) n/a 445 pcap raw alerts
ruleset shell
ftp
16 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:01:18:00 WinXP 71.104.25.56 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
POMONA, CALIFORNIA, US. (DSL) n/a US:microsoft.com
US:download.microsoft.com
US:192.221.99.126:80
US:198.78.220.126:80 135 pcap raw alerts
ruleset http
77 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32
0 of 33 53bfe15e91
[Firefox:255 hits: 06-17 to 06-28]
73f1082158
[Firefox:100 hits: 06-18 to 06-28]
e07c29c4ae
[Firefox:43 hits: 06-19 to 06-28] none[4]
73f1082158[1]
e07c29c4ae[1] none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
FSG| none
lines=81
lines=92 trace
trace
trace

01:18:00 WinXP 218.47.189.214 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:01:20:00 Win2K-f 91.65.63.196 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 91e65991e6
NEW none[none] none:none
none|none none none

T:01:33:00 Win2K-f 118.105.184.122 (-):
. 210.245.211.11:65520 US:ksn.a1001186.wrs.mcboo.com
:www.google.com
US:206.251.244.226:80
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset irc
http
13 lines Yeah : 0.8
profile none summary
tarball 27 of 33 a014934a72
[Firefox:19 hits: 06-28 to 06-28] none[none] none:none
none|none none none

01:34:00 WinXP 202.225.164.84 (MESH.AD.JP):
C&C INTERNET SERVICE MESH (NEC CORPORATION),
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 da7aac0dc4
[Firefox: 5 hits: 06-27 to 06-28] none[none] none:none
none|none none none

01:36:00 Win2K-f 79.64.5.129 (AS9105.COM):
TELINCO,
UK. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 17 of 33 0a35a43ec6
NEW none[none] none:none
none|none none none

01:36:00 WinXP 217.156.76.39 (CERNAVODA.RO):
SC GMB COMPUTERS SRL,
CONSTANTA, CONSTANTA, RO. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 18 of 33 4945afad6b
NEW none[none] none:none
none|none none none

01:37:00 WinXP 58.94.181.197 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 18 of 33 e442c80623
NEW none[none] none:none
none|none none none

T:01:38:00 WinXP 121.115.110.4 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
US:chat-shqip.org
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:w3bs.chat-shqip.org
US:wr.mcboo.com
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
http
78 lines Yeah : 1.8
profile none summary
tarball 18 of 33
25 of 33
27 of 33 4a64249404
NEW
897d59617c
[Firefox:17 hits: 06-28 to 06-28]
a014934a72
[Firefox:19 hits: 06-28 to 06-28] none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

T:01:41:00 Win2K-f 60.238.90.125 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

01:51:00 Win2K-f 123.254.41.91 (PIKARA.NE.JP):
STNET INCORPORATED,
TAKAMATSU, KAGAWA, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

01:51:00 WinXP 79.138.132.9 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 21 of 33 d78e9b7f39
NEW none[none] none:none
none|none none none

T:01:53:00 WinXP 118.6.245.46 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:01:54:00 WinXP 118.3.117.125 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

01:54:00 WinXP 123.218.197.240 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 18 of 33 034d808c86
NEW none[none] none:none
none|none none none

01:55:00 WinXP 60.41.247.190 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:01:56:00 WinXP 213.164.225.6 (ASTRAL.RO):
CABLE NETWORK BUCHAREST,
BUCHAREST, BUCURESTI, RO. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

01:59:00 Win2K-f 122.16.116.53 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 441f0704ba
NEW none[none] none:none
none|none none none

02:02:00 Win2K-f 61.98.210.126 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. n/a HK:proxima.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:192.221.110.126:80
US:204.160.126.124:80
HK:210.245.211.11:65520
US:4.23.60.126:80 135 pcap raw alerts
ruleset other
86 lines Yeah : 1.3
profile none summary
tarball 31 of 33
0 of 33 168aab35a3
[Firefox:17 hits: 06-17 to 06-28]
4c3df24b32
[Firefox:30 hits: 06-17 to 06-28] none[4]
4c3df24b32[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:02:03:00 Win2K-f 220.104.4.78 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:02:05:00 Win2K-f 119.11.99.85 (-):
. n/a 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 30 of 33 224fb398bc
NEW none[none] none:none
none|none none none

T:02:08:00 Win2K-f 213.202.51.91 (QUICKNET.CH):
QUICKNET IS AN ISP IN SWITZERLAND WITH A CABLEMODEM,
BERN, BERN, CH. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:02:11:00 WinXP 123.225.21.106 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
DE:dl2.teenpassage.com
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
30 lines Yeah : 1.8
profile none summary
tarball 32 of 33 dd3e6dd560
NEW none[none] none:none
none|none none none

02:17:00 WinXP 118.6.245.46 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:02:18:00 WinXP 82.244.60.115 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. n/a 445 pcap raw alerts
ruleset other
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

02:20:00 Win2K-f 125.197.187.142 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset other
23 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:02:20:00 Win2K-f 219.114.96.169 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

02:21:00 Win2K-f 119.11.107.147 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:02:32:00 WinXP 124.87.20.131 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 24 of 33 d9fbe3a265
NEW none[none] none:none
none|none none none

02:39:00 WinXP 121.83.120.122 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. n/a 445 pcap raw alerts
ruleset shell
ftp
16 lines Yeah : 1.3
profile none summary
tarball 32 of 32 03f912899b
[Firefox:21 hits: 12-14 to 06-24] 83893bd25d [0] ASM:Graph
none|none lines=65 trace

T:02:40:00 Win2K-f 125.192.215.107 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:02:41:00 Win2K-f 58.91.25.135 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
29 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

02:50:00 WinXP 220.107.231.220 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:02:59:00 Win2K-f 118.231.67.202 (-):
. 210.245.211.11:65520 217.170.244.2:443 HK:proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
HK:210.245.211.11:65520
CZ:217.170.244.2:443 445 pcap raw alerts
ruleset shell
ftp
irc
41 lines Yeah : 1.8
profile none summary
tarball 30 of 33 5744c2db04
NEW none[none] none:none
none|none none none

03:07:00 WinXP 58.88.186.239 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:03:07:00 WinXP 118.8.117.89 (-):
. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
US:chat-shqip.org
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:w3bs.chat-shqip.org
US:wr.mcboo.com
IL:dl.mcboo.com
IL:194.90.224.82:80
US:206.251.244.226:80
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
http
89 lines Yeah : 1.8
profile none summary
tarball 25 of 33
27 of 33
31 of 33 897d59617c
[Firefox:17 hits: 06-28 to 06-28]
a014934a72
[Firefox:19 hits: 06-28 to 06-28]
e7ca4ccf68
NEW none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

03:16:00 Win2K-f 124.100.43.182 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:03:18:00 WinXP 125.175.87.141 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
US:chat-shqip.org
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:w3bs.chat-shqip.org
US:wr.mcboo.com
US:206.251.244.226:80
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
http
80 lines Yeah : 1.8
profile none summary
tarball 25 of 33
27 of 33
32 of 33 897d59617c
[Firefox:17 hits: 06-28 to 06-28]
a014934a72
[Firefox:19 hits: 06-28 to 06-28]
fd01b2e27c
NEW none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

T:03:20:00 WinXP 91.64.155.93 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
BERLIN, BERLIN, DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:03:22:00 WinXP 119.11.69.49 (-):
. n/a RU:moscow-advokat.ru
SE:viking.dal.net
SE:broadway.ny.us.dal.net
:lulea.se.eu.undernet.org
:caen.fr.eu.undernet.org
NL:diemen.nl.eu.undernet.org
:flanders.be.eu.undernet.org
AT:graz.at.eu.undernet.org
SE:qis.md.us.dal.net
:brussels.be.eu.undernet.org
SE:ozbytes.dal.net 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 31 of 32 b903612498
NEW none[none] none:none
none|none none none

T:03:29:00 WinXP 81.41.100.28 (RIMA-TDE.NET):
TELEFONICA DE ESPANA SAU,
ES. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
20 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:03:34:00 Win2K-f 124.100.43.182 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

03:36:00 WinXP 41.214.133.221 (-):
. n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 d42c1cc7c0
[Firefox:308 hits: 05-01 to 06-27] af9ca5bed1 [0] ASM:Graph
PolyEnE| lines=54 trace

03:37:00 Win2K-f 122.135.201.176 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 da7aac0dc4
[Firefox: 5 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:03:40:00 Win2K-f 92.0.115.188 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. 210.245.211.11:65520 DE:dl2.teenpassage.com 445 pcap raw alerts
ruleset irc
11 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

03:41:00 Win2K-f 119.240.22.134 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:03:52:00 Win2K-f 88.134.156.228 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
29 lines Yeah : 1.3
profile none summary
tarball 24 of 32 81cf04503b
NEW none[none] none:none
none|none none none

03:52:00 Win2K-f 85.237.34.87 (SURA.RU):
PENZA-VT-DSL,
PENZA, PENZENSKAYA OBLAST', RU. (DSL) n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball 30 of 33 f9ec412d51
NEW none[none] none:none
none|none none none

03:54:00 Win2K-f 91.66.169.174 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 f7fe13b098
[Firefox: 2 hits: 06-28 to 06-28] none[none] none:none
none|none none none

03:57:00 WinXP 70.118.226.56 (RR.COM):
ROAD RUNNER HOLDCO LLC,
LAKELAND, FLORIDA, US. n/a 445 pcap raw alerts
ruleset http
1 line Argh : 0.3
profile none summary
tarball none none none none none none none

