Multiperspective Malware Analysis Page

Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

30 June 2008
<prev> <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]

Time
Victim
OS
Infection
Source
C&C
Server
DNS Lookups &
Failed Connects Infection
Port
Packet
Trace
Detection
Signatures
Infection
Chatter
BotHunter
Analysis
Behavioral
Cluster
Forensic
Logs
Antivirus
Labels
Packed Malware_Binary Unpacked egg.exe
Unpacked egg.asm
Packer PEID
Data Strings
Syscall Trace

00:05:00 WinXP 213.228.108.4 (KRASNET.RU):
KRASNET KRASNOYARSK REGIONAL TELECOMMUNICATIONS NETWORK,
KRASNOYARSK, KRASNOYARSKIY KRAY, RU. (DIAL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
22 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

00:05:00 Win2K-f 125.193.42.82 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:00:16:00 WinXP 217.211.148.44 (TELIA.COM):
TELIA NETWORK SERVICES,
UMEå, VASTERBOTTEN, SE. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 70e613ae4c
[Firefox: 2 hits: 06-28 to 06-28] none[none] none:none
none|none none none

00:18:00 Win2K-f 202.70.241.145 (ONINET.NE.JP):
OKAYAMA NETWORK INC,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:00:19:00 WinXP 61.203.196.192 (FCV.NE.JP):
THE FOUNDATION OF FUKUOKA CABLE VISION,
FUKUOKA, FUKUOKA, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

00:20:00 WinXP 66.123.206.60 (PACBELL.NET):
AT&T INTERNET SERVICES,
SAN FRANCISCO, CALIFORNIA, US. (DIAL) n/a 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 0.8
profile none summary
tarball 32 of 32 03f912899b
[Firefox:22 hits: 12-14 to 06-29] 83893bd25d [0] ASM:Graph
none|none lines=65 trace

T:00:22:00 Win2K-f 118.7.126.186 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:00:23:00 Win2K-f 221.185.130.151 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:00:27:00 Win2K-f 213.91.172.241 (TVSKAT.NET):
SKAT TV LTD,
BURGAS, BURGAS, BG. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 477b191ba9
NEW none[none] none:none
none|none none none

00:42:00 WinXP 221.184.227.21 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 12 of 33 a96d6f6d31
[Firefox: 2 hits: 06-28 to 06-29] none[none] none:none
none|none none none

00:44:00 Win2K-f 61.231.128.23 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
19 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2770 hits: 12-31 to 06-29] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

T:00:50:00 WinXP 125.215.114.182 (PIKARA.NE.JP):
PIKARA(STNET INCORPORATED),
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 e3460d2a4a
NEW none[none] none:none
none|none none none

00:58:00 WinXP 79.64.87.116 (AS9105.COM):
TELINCO,
UK. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 17 of 33 0a35a43ec6
NEW none[none] none:none
none|none none none

T:01:00:00 Win2K-f 4.233.124.74 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
LOS ANGELES, CALIFORNIA, US. (DIAL) n/a 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:01:04:00 Win2K-f 211.29.17.212 (OPTUSNET.COM.AU):
OPTUS INTERNET - RETAIL,
MELBOURNE, VICTORIA, AU. (DIAL) n/a US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
30 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:01:05:00 Win2K-f 118.169.176.138 (-):
. 217.170.244.2:443 445 pcap raw alerts
ruleset shell
ftp
irc
28 lines Yeah : 1.8
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2770 hits: 12-31 to 06-29] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

T:01:14:00 Win2K-f 60.43.10.247 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
45 lines Yeah : 1.8
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

01:16:00 WinXP 77.20.14.12 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 e7d78a305b
NEW none[none] none:none
none|none none none

T:01:18:00 WinXP 88.114.173.132 (ELISA-LAAJAKAISTA.FI):
ELISA-ADSL,
FI. n/a HK:proxim.ircgalaxy.pl
UA:citi-bank.ru
EU:kidos-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 32 of 33 a46f0fbc16
NEW none[none] none:none
none|none none none

T:01:23:00 WinXP 118.169.60.244 (-):
. 217.170.244.2:443 445 pcap raw alerts
ruleset shell
ftp
irc
29 lines Yeah : 1.8
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2770 hits: 12-31 to 06-29] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

01:23:00 Win2K-f 85.177.69.169 (ALICEDSL.DE):
HANSENET-ADSL,
HAMBURG, HAMBURG, DE. (DSL) n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 70505b82df
NEW none[none] none:none
none|none none none

T:01:23:00 Win2K-f 81.69.199.210 (WANADOO.NL):
WANADOO NEDERLAND BV,
ALMERE, FLEVOLAND, NL. (DSL) 69.247.147.113:13001 HK:proxim.ircgalaxy.pl
US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
41 lines Yeah : 1.8
profile none summary
tarball 20 of 33 a06d7c7dd7
NEW none[none] none:none
none|none none none

T:01:25:00 Win2K-f 92.11.96.176 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 32 of 33 eab50c3dea
[Firefox: 3 hits: 06-28 to 06-29] none[none] none:none
none|none none none

01:27:00 Win2K-f 125.215.112.13 (PIKARA.NE.JP):
PIKARA(STNET INCORPORATED),
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

01:33:00 Win2K-f 222.147.165.71 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 12 of 33 a96d6f6d31
[Firefox: 2 hits: 06-28 to 06-29] none[none] none:none
none|none none none

T:01:47:00 Win2K-f 91.67.116.192 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

01:48:00 Win2K-f 118.1.41.97 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:01:49:00 Win2K-f 85.177.69.169 (ALICEDSL.DE