04:00:00 WinXP 118.236.207.140 (-):
. 72.10.172.218:9928 US:mx1.hotmail.com
SE:ftp.icq.com
US:yutunrz.1dumb.com
US:maila.microsoft.com
US:mailin-04.mx.aol.com
US:mailin-01.mx.aol.com
BE:ftp.scarlet.be
US:mcduii.3-a.net
:preek.oihduhdd.net
:jdjsloy.dynserv.com
**:wyqggvow.afraid.org
:nttstziinpa.hn.org
CA:teek.ihshsd8.com
US:fcnhysydw.yi.org
US:dlivmg.1dumb.com
US:neytteybbo.3-a.net
:fzzdik.dynserv.com
:pkvgzaecagx.afraid.org
:yraqztt.hn.org
US:kpxvrvdefs.yi.org
US:qeqfsvxousx.1dumb.com
US:imtoey.3-a.net
:jrscqsshxs.dynserv.com
CA:dong.nagitiriheiwu.net
:yjjtuvsro.afraid.org
:firradbqzku.hn.org
US:dgwigom.yi.org
US:mfltoqgqt.1dumb.com
US:ksfvgfrf.3-a.net
:uhqoyjlu.dynserv.com
:bdtjkffl.afraid.org
:ipurfbqpsdj.hn.org
US:orugtuapnzu.yi.org
US:gyssafafiq.1dumb.com
US:143.215.15.145:80
US:143.215.15.60:80
SE:209.170.96.108:80
CA:72.10.172.218:9928 445 pcap raw alerts
ruleset ftp
lanman
303 lines Yeah : 1.8
profile none summary
tarball 31 of 33 fea1c37724
NEW none[none] none:none
none|none none none

T:04:01:00 WinXP 122.24.207.69 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:04:07:00 Win2K-f 79.7.225.114 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA NET,
ROME, LAZIO, IT. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
21 lines Yeah : 1.3
profile none summary
tarball 10 of 33 4f3df56c30
NEW none[none] none:none
none|none none none

T:04:08:00 Win2K-f 92.16.115.126 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 21 of 33 b74424c3b5
NEW none[none] none:none
none|none none none

T:04:12:00 WinXP 116.40.146.212 (-):
LG POWERCOMM,
SEOUL, KYONGGI-DO, KR. n/a HK:proxima.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:192.221.110.125:80
US:198.78.220.124:80
US:207.123.37.126:80 135 pcap raw alerts
ruleset other
98 lines Yeah : 1.3
profile none summary
tarball 31 of 33
31 of 33 4ab2ecbc0f
NEW
65eb2e3aee
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

04:16:00 Win2K-f 91.65.223.23 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 12 of 33 d62bf3f6f7
NEW none[none] none:none
none|none none none

04:21:00 Win2K-f 121.87.115.49 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. n/a 445 pcap raw alerts
ruleset ftp
29 lines Yeah : 1.3
profile none summary
tarball 23 of 33 cf153403d1
[Firefox: 2 hits: 06-28 to 06-28] none[none] none:none
none|none none none

04:23:00 WinXP 118.3.186.85 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

04:23:00 WinXP 70.183.235.134 (COX.NET):
COX COMMUNICATIONS,
PENSACOLA, FLORIDA, US. n/a US:microsoft.com
US:download.microsoft.com
US:192.221.99.126:80
US:199.93.41.124:80
US:8.12.202.125:80 135 pcap raw alerts
ruleset other
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:255 hits: 06-17 to 06-28]
a08f3b74a4
[Firefox:96 hits: 06-18 to 06-28] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

04:24:00 WinXP 118.7.196.70 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:04:28:00 Win2K-f 116.122.234.42 (-):
HANARO TELECOM,
SEOUL, KYONGGI-DO, KR. n/a HK:proxima.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:192.221.110.126:80
US:199.93.46.124:80
US:205.128.79.124:80 135 pcap raw alerts
ruleset other
86 lines Yeah : 1.3
profile none summary
tarball 31 of 33
0 of 33 168aab35a3
[Firefox:17 hits: 06-17 to 06-28]
4c3df24b32
[Firefox:30 hits: 06-17 to 06-28] none[4]
4c3df24b32[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:04:32:00 WinXP 125.58.86.253 (-):
. n/a HK:proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:205.128.79.125:80
US:205.128.79.126:80
US:207.123.46.125:80 135 pcap raw alerts
ruleset other
113 lines Yeah : 1.3
profile none summary
tarball 30 of 33
31 of 33 6bcbfcd0e8
NEW
84d3354186
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:04:34:00 Win2K-f 217.237.83.175 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
TRIER, RHEINLAND-PFALZ, DE. n/a 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

04:36:00 Win2K-f 222.149.125.105 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxima.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 b6075d6a91
[Firefox: 2 hits: 06-27 to 06-28] none[none] none:none
none|none none none

04:36:00 Win2K-f 86.138.217.231 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
LONDON, ENGLAND, UK. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 93cc4c8baa
NEW none[none] none:none
none|none none none

T:04:39:00 WinXP 118.0.168.252 (-):
. n/a 445 pcap raw alerts
ruleset other
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:04:49:00 WinXP 217.219.15.231 (-):
SABA NAGHSHE JAHAN ISP,
IR. (DIAL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:04:52:00 Win2K-f 125.102.99.9 (UCOM.NE.JP):
N-HG0001U,
JP. (100Mbps) n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 31 of 33 d325cc7a49
NEW none[none] none:none
none|none none none

04:53:00 WinXP 118.236.55.244 (-):
. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 6fd1c4d3a9
NEW none[none] none:none
none|none none none

T:05:00:00 Win2K-f 86.168.26.83 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 24 of 33 4ce67d30a6
NEW none[none] none:none
none|none none none

T:05:04:00 Win2K-f 221.188.60.101 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 15 of 33 469fe9f8af
NEW none[none] none:none
none|none none none

05:08:00 WinXP 81.41.232.133 (RIMA-TDE.NET):
TELEFONICA DE ESPANA SAU,
CASTELLóN DE LA PLANA, VALENCIA, ES. n/a 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball 4 of 33 85e570b100
NEW none[none] none:none
none|none none none

05:11:00 WinXP 122.18.25.19 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 31 of 33 287b27516c
NEW none[none] none:none
none|none none none

05:11:00 WinXP 81.152.48.8 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
LONDON, ENGLAND, UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

05:13:00 WinXP 82.155.7.45 (STATIC-B5-253-10.TELEPAC.PT):
TELEPAC - COMUNICACOES INTERACTIVAS SA,
LISBON, LISBOA, PT. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 13 of 33 ffb3b175e5
[Firefox: 2 hits: 06-27 to 06-28] none[none] none:none
none|none none none

05:16:00 Win2K-f 60.44.111.193 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset other
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:05:16:00 Win2K-f 218.47.94.96 (PLALA.OR.JP):
PLALA NETWORKS INC,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

05:17:00 Win2K-f 217.201.192.189 (-):
TELECOM ITALIA MOBILE,
IT. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
18 lines Yeah : 1.3
profile none summary
tarball 30 of 33 1990417914
NEW none[none] none:none
none|none none none

T:05:23:00 WinXP 58.89.61.41 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
29 lines Yeah : 1.3
profile none summary
tarball 17 of 32 b169ddd225
NEW none[none] none:none
none|none none none

T:05:32:00 Win2K-f 88.134.144.237 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
BEXBACH, SAARLAND, DE. n/a 445 pcap raw alerts
ruleset other
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

05:33:00 WinXP 119.72.95.232 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 c5149fa42d
NEW none[none] none:none
none|none none none

T:05:36:00 WinXP 118.108.5.248 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 13 of 33 45df3ad120
NEW none[none] none:none
none|none none none

05:38:00 WinXP 118.236.171.12 (-):
. n/a 445 pcap raw alerts
ruleset other
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

05:39:00 Win2K-f 217.94.234.138 (T-DIALIN.NET):
DEUTSCHE TELEKOM AG,
STUTTGART, BADEN-WURTTEMBERG, DE. (DIAL) n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 30 of 33 1ba3d9d3e8
NEW none[none] none:none
none|none none none

05:41:00 Win2K-f 124.195.158.46 (-):
. n/a US:microsoft.com
HK:proxim.ircgalaxy.pl
US:download.microsoft.com
US:12.190.48.65:80
US:12.190.48.97:80 135 pcap raw alerts
ruleset other
113 lines Yeah : 1.3
profile none summary
tarball 28 of 33
32 of 33 0dea508235
NEW
c5f0f47d5c
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:05:41:00 WinXP 122.26.34.184 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:05:47:00 Win2K-f 221.189.70.122 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:05:48:00 WinXP 92.227.190.197 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:05:51:00 Win2K-f 217.184.150.119 (MEDIAWAYS.NET):
VARIOUS ONLINE SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
22 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

05:53:00 WinXP 92.23.9.155 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 32 aadc4f43de
NEW none[none] none:none
none|none none none

05:54:00 WinXP 91.113.21.20 (TELEKOM.AT):
HIGHWAY CUSTOMERS,
VIENNA, WIEN, AT. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:06:00:00 WinXP 200.139.100.138 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a HK:proxim.ircgalaxy.pl
UA:citi-bank.ru
EU:kidos-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 32 of 33 cd43f33285
NEW none[none] none:none
none|none none none

06:02:00 Win2K-f 82.239.223.132 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 16 of 33 59e003d98c
NEW none[none] none:none
none|none none none

T:06:07:00 WinXP 118.240.191.90 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

06:11:00 Win2K-f 92.40.238.101 (IKBCC.COM):
EU-ZZ,
UK. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
18 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2762 hits: 12-31 to 06-28] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

06:13:00 WinXP 118.236.234.20 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 23 of 33 3b05a7e449
NEW none[none] none:none
none|none none none

T:06:13:00 Win2K-f 203.67.193.177 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2762 hits: 12-31 to 06-28] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

06:17:00 Win2K-f 121.84.122.30 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. n/a US:chat-shqip.org
HK:proxim.ircgalaxy.pl
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset other
24 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:06:20:00 Win2K-f 118.7.137.40 (-):
. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:06:22:00 WinXP 119.72.95.232 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 c5149fa42d
NEW none[none] none:none
none|none none none

06:23:00 WinXP 122.30.6.168 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 165df82815
NEW none[none] none:none
none|none none none

06:25:00 Win2K-f 91.66.219.151 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 31 of 33 e0812519e4
NEW none[none] none:none
none|none none none

T:06:26:00 Win2K-f 222.234.181.4 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a US:microsoft.com
US:download.microsoft.com
US:12.190.48.65:80
US:12.190.48.97:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 0 of 33
33 of 33 4c3df24b32
[Firefox:30 hits: 06-17 to 06-28]
53bfe15e91
[Firefox:255 hits: 06-17 to 06-28] 4c3df24b32 [1]
none [4] ASM:Graph
none:none
Armadillo|
tElock| lines=81
none trace
trace

T:06:28:00 Win2K-f 221.190.201.212 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 11 of 32 66e8e64289
NEW none[none] none:none
none|none none none

T:06:30:00 WinXP 122.17.62.67 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 13 of 33 450e12e7a8
NEW none[none] none:none
none|none none none

06:33:00 WinXP 123.217.248.15 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 12 of 32 91653172e0
NEW none[none] none:none
none|none none none

06:34:00 WinXP 92.0.150.15 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 31 of 33 9d3a237d80
NEW none[none] none:none
none|none none none

T:06:35:00 WinXP 222.144.114.79 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 479d8f872a
NEW none[none] none:none
none|none none none

T:06:36:00 Win2K-f 123.217.88.239 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

06:37:00 Win2K-f 91.141.111.87 (I-ONE.AT):
NETWORK OF ONE GMBH,
VIENNA, WIEN, AT. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:06:40:00 Win2K-f 61.224.92.196 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a 445 pcap raw alerts
ruleset shell
ftp
16 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

06:42:00 WinXP 124.86.142.90 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 8 of 33 b2fae7acd0
NEW none[none] none:none
none|none none none

06:50:00 Win2K-f 118.105.198.34 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 505238d7ef
[Firefox: 2 hits: 06-28 to 06-28] none[none] none:none
none|none none none

06:52:00 WinXP 122.134.70.184 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 083800cc78
NEW none[none] none:none
none|none none none

T:07:01:00 WinXP 83.135.227.132 (VERSANET.DE):
VERSATEL DEUTSCHLAND DYNAMIC POOL,
HERNE, NORDRHEIN-WESTFALEN, DE. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
41 lines Yeah : 1.8
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

07:02:00 WinXP 217.42.145.34 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
LONDON, ENGLAND, UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

07:05:00 Win2K-f 70.61.108.121 (RR.COM):
ROAD RUNNER HOLDCO LLC,
CHARLOTTE, NORTH CAROLINA, US. n/a US:microsoft.com
US:download.microsoft.com
US:12.190.48.65:80
US:12.190.48.97:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:255 hits: 06-17 to 06-28]
73f1082158
[Firefox:100 hits: 06-18 to 06-28] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:07:09:00 Win2K-f 24.80.202.170 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
NORTH VANCOUVER, BRITISH COLUMBIA, CA. (DSL) n/a HK:proxim.ircgalaxy.pl 135 pcap raw alerts
ruleset other
266 lines Yeah : 1.3
profile none summary
tarball 29 of 32 e759d2b517
[Firefox: 2 hits: 06-21 to 06-23] none[4] none:none
PolyEnE| none trace

07:10:00 WinXP 221.190.201.212 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 11 of 32 66e8e64289
NEW none[none] none:none
none|none none none

07:14:00 WinXP 125.192.237.239 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 09a2bc6aad
NEW none[none] none:none
none|none none none

T:07:17:00 Win2K-f 121.116.119.89 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
39 lines Yeah : 1.8
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

07:21:00 WinXP 81.129.129.247 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
SWINDON, ENGLAND, UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

07:22:00 Win2K-f 83.171.136.41 (HERZOMEDIA.DE):
HERZO MEDIA GMBH & CO.KG,
DE. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 30 of 33 4066a6423d
NEW none[none] none:none
none|none none none

T:07:23:00 WinXP 222.144.171.47 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset other
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:07:24:00 WinXP 86.148.119.205 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
LONDON, ENGLAND, UK. (100Mbps) 69.247.147.113:13001 HK:proxim.ircgalaxy.pl
US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
41 lines Yeah : 1.8
profile none summary
tarball 30 of 33 93cc4c8baa
NEW none[none] none:none
none|none none none

07:24:00 Win2K-f 116.80.58.199 (INFOWEB.NE.JP):
INFOWEB(FUJITSU LTD.),
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

07:30:00 WinXP 203.164.142.189 (OPTUSNET.COM.AU):
@HOME NETWORK AUSTRALIA,
PERTH, WESTERN AUSTRALIA, AU. (DIAL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
18 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:07:34:00 Win2K-f 122.29.191.116 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
36 lines Yeah : 1.8
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:07:36:00 Win2K-f 81.9.231.4 (CM-81-9-211-10.TELECABLE.ES):
TELECABLE,
OVIEDO, ASTURIAS, ES. (DSL) n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 22 of 33 148dec8a2b
NEW none[none] none:none
none|none none none

T:07:41:00 WinXP 92.19.74.2 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
41 lines Yeah : 1.8
profile none summary
tarball 20 of 33 962e6b9fcf
NEW none[none] none:none
none|none none none

T:07:41:00 WinXP 124.102.64.187 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
40 lines Yeah : 1.8
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

07:47:00 WinXP 89.245.206.2 (VERSANETONLINE.DE):
VERSATEL NORD-DEUTSCHLAND GMBH,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

07:48:00 Win2K-f 123.224.133.217 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 32 of 33 26ac4391e0
NEW none[none] none:none
none|none none none

07:49:00 Win2K-f 118.8.167.172 (-):
. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 78396cddf0
NEW none[none] none:none
none|none none none

T:07:50:00 Win2K-f 88.111.209.5 (AS9105.COM):
TISCALI UK LTD,
STOKE ON TRENT, ENGLAND, UK. (DSL) n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:07:51:00 WinXP 122.18.119.175 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 69.247.147.113:13001 US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
42 lines Yeah : 1.8
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:07:57:00 WinXP 81.129.129.247 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
SWINDON, ENGLAND, UK. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
42 lines Yeah : 1.8
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

08:07:00 WinXP 220.111.56.40 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxima.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 13 of 33 070ee4dae5
NEW none[none] none:none
none|none none none

08:09:00 WinXP 211.244.26.117 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. n/a HK:proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:128.241.218.26:80
US:128.241.218.48:80
US:128.241.218.49:80 135 pcap raw alerts
ruleset other
136 lines Yeah : 1.3
profile none summary
tarball 30 of 33
31 of 33 87bd0a062f
NEW
c7d6018f97
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

08:12:00 Win2K-f 118.236.7.177 (-):
. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 d15990ad24
NEW none[none] none:none
none|none none none

08:14:00 Win2K-f 221.127.140.193 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:08:17:00 Win2K-f 213.25.120.147 (-):
TELEWIZJA KABLOWA SWIDNIK SP. Z O.O,
PL. n/a 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball 20 of 32 131351dd21
[Firefox: 6 hits: 05-22 to 06-24] none[4] none:none
none|none none trace

T:08:18:00 Win2K-f 60.239.29.183 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 702fe1335a
NEW none[none] none:none
none|none none none

T:08:18:00 WinXP 80.223.98.22 (INET.FI):
BROADBAND ACCESS POOL,
HELSINKI, ETELA-SUOMEN LAANI, FI. (DSL) n/a HK:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 32 of 33 78b29f38ed
NEW none[none] none:none
none|none none none

08:18:00 WinXP 222.144.60.10 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

08:20:00 Win2K-f 92.8.182.49 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 12 of 33 9a32965bc8
[Firefox: 3 hits: 06-28 to 06-28] none[none] none:none
none|none none none

T:08:22:00 WinXP 81.70.136.140 (WANADOO.NL):
WANADOO NEDERLAND BV,
AMSTERDAM, NOORD-HOLLAND, NL. (DSL) 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
42 lines Yeah : 1.8
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:08:23:00 WinXP 122.132.159.147 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
44 lines Yeah : 1.8
profile none summary
tarball 21 of 33 b1bcfb40a8
NEW none[none] none:none
none|none none none

T:08:27:00 WinXP 217.94.252.149 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
STUTTGART, BADEN-WURTTEMBERG, DE. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
104 lines Yeah : 1.8
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:08:36:00 WinXP 82.48.93.136 (POOL8248.INTERBUSINESS.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
MILANO, LOMBARDIA, IT. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
40 lines Yeah : 1.8
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

08:37:00 WinXP 122.27.13.98 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 b333d29ff7
NEW none[none] none:none
none|none none none

T:08:37:00 Win2K-f 78.145.170.2 (-):
OPAL TELECOM DSL,
UK. n/a 445 pcap raw alerts
ruleset ftp
31 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

08:38:00 WinXP 217.94.252.149 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
STUTTGART, BADEN-WURTTEMBERG, DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
22 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

08:39:00 WinXP 88.111.209.5 (AS9105.COM):
TISCALI UK LTD,
STOKE ON TRENT, ENGLAND, UK. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:08:39:00 WinXP 122.18.19.86 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

08:39:00 WinXP 118.1.176.236 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 466b5ff6e0
NEW none[none] none:none
none|none none none

T:08:45:00 Win2K-f 119.72.11.184 (-):
. n/a 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 24 of 33 b0e611cca4
NEW none[none] none:none
none|none none none

T:08:50:00 WinXP 125.196.133.141 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 8e220829dc
NEW none[none] none:none
none|none none none

T:08:50:00 WinXP 221.170.212.17 (MESH.AD.JP):
BIGLOBE-CIDR-BLK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

08:51:00 Win2K-f 80.171.54.202 (HANSENET.DE):
HANSENET-ADSL,
HAMBURG, HAMBURG, DE. (DSL) n/a HK:proxim.ircgalaxy.pl
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 31 of 33 15c51f8f01
NEW none[none] none:none
none|none none none

08:56:00 Win2K-f 120.75.189.236 (-):
. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

08:57:00 Win2K-f 85.177.55.26 (ALICEDSL.DE):
HANSENET-ADSL,
HAMBURG, HAMBURG, DE. (DSL) n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 a2d2bcffc5
NEW none[none] none:none
none|none none none

08:58:00 WinXP 92.6.57.60 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 22 of 32 9147cf1a69
NEW none[none] none:none
none|none none none

T:08:58:00 Win2K-f 83.135.77.94 (VERSANET.DE):
VERSATEL DEUTSCHLAND DYNAMIC POOL,
MARL, NORDRHEIN-WESTFALEN, DE. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 30 of 33 8f4766b585
NEW none[none] none:none
none|none none none

T:09:04:00 Win2K-f 203.136.131.28 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 30 of 33 23e7f9f4b4
NEW none[none] none:none
none|none none none

T:09:11:00 WinXP 79.36.69.231 (SRC.ORG):
TELECOM ITALIA NET,
ROME, LAZIO, IT. n/a 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 29 of 29 831f4ee0a7
[Firefox:665 hits: 07-11 to 06-28] eb7546c600 [0] ASM:Graph
none|none lines=61 trace

09:11:00 Win2K-f 124.85.201.23 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

09:13:00 WinXP 86.162.59.94 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 25 of 33 b01772eda8
[Firefox: 2 hits: 06-28 to 06-28] none[none] none:none
none|none none none

09:14:00 Win2K-f 85.243.83.158 (DSL.TELEPAC.PT):
PT.COM - COMUNICACOES INTERACTIVAS S.A,
LEIRIA, LEIRIA, PT. (DSL) n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 13 of 33 ffb3b175e5
[Firefox: 2 hits: 06-27 to 06-28] none[none] none:none
none|none none none

09:16:00 WinXP 86.143.68.11 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
LUTON, ENGLAND, UK. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 31 of 32 cce9566ceb
[Firefox:10 hits: 06-12 to 06-25] none[4] none:none
PolyEnE| none trace

09:17:00 Win2K-f 85.178.43.206 (ALICEDSL.DE):
HANSENET-ADSL,
BERLIN, BERLIN, DE. (DSL) n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 19 of 33 46c25f289b
NEW none[none] none:none
none|none none none

T:09:21:00 Win2K-f 82.103.195.131 (ELISA-LAAJAKAISTA.FI):
JYVASVIESTIN-NET,
FI. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 16375c2ee8
NEW none[none] none:none
none|none none none

T:09:22:00 WinXP 91.65.2.230 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 24376e4bba
[Firefox: 2 hits: 06-28 to 06-28] none[none] none:none
none|none none none

T:09:24:00 Win2K-f 216.10.169.235 (WISPNET.NET):
WISPNET LLC,
JACKSONVILLE, NORTH CAROLINA, US. n/a 135 pcap raw alerts
ruleset other
3 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

09:30:00 WinXP 88.134.30.15 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 25 of 33 7cd27b3b41
NEW none[none] none:none
none|none none none

09:33:00 Win2K-f 88.180.237.79 (PROXAD.NET):
PROXAD / FREE SAS,
FR. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 23 of 33 17394b6b7e
NEW none[none] none:none
none|none none none

T:09:41:00 Win2K-f 125.192.92.99 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 25 of 33 80205569e9
NEW none[none] none:none
none|none none none

T:09:45:00 Win2K-f 80.90.163.120 (DIAL3-10.DOOSA.JO):
DIALUP FASTLINKDATA JORDAN,
JO. (DIAL) n/a 445 pcap raw alerts
ruleset ftp
18 lines Yeah : 1.3
profile none summary
tarball 32 of 33 de862aa1d2
NEW none[none] none:none
none|none none none

09:51:00 WinXP 222.233.118.247 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a HK:proxima.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:198.78.220.124:80
US:205.128.66.124:80
US:205.128.79.124:80 135 pcap raw alerts
ruleset other
86 lines Yeah : 1.3
profile none summary
tarball 0 of 33
30 of 32 4c3df24b32
[Firefox:30 hits: 06-17 to 06-28]
8390780c27
[Firefox: 5 hits: 06-18 to 06-28] 4c3df24b32 [1]
none [4] ASM:Graph
none:none
Armadillo|
tElock| lines=81
none trace
trace

09:52:00 Win2K-f 83.135.193.65 (VERSANET.DE):
VERSATEL DEUTSCHLAND DYNAMIC POOL,
BIELEFELD, NORDRHEIN-WESTFALEN, DE. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 563cef120f
NEW none[none] none:none
none|none none none

10:00:00 Win2K-f 124.84.27.157 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:10:00:00 Win2K-f 12.35.57.156 (-):
RENAISSANCE DOWNTOWN ATLANTA,
ATLANTA, GEORGIA, US. (100Mbps) n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 31 of 33 5816235b2b
NEW none[none] none:none
none|none none none

T:10:02:00 WinXP 118.240.160.41 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:10:02:00 Win2K-f 124.86.87.178 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 3440a48074
NEW none[none] none:none
none|none none none

T:10:05:00 Win2K-f 78.97.160.242 (ASTRAL.RO):
ASTRAL TELECOM SA,
RO. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

10:07:00 Win2K-f 59.115.117.197 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
18 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2762 hits: 12-31 to 06-28] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

T:10:09:00 Win2K-f 217.19.121.216 (RUNEXT.COM):
PROVIDER LOCAL REGISTRY,
RU. n/a 445 pcap raw alerts
ruleset ftp
40 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

10:11:00 WinXP 118.10.246.126 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
33 lines Yeah : 1.3
profile none summary
tarball 11 of 33 efbbaec38e
NEW none[none] none:none
none|none none none

T:10:13:00 WinXP 118.236.245.118 (-):
. n/a 445 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 32 of 32 93385541f3
[Firefox: 2 hits: 06-22 to 06-22] none[4] none:none
none|none none trace

T:10:16:00 WinXP 62.11.86.187 (DIALUP.TISCALI.IT):
TISCALI ITALIA SPA,
GENOA, LIGURIA, IT. (DIAL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
19 lines Yeah : 1.3
profile none summary
tarball 12 of 33 da8a2c503d
NEW none[none] none:none
none|none none none

T:10:48:00 Win2K-f 92.40.31.178 (IKBCC.COM):
EU-ZZ,
UK. 217.170.244.2:443 HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset shell
ftp
irc
30 lines Yeah : 1.8
profile none summary
tarball 31 of 33 9861192127
NEW none[4] none:none
FSG| none trace

T:11:02:00 Win2K-f 66.88.98.162 (XO.NET):
XO COMMUNICATIONS,
HOLLYWOOD, FLORIDA, US. n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
77 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:255 hits: 06-17 to 06-28]
73f1082158
[Firefox:100 hits: 06-18 to 06-28] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:11:04:00 WinXP 118.171.198.187 (-):
. n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 31 of 33 58b271f46b
NEW none[none] none:none
none|none none none

T:11:13:00 WinXP 118.7.88.154 (-):
. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 31 of 32 741e3b03b3
[Firefox:82 hits: 09-28 to 06-28] e0197e8a64 [0] ASM:Graph
none|none lines=62 trace

T:11:26:00 Win2K-f 87.9.153.142 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
MILANO, LOMBARDIA, IT. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 4f3df56c30
NEW none[none] none:none
none|none none none

T:11:26:00 WinXP 24.26.195.199 (RR.COM):
ROAD RUNNER HOLDCO LLC,
TEMPLE, TEXAS, US. n/a DE:siliconfireware.ru
US:searchportal.information.com
DE:ebookfinaltrash.ru
:wpad
US:sprw.information.com
US:spi.domainsponsor.com
GB:new.egg.com
US:208.73.212.12:80
DE:212.227.111.29:80
DE:217.11.54.126:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
http
http
9 lines Yeah : 0.8
profile none summary
tarball 29 of 29 a12cab51ef
[Firefox:1077 hits: 05-01 to 06-28] 40f7f463c4 [0] ASM:Graph
ASPack| lines=281
embedded dns trace

11:26:00 Win2K-f 122.133.160.244 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
33 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

11:27:00 WinXP 118.218.141.71 (-):
. n/a HK:proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:12.190.48.65:80
US:12.190.48.97:80 135 pcap raw alerts
ruleset other
113 lines Yeah : 1.3
profile none summary
tarball 29 of 32
28 of 32 8a75955033
[Firefox: 4 hits: 06-20 to 06-27]
9276c8b36b
[Firefox: 4 hits: 06-20 to 06-27] none[4]
9276c8b36b[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

11:44:00 WinXP 4.131.76.64 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
US. (DIAL) n/a 445 pcap raw alerts
ruleset ftp
13 lines Yeah : 0.8
profile none summary
tarball 30 of 33 9d77b4ca8e
NEW none[none] none:none
none|none none none

12:02:00 WinXP 86.134.46.162 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
LONDON, ENGLAND, UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

12:04:00 WinXP 213.76.154.12 (LANNET.PL):
LANNET S.C. W. KOMALA Z. LOMPERTA,
WARSAW, MAZOWIECKIE, PL. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 8d51183047
NEW none[none] none:none
none|none none none

T:12:07:00 WinXP 92.11.33.198 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 24 of 33 e7d019dc04
NEW none[none] none:none
none|none none none

12:07:00 WinXP 99.250.219.254 (STERLINGSTUDENTS.NET):
ROGERS CABLE COMMUNICATIONS INC,
CA. 67.43.236.66:8080 72.10.172.211:8080 CA:xx.ka3ek.com
CA:xx.sqlteam.info
CA:xx.enterhere.biz
CA:67.43.226.242:8080
CA:67.43.236.66:8080
CA:67.43.236.98:1863
CA:67.43.236.98:5190
CA:67.43.236.99:1863
CA:67.43.236.99:5190
CA:72.10.172.211:8080 135 pcap raw alerts
ruleset other
184 lines Yeah : 1.8
profile none summary
tarball 32 of 33 706e697ed5
NEW none[4] none:none
PolyEnE| none trace

12:12:00 Win2K-f 92.4.234.4 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:12:16:00 WinXP 92.40.53.206 (IKBCC.COM):
EU-ZZ,
UK. n/a DE:siliconfireware.ru
US:searchportal.information.com
US:sprw.information.com
US:spi.domainsponsor.com
:www.proxy-socks.net
:wpad 445 pcap raw alerts
ruleset http
http
http
15 lines Yeah : 0.8
profile none summary
tarball 29 of 29 a12cab51ef
[Firefox:1077 hits: 05-01 to 06-28] 40f7f463c4 [0] ASM:Graph
ASPack| lines=281
embedded dns trace

12:20:00 WinXP 4.160.30.185 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
CINCINNATI, OHIO, US. (DIAL) n/a HK:proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:192.221.99.126:80
US:206.33.45.125:80
US:207.123.37.125:80 135 pcap raw alerts
ruleset other
117 lines Yeah : 1.3
profile none summary
tarball 28 of 32
32 of 33 3de203ea5f
NEW
b7a261daf6
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:12:24:00 Win2K-f 78.145.232.241 (-):
OPAL TELECOM DSL,
UK. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:12:29:00 Win2K-f 77.57.107.40 (SOLPA.NET):
CABLECOM,
ZURICH, ZURICH, CH. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
33 lines Yeah : 1.3
profile none summary
tarball 23 of 33 11bbc40daa
NEW none[none] none:none
none|none none none

12:29:00 Win2K-f 82.154.222.129 (DSL.TELEPAC.PT):
TELEPAC - COMUNICACOES INTERACTIVAS SA,
COIMBRA, COIMBRA, PT. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 13 of 33 ffb3b175e5
[Firefox: 2 hits: 06-27 to 06-28] none[none] none:none
none|none none none

12:32:00 Win2K-f 24.137.116.124 (EASTLINK.CA):
EASTLINK,
DARTMOUTH, NOVA SCOTIA, CA. n/a US:microsoft.com
US:download.microsoft.com
US:199.93.41.124:80
US:205.128.66.126:80
US:207.123.46.126:80 135 pcap raw alerts
ruleset other
195 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:255 hits: 06-17 to 06-28]
a08f3b74a4
[Firefox:96 hits: 06-18 to 06-28] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

12:33:00 Win2K-f 122.24.207.69 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
29 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:12:37:00 WinXP 151.118.180.178 (QWEST.NET):
QWEST BROADBAND,
PHOENIX, ARIZONA, US. n/a EU:siliconfireware.ru
:wpad
US:searchportal.information.com
US:sprw.information.com
US:spi.domainsponsor.com 445 pcap raw alerts
ruleset http
http
8 lines Yeah : 0.8
profile none summary
tarball 29 of 29
0 of 33 a12cab51ef
[Firefox:1077 hits: 05-01 to 06-28]
c2d75eb49d
NEW 40f7f463c4 [0]
none [none] ASM:Graph
none:none
ASPack|
none|none lines=281
embedded dns
none trace
none

T:12:44:00 Win2K-f 118.8.85.196 (-):
. n/a 445 pcap raw alerts
ruleset other
15 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

12:47:00 WinXP 85.179.194.67 (ALICEDSL.DE):
HANSENET-ADSL,
DE. n/a 445 pcap raw alerts
ruleset other
8 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

12:55:00 Win2K-f 122.24.223.32 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 13 of 33 b4c8bceb2c
NEW none[none] none:none
none|none none none

T:12:56:00 WinXP 85.181.47.204 (ALICEDSL.DE):
HANSENET-ADSL,
MUNICH, BAYERN, DE. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:12:58:00 WinXP 98.30.146.23 (-):
. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 3ae357d17b
[Firefox:725 hits: 05-01 to 06-28] 462a7be171 [0] ASM:Graph
PolyEnE| lines=73 trace

T:12:59:00 Win2K-f 78.8.20.190 (NET.PL):
DIALOG,
WROCLAW, DOLNOSLASKIE, PL. n/a 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:13:03:00 WinXP 92.9.171.98 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 24 of 33 e7d019dc04
NEW none[none] none:none
none|none none none

13:08:00 Win2K-f 92.0.56.12 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a 445 pcap raw alerts
ruleset ftp
31 lines Yeah : 1.3
profile none summary
tarball 26 of 33 b96c53aded
[Firefox: 2 hits: 06-28 to 06-28] none[none] none:none
none|none none none

13:21:00 Win2K-f 217.43.111.133 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
INVERKEITHING, SCOTLAND, UK. n/a 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:13:22:00 WinXP 217.43.111.133 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
INVERKEITHING, SCOTLAND, UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
21 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:13:24:00 Win2K-f 77.195.248.55 (GAOLAND.NET):
DYNAMIC POOLS,
FR. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 31 of 33 edf948f8e3
NEW none[none] none:none
none|none none none

T:13:28:00 Win2K-f 118.236.131.213 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:13:32:00 Win2K-f 122.27.9.22 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 b333d29ff7
NEW none[none] none:none
none|none none none

13:38:00 Win2K-f 91.64.239.2 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 32 of 33 9330df0c37
NEW none[none] none:none
none|none none none

13:40:00 Win2K-f 88.134.176.39 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 530856613e
NEW none[none] none:none
none|none none none

13:45:00 WinXP 92.10.62.103 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 24 of 32 efea546adb
NEW none[none] none:none
none|none none none

13:46:00 Win2K-f 122.27.9.22 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 31 of 33 b333d29ff7
NEW none[none] none:none
none|none none none

T:13:46:00 WinXP 118.105.185.120 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 505238d7ef
[Firefox: 2 hits: 06-28 to 06-28] none[none] none:none
none|none none none

13:53:00 Win2K-f 118.236.80.49 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

13:55:00 Win2K-f 82.234.57.200 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. n/a 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 31 of 33 829052414a
NEW none[none] none:none
none|none none none

T:13:56:00 Win2K-f 217.10.113.33 (NETATONCE.NET):
HULTSFRED ADSL,
HULTSFRED, KALMAR, SE. (100Mbps) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 13 of 33 ffb3b175e5
[Firefox: 2 hits: 06-27 to 06-28] none[none] none:none
none|none none none

14:09:00 WinXP 89.242.100.86 (-):
OPAL TELECOM DSL,
LONDON, ENGLAND, UK. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 3f8d1c3246
NEW none[none] none:none
none|none none none

T:14:11:00 Win2K-f 24.189.171.29 (OPTONLINE.NET):
OPTIMUM ONLINE (CABLEVISION SYSTEMS),
UNIONDALE, NEW YORK, US. n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32
0 of 32 53bfe15e91
[Firefox:255 hits: 06-17 to 06-28]
73f1082158
[Firefox:100 hits: 06-18 to 06-28]
b5919931fe
[Firefox:39 hits: 06-20 to 06-28] none[4]
73f1082158[1]
b5919931fe[1] none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
ASProtect| none
lines=81
lines=90 trace
trace
trace

14:13:00 Win2K-f 208.75.153.248 (DISCOVER-NET.NET):
DISCOVERNET,
EAU CLAIRE, WISCONSIN, US. n/a US:microsoft.com
US:download.microsoft.com
US:12.190.48.65:80
US:12.190.48.97:80 135 pcap raw alerts
ruleset other
59 lines Yeah : 1.3
profile none summary
tarball 33 of 33
8 of 33 53bfe15e91
[Firefox:255 hits: 06-17 to 06-28]
b7082104e4
[Firefox:16 hits: 06-18 to 06-28] none[4]
none [4] none:none
none:none
tElock|
tElock| none
none trace
trace

T:14:13:00 Win2K-f 61.12.218.216 (YOURNET.NE.JP):
FREEBIT CO. LTD,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:14:14:00 Win2K-f 61.215.237.80 (CTT.NE.JP):
CABLE TELEVISION TOYAMA INCORPORETED,
TOYAMA, TOYAMA, JP. n/a US:microsoft.com
HK:proxim.ircgalaxy.pl
US:download.microsoft.com 135 pcap raw alerts
ruleset http
114 lines Yeah : 1.3
profile none summary
tarball 32 of 33
0 of 32
30 of 33 88d78cb9b5
NEW
b5919931fe
[Firefox:39 hits: 06-20 to 06-28]
da7db6010c
NEW none[none]
b5919931fe[1]
none [none] none:none
ASM:Graph
none:none
none|none
ASProtect|
none|none none
lines=90
none none
trace
none

14:16:00 WinXP 81.151.58.222 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
OXFORD, ENGLAND, UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

14:24:00 WinXP 217.201.77.103 (-):
TELECOM ITALIA MOBILE,
IT. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 28 of 33 a9c8d121f2
[Firefox: 2 hits: 06-28 to 06-28] none[none] none:none
none|none none none

T:14:29:00 Win2K-f 4.225.212.198 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
LOVELAND, COLORADO, US. (DIAL) n/a 445 pcap raw alerts
ruleset shell
ftp
23 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

14:40:00 WinXP 88.28.33.68 (RIMA-TDE.NET):
TELEFONICA MOVILES ESPANA (NCC#2007041930),
ES. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 16 of 33 18824e40b2
NEW none[none] none:none
none|none none none

T:14:48:00 WinXP 71.135.35.238 (PACBELL.NET):
PPPOX POOL - BRAS19.PLTNCA,
PLANO, TEXAS, US. (DSL) n/a 445 pcap raw alerts
ruleset ftp
shell
15 lines Yeah : 1.3
profile none summary
tarball 29 of 29 1a2c0e6130
[Firefox:439 hits: 12-31 to 06-26] 048df78048 [0] ASM:Graph
none|none lines=61 trace

14:57:00 WinXP 194.206.116.117 (FSP.OLEANE.FR):
FRANCE TELECOM TRANSPAC,
FR. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
22 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:15:20:00 Win2K-f 81.42.148.254 (RIMA-TDE.NET):
TELEFONICA DE ESPANA SAU,
ES. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
17 lines Yeah : 1.3
profile none summary
tarball 31 of 33 056fc13122
NEW none[none] none:none
none|none none none

15:23:00 Win2K-f 133.205.38.166 (MESH.AD.JP):
JAPAN NETWORK INFORMATION CENTER,
TOKYO, TOKYO, JP. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
23 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2762 hits: 12-31 to 06-28] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

T:15:25:00 WinXP 125.200.42.233 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset other
14 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:15:38:00 Win2K-f 123.220.81.35 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:15:39:00 WinXP 92.9.188.155 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 31 of 33 f4a8c4177e
[Firefox: 2 hits: 06-28 to 06-28] none[none] none:none
none|none none none

15:45:00 WinXP 123.217.116.122 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

15:46:00 Win2K-f 82.155.224.229 (DSL.TELEPAC.PT):
TELEPAC - COMUNICACOES INTERACTIVAS SA,
COIMBRA, COIMBRA, PT. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball 13 of 33 ffb3b175e5
[Firefox: 2 hits: 06-27 to 06-28] none[none] none:none
none|none none none

15:55:00 Win2K-f 124.84.185.252 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 78396cddf0
NEW none[none] none:none
none|none none none

T:15:56:00 WinXP 213.137.118.205 (BGAS1-010.PTT.YU):
JP PTTS SRBIJA,
CS. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
18 lines Yeah : 1.3
profile none summary
tarball 10 of 33 4f3df56c30
NEW none[none] none:none
none|none none none

16:00:00 WinXP 61.20.131.125 (-):
FAR EASTONE TELECOMMUNICATION CO. LTD,
TW. n/a 445 pcap raw alerts
ruleset other
0 lines Argh : 0.3
profile none summary
tarball none none none none none none none

16:07:00 WinXP 70.112.245.212 (RR.COM):
ROAD RUNNER HOLDCO LLC,
CEDAR PARK, TEXAS, US. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:3112 hits: 12-31 to 06-28] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

16:12:00 Win2K-f 222.146.140.223 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 15 of 33 469fe9f8af
NEW none[none] none:none
none|none none none

16:15:00 WinXP 118.237.35.215 (-):
. n/a 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 1.3
profile none summary
tarball 31 of 32 27b945de66
[Firefox: 6 hits: 06-20 to 06-26] none[4] none:none
none|none none trace

T:16:16:00 Win2K-f 122.17.90.26 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 ea48f3c809
NEW none[none] none:none
none|none none none

T:16:18:00 WinXP 221.191.134.140 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
30 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:16:24:00 WinXP 59.104.7.106 (SEED.NET.TW):
DIGITAL UNITED I,
TAIPEI, T'AI-PEI, TW. (DSL) n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:1367 hits: 12-31 to 06-28] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

16:26:00 Win2K-f 220.138.61.253 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 32 of 33 d9bcb8a69c
NEW none[none] none:none
none|none none none

T:16:52:00 WinXP 24.210.115.10 (RR.COM):
ROAD RUNNER HOLDCO LLC,
FAIRMONT, WEST VIRGINIA, US. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 32 of 33 f4199edfae
NEW none[none] none:none
none|none none none

T:16:59:00 WinXP 140.113.193.40 (NCTU.EDU.TW):
TAIWAN ACADEMIC NETWORK,
TAIPEI, T'AI-PEI, TW. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:3112 hits: 12-31 to 06-28] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

16:59:00 WinXP 140.113.193.40 (NCTU.EDU.TW):
TAIWAN ACADEMIC NETWORK,
TAIPEI, T'AI-PEI, TW. n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:3112 hits: 12-31 to 06-28] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

17:00:00 WinXP 99.170.21.97 (-):
. n/a US:microsoft.com
US:download.microsoft.com
US:198.78.220.124:80
US:207.123.46.126:80
US:8.12.202.125:80 135 pcap raw alerts
ruleset other
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:255 hits: 06-17 to 06-28]
73f1082158
[Firefox:100 hits: 06-18 to 06-28] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:17:03:00 Win2K-f 96.13.226.93 (-):
. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 31 of 33 4282701906
NEW none[none] none:none
none|none none none

17:04:00 Win2K-f 168.226.106.115 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:17:15:00 WinXP 220.99.211.102 (PLALA.OR.JP):
PLALA NETWORKS INC,
YOKOHAMA, KANAGAWA, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:17:16:00 WinXP 190.174.222.212 (-):
. n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 29 of 29 3ae357d17b
[Firefox:725 hits: 05-01 to 06-28] 462a7be171 [0] ASM:Graph
PolyEnE| lines=73 trace

17:20:00 WinXP 220.99.211.102 (PLALA.OR.JP):
PLALA NETWORKS INC,
YOKOHAMA, KANAGAWA, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

17:22:00 Win2K-f 122.134.192.213 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

17:29:00 WinXP 123.222.137.57 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:17:38:00 Win2K-f 80.235.144.198 (BLUEYONDER.CO.UK):
EUROBELL-HSI-DYNAMIC-IP,
UK. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 23 of 33 e5b49a6ee9
NEW none[none] none:none
none|none none none

17:46:00 WinXP 122.26.250.198 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:mx1.hotmail.com
BE:ftp.scarlet.be
US:maila.microsoft.com
US:yutunrz.1dumb.com
US:mailin-01.mx.aol.com
US:mailin-04.mx.aol.com
US:ftp.newaol.com
US:mcduii.3-a.net
:jdjsloy.dynserv.com
**:wyqggvow.afraid.org
:nttstziinpa.hn.org
US:fcnhysydw.yi.org
US:dlivmg.1dumb.com
US:mailin-03.mx.aol.com
US:mailin-02.mx.aol.com
US:143.215.15.145:80
US:143.215.15.60:80
BE:193.74.22.160:80
US:205.188.226.57:80 445 pcap raw alerts
ruleset shell
ftp
13 lines Yeah : 1.3
profile none summary
tarball 31 of 32 6b45d20248
NEW none[none] none:none
none|none none none

T:17:47:00 WinXP 60.234.101.98 (ORCON.NET.NZ):
ORCON INTERNET LTD SUPPORT,
AUCKLAND, AUCKLAND, NZ. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:3112 hits: 12-31 to 06-28] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

17:48:00 WinXP 24.78.64.78 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
VANCOUVER, BRITISH COLUMBIA, CA. (DSL) n/a 135 pcap raw alerts
ruleset other
12 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

17:58:00 Win2K-f 92.8.235.134 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
22 lines Yeah : 1.3
profile none summary
tarball 32 of 33 eab50c3dea
[Firefox: 2 hits: 06-28 to 06-28] none[none] none:none
none|none none none

T:17:59:00 Win2K-f 91.64.144.253 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
BERLIN, BERLIN, DE. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 42fe5ebc92
NEW none[none] none:none
none|none none none

18:19:00 WinXP 119.11.97.150 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

18:20:00 Win2K-f 124.96.238.23 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

18:22:00 Win2K-f 209.250.12.53 (CONVERGENTAZ.NET):
CONVERGENT INTERNET SOLUTIONS,
PRESCOTT, ARIZONA, US. n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.144:80
US:72.247.30.211:80 135 pcap raw alerts
ruleset other
84 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:255 hits: 06-17 to 06-28]
73f1082158
[Firefox:100 hits: 06-18 to 06-28] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:18:22:00 Win2K-f 124.102.81.122 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 ceb31c7dc2
NEW none[none] none:none
none|none none none

18:24:00 WinXP 209.214.19.94 (BELLSOUTH.NET):
BELLSOUTH.NET INC,
CHARLOTTE, NORTH CAROLINA, US. (DSL) n/a 445 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 29 1a2c0e6130
[Firefox:439 hits: 12-31 to 06-26] 048df78048 [0] ASM:Graph
none|none lines=61 trace

T:18:28:00 Win2K-f 118.111.14.52 (-):
. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 30 of 32 2c4793192b
NEW none[none] none:none
none|none none none

T:18:32:00 WinXP 220.104.166.79 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 29 of 33 9d32aaa9ba
NEW none[none] none:none
none|none none none

T:18:35:00 WinXP 140.113.89.183 (NTU.EDU.TW):
TAIWAN ACADEMIC NETWORK,
TAIPEI, T'AI-PEI, TW. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:3112 hits: 12-31 to 06-28] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:18:40:00 Win2K-f 91.64.187.245 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
31 lines Yeah : 1.3
profile none summary
tarball 31 of 33 24376e4bba
[Firefox: 2 hits: 06-28 to 06-28] none[none] none:none
none|none none none

18:40:00 WinXP 125.200.42.233 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset other
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

18:50:00 WinXP 190.30.217.206 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:1367 hits: 12-31 to 06-28] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

T:18:51:00 WinXP 190.30.217.206 (NET.AR):
APOLO -GOLD-TELECOM-PER,
BUENOS AIRES, BUENOS AIRES, AR. n/a RU:moscow-advokat.ru
SE:viking.dal.net
:flanders.be.eu.undernet.org
:washington.dc.us.undernet.org
SE:coins.dal.net
AT:graz.at.eu.undernet.org
SE:vancouver.dal.net
SE:ced.dal.net
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:1367 hits: 12-31 to 06-28] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

T:18:55:00 Win2K-f 61.218.193.242 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33
0 of 32 53bfe15e91
[Firefox:255 hits: 06-17 to 06-28]
57ce4acac2
[Firefox:26 hits: 06-17 to 06-28]
b5919931fe
[Firefox:39 hits: 06-20 to 06-28] none[4]
57ce4acac2[1]
b5919931fe[1] none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
ASProtect| none
lines=81
lines=90 trace
trace
trace

T:18:56:00 Win2K-f 60.47.232.173 (PLALA.OR.JP):
PLALA NETWORKS INC,
OKINAWA, OKINAWA, JP. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 30 of 33 ab7863b37d
NEW none[none] none:none
none|none none none

18:57:00 Win2K-f 58.191.168.140 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 e11d2757ec
NEW none[none] none:none
none|none none none

19:01:00 WinXP 190.137.85.10 (NET.AR):
TELECOM ARGENTINA S.A,
AR. n/a HK:proxim.ircgalaxy.pl
UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 32 of 33 78b29f38ed
NEW none[none] none:none
none|none none none

T:19:01:00 WinXP 190.137.85.10 (NET.AR):
TELECOM ARGENTINA S.A,
AR. n/a HK:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 32 of 33 78b29f38ed
NEW none[none] none:none
none|none none none

T:19:07:00 WinXP 122.30.182.195 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

19:16:00 WinXP 66.19.77.46 (USLEC.NET):
USLEC CORP,
SARASOTA, FLORIDA, US. n/a 135 pcap raw alerts
ruleset other
138 lines Yeah : 1.3
profile none summary
tarball 0 of 33 a08f3b74a4
[Firefox:96 hits: 06-18 to 06-28] a08f3b74a4 [1] ASM:Graph
Armadillo| lines=81 trace

T:19:16:00 Win2K-f 67.8.207.21 (RR.COM):
ROAD RUNNER HOLDCO LLC,
ORLANDO, FLORIDA, US. n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:255 hits: 06-17 to 06-28]
73f1082158
[Firefox:100 hits: 06-18 to 06-28] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

19:17:00 WinXP 118.236.220.76 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 3c8bd777ad
NEW none[none] none:none
none|none none none

19:28:00 Win2K-f 118.7.76.191 (-):
. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:19:32:00 Win2K-f 116.80.62.169 (INFOWEB.NE.JP):
INFOWEB(FUJITSU LTD.),
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:19:34:00 WinXP 222.238.58.96 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a HK:proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
115 lines Yeah : 1.3
profile none summary
tarball 30 of 33
28 of 33 533d15b5ce
[Firefox: 2 hits: 06-21 to 06-24]
58c343a8d8
[Firefox: 2 hits: 06-21 to 06-24] none[4]
58c343a8d8[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=82 trace
trace

T:19:38:00 Win2K-f 78.8.19.196 (NET.PL):
DIALOG,
WROCLAW, DOLNOSLASKIE, PL. n/a 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:19:39:00 Win2K-f 60.254.246.195 (EMOBILE.AD.JP):
EMOBILE LTD,
TOKYO, TOKYO, JP. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 29 of 33 9ddd6c5e47
NEW none[none] none:none
none|none none none

19:42:00 Win2K-f 121.82.196.146 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 ad20dc3d7e
NEW none[none] none:none
none|none none none

19:49:00 WinXP 123.217.102.23 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:19:53:00 WinXP 118.105.190.249 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
29 lines Yeah : 1.3
profile none summary
tarball 30 of 33 505238d7ef
[Firefox: 2 hits: 06-28 to 06-28] none[none] none:none
none|none none none

19:58:00 WinXP 168.226.106.202 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

20:04:00 WinXP 216.211.248.147 (NORWOODLIGHT.COM):
NORWOOD LIGHT BROADBAND,
NORWOOD, MASSACHUSETTS, US. n/a US:microsoft.com
US:download.microsoft.com
US:192.221.99.126:80
US:204.160.126.124:80
US:206.33.45.125:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:255 hits: 06-17 to 06-28]
73f1082158
[Firefox:100 hits: 06-18 to 06-28] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:20:05:00 Win2K-f 72.64.30.16 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
CHARLESTON, WEST VIRGINIA, US. n/a US:microsoft.com
US:download.microsoft.com
US:192.221.99.126:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:255 hits: 06-17 to 06-28]
73f1082158
[Firefox:100 hits: 06-18 to 06-28] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

20:15:00 Win2K-f 118.109.56.88 (-):
. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

20:18:00 WinXP 60.47.232.177 (PLALA.OR.JP):
PLALA NETWORKS INC,
OKINAWA, OKINAWA, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 ab7863b37d
NEW none[none] none:none
none|none none none

T:20:20:00 WinXP 76.227.116.98 (-):
PPPOX POOL - BRAS17.LSAN,
US. n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset other
0 lines Yeah : 0.8
profile none summary
tarball 30 of 32 bae8dcdf54
[Firefox: 2 hits: 09-12 to 02-21] a5fc06a251 [0] ASM:Graph
tElock| lines=58
embedded dns trace

20:21:00 WinXP 118.236.113.193 (-):
. n/a 445 pcap raw alerts
ruleset other
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

20:27:00 Win2K-f 66.169.88.255 (CHARTER.COM):
CHARTER COMMUNICATIONS,
ASHEVILLE, NORTH CAROLINA, US. n/a US:microsoft.com
US:download.microsoft.com
:proxim.ircgalaxy.pl
US:72.247.30.81:80 135 pcap raw alerts
ruleset other
166 lines Yeah : 1.3
profile none summary
tarball 30 of 33
29 of 33 65494b4a08
NEW
eeb51a6e9e
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:20:35:00 WinXP 60.39.14.19 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 30 of 33 dd1195e952
NEW none[none] none:none
none|none none none

20:40:00 WinXP 122.16.114.26 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:20:53:00 Win2K-f 125.173.6.177 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 12 of 33 a96d6f6d31
NEW none[none] none:none
none|none none none

T:20:56:00 Win2K-f 60.47.232.177 (PLALA.OR.JP):
PLALA NETWORKS INC,
OKINAWA, OKINAWA, JP. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 30 of 33 ab7863b37d
NEW none[none] none:none
none|none none none

21:05:00 WinXP 220.108.210.25 (PLALA.OR.JP):
PLALA NETWORKS INC,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 19 of 33 a74e53ccda
NEW none[none] none:none
none|none none none

21:06:00 Win2K-f 24.77.29.171 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
VICTORIA, BRITISH COLUMBIA, CA. (DSL) n/a 135 pcap raw alerts
ruleset other
6 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:21:12:00 Win2K-f 122.16.114.26 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:21:14:00 WinXP 121.87.51.95 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:21:15:00 WinXP 210.139.204.207 (SO-NET.NE.JP):
SO-NET ENTERTAINMENT CORPORATION,
NAHA, OKINAWA, JP. n/a DE:siliconfireware.ru
US:searchportal.information.com
:wpad
DE:217.11.54.126:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
http
5 lines Yeah : 0.8
profile none summary
tarball 29 of 29 df17a625ee
[Firefox:475 hits: 05-04 to 06-28] 9bbdd086c5 [0] ASM:Graph
ASPack| lines=186
embedded dns trace

21:17:00 Win2K-f 72.234.212.18 (HAWAIIANTEL.NET):
HAWAIIAN TELCOM SERVICES COMPANY INC,
HONOLULU, HAWAII, US. n/a :proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
113 lines Yeah : 1.3
profile none summary
tarball 30 of 33
32 of 33 6428ed7419
NEW
810cfece01
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

21:18:00 Win2K-f 118.6.201.219 (-):
. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 10439d86a5
NEW none[none] none:none
none|none none none

T:21:28:00 Win2K-f 121.82.196.146 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 ad20dc3d7e
NEW none[none] none:none
none|none none none

21:32:00 Win2K-f 118.240.190.39 (-):
. n/a :proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

21:39:00 WinXP 118.236.117.118 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

21:41:00 WinXP 98.105.203.170 (-):
. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2762 hits: 12-31 to 06-28] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

21:41:00 Win2K-f 61.118.89.226 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
TOKYO, TOKYO, JP. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 22 of 32 78ce34a051
NEW none[none] none:none
none|none none none

21:41:00 WinXP 78.8.19.196 (NET.PL):
DIALOG,
WROCLAW, DOLNOSLASKIE, PL. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
22 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:21:51:00 Win2K-f 88.134.152.26 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 58ba8e9efd
NEW none[none] none:none
none|none none none

T:21:51:00 Win2K-f 122.25.110.109 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

21:51:00 WinXP 85.181.6.99 (ALICEDSL.DE):
HANSENET-ADSL,
MUNICH, BAYERN, DE. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:21:56:00 Win2K-f 4.253.64.149 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
ARLINGTON, TEXAS, US. (DIAL) n/a 445 pcap raw alerts
ruleset shell
ftp
18 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

22:04:00 WinXP 208.102.238.148 (FUSE.NET):
FUSE INTERNET ACCESS,
HAMILTON, OHIO, US. n/a US:microsoft.com
US:download.microsoft.com
US:199.93.41.124:80
US:205.128.79.125:80
US:8.12.202.125:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:255 hits: 06-17 to 06-28]
73f1082158
[Firefox:100 hits: 06-18 to 06-28] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:22:09:00 WinXP 190.137.119.191 (NET.AR):
TELECOM ARGENTINA S.A,
AR. 194.54.90.246:80 :proxim.ircgalaxy.pl
UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 32 of 33 78b29f38ed
NEW none[none] none:none
none|none none none

T:22:10:00 WinXP 119.72.1.132 (-):
. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 29 of 33 9ddd6c5e47
NEW none[none] none:none
none|none none none

T:22:12:00 Win2K-f 118.240.190.39 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:22:14:00 Win2K-f 125.193.42.82 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:22:19:00 Win2K-f 121.82.134.254 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 17 of 33 64477225c9
[Firefox: 2 hits: 06-28 to 06-28] none[none] none:none
none|none none none

T:22:20:00 Win2K-f 217.144.3.109 (-):
NETWORK EXCHANGE TECHNOLOGY,
AMMAN, 'AMMAN, JO. (DSL) n/a 445 pcap raw alerts
ruleset ftp
18 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

22:21:00 Win2K-f 78.146.171.21 (-):
OPAL TELECOM DSL,
UK. n/a 445 pcap raw alerts
ruleset ftp
29 lines Yeah : 1.3
profile none summary
tarball 27 of 33 78422b8304
NEW none[none] none:none
none|none none none

T:22:22:00 WinXP 123.222.159.19 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 05d02aef50
[Firefox: 2 hits: 06-28 to 06-28] none[none] none:none
none|none none none

22:28:00 WinXP 218.160.66.2 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAOYUAN, T'AI-WAN, TW. n/a :proxim.ircgalaxy.pl
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 29 of 32 2f5a49b768
[Firefox: 2 hits: 06-22 to 06-26] none[4] none:none
FSG| none trace

22:29:00 WinXP 12.78.9.20 (ATT.NET):
AT&T WORLDNET SERVICES,
MORRISTOWN, NEW JERSEY, US. n/a 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 1.3
profile none summary
tarball 29 of 29 1a2c0e6130
[Firefox:439 hits: 12-31 to 06-26] 048df78048 [0] ASM:Graph
none|none lines=61 trace

T:22:32:00 Win2K-f 122.132.56.204 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball none 8b71f756d4
NEW none[none] none:none
none|none none none

22:35:00 Win2K-f 221.127.194.200 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 29 of 33 a08c976fdc
NEW none[none] none:none
none|none none none

22:39:00 Win2K-f 220.105.65.18 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 13 of 33 9c98b12453
NEW none[none] none:none
none|none none none

T:22:39:00 WinXP 4.245.116.9 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
SPARKS, NEVADA, US. (DIAL) n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:255 hits: 06-17 to 06-28]
73f1082158
[Firefox:100 hits: 06-18 to 06-28] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:22:40:00 Win2K-f 122.25.80.43 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

22:41:00 WinXP 122.221.250.60 (UCOM.NE.JP):
UCOM CORP,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 8fa1db1fac
NEW none[none] none:none
none|none none none

22:54:00 WinXP 125.172.194.135 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:53 hits: 06-27 to 06-28] none[none] none:none
none|none none none

22:57:00 Win2K-f 213.55.86.134 (TELECOM.NET.ET):
ETHIOPIAN TELECOMMUNICATION CORPORATION,
ET. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 9 of 33 cee7679916
NEW none[none] none:none
none|none none none

T:23:00:00 Win2K-f 203.118.238.245 (-):
GRAND TAINAN TECHNOLOGY CO.LTD,
TAINAN, KAO-HSIUNG, TW. n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:255 hits: 06-17 to 06-28]
a08f3b74a4
[Firefox:96 hits: 06-18 to 06-28] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

23:07:00 WinXP 118.236.180.155 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:23:08:00 WinXP 222.147.2.30 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:23:14:00 Win2K-f 61.118.89.226 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
TOKYO, TOKYO, JP. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 22 of 32 78ce34a051
NEW none[none] none:none
none|none none none

T:23:15:00 Win2K-f 62.141.126.154 (SPB.RU):
INTERFACE & ROUTED NETWORK SPB-MEN,
RU. (100Mbps) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 32 48add699dd
NEW none[none] none:none
none|none none none

23:16:00 WinXP 91.64.59.79 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 21 of 33 55125e15a2
NEW none[none] none:none
none|none none none

T:23:19:00 WinXP 202.39.210.91 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP,
TW. n/a US:microsoft.com
US:download.microsoft.com
US:192.221.99.124:80
US:199.93.44.126:80
US:206.33.45.125:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:255 hits: 06-17 to 06-28]
73f1082158
[Firefox:100 hits: 06-18 to 06-28] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:23:24:00 Win2K-f 122.29.4.7 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:41 hits: 06-27 to 06-28] none[none] none:none
none|none none none

23:25:00 Win2K-f 118.105.145.109 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 4c718f0d24
NEW none[none] none:none
none|none none none

T:23:27:00 Win2K-f 119.72.39.120 (-):
. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 d450c97d2b
NEW none[none] none:none
none|none none none

23:28:00 WinXP 80.138.177.173 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
STUTTGART, BADEN-WURTTEMBERG, DE. (DSL) n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 32 of 33 b545581873
NEW none[none] none:none
none|none none none

T:23:29:00 WinXP 91.66.97.176 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:81 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:23:32:00 WinXP 60.44.89.246 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 13 of 33 9c98b12453
NEW none[none] none:none
none|none none none

T:23:36:00 WinXP 123.222.143.135 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a :proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 16 of 33 df49df7e9e
NEW none[none] none:none
none|none none none

23:36:00 Win2K-f 221.190.23.231 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a :proxima.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 b6075d6a91
[Firefox: 2 hits: 06-27 to 06-28] none[none] none:none
none|none none none

23:52:00 WinXP 220.147.232.162 (INFOWEB.NE.JP):
INFOWEB(FUJITSU LTD.),
TOKYO, TOKYO, JP. (DIAL) n/a US:mx1.hotmail.com
BE:ftp.scarlet.be
US:maila.microsoft.com
US:mailin-02.mx.aol.com
US:yutunrz.1dumb.com
US:mailin-01.mx.aol.com
US:ftp.newaol.com
US:www.microsoft.com
**:www.he3ns1k.info
DE:www.bpfq02.com
US:mcduii.3-a.net
CA:xx.nadnadzz.info
:www.supinator1.com
:jdjsloy.dynserv.com
**:wyqggvow.afraid.org
:nttstziinpa.hn.org
:www.g1ikdcvns3sdsal.info
:www.informat1onupd.info
US:fcnhysydw.yi.org
:www.f5ds1jkkk4d.info
CA:xx.ka3ek.com
:www.lukki6nd2kdnc.info
US:dlivmg.1dumb.com
:www.h7smcnrwlsdn34fgv.info
US:neytteybbo.3-a.net
:www.hkukud123ncs.info
US:www.kukutrustnet.com
:fzzdik.dynserv.com
:www.kukutrustnet.info
:pkvgzaecagx.afraid.org
:yraqztt.hn.org
US:kpxvrvdefs.yi.org
US:qeqfsvxousx.1dumb.com
US:imtoey.3-a.net
:jrscqsshxs.dynserv.com
:yjjtuvsro.afraid.org
:firradbqzku.hn.org
CA:xx.sqlteam.info
US:dgwigom.yi.org
US:mfltoqgqt.1dumb.com
US:ksfvgfrf.3-a.net
:uhqoyjlu.dynserv.com
:bdtjkffl.afraid.org
:ipurfbqpsdj.hn.org
US:orugtuapnzu.yi.org
US:gyssafafiq.1dumb.com
US:ihhyzby.3-a.net
US:143.215.15.145:80
BE:193.74.22.160:80
US:205.188.105.50:80
CA:67.43.236.98:10324
CA:67.43.236.99:10324
69.64.155.119:80
DE:89.149.227.194:80 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 31 of 33 222229b3cc
NEW none[none] none:none
none|none none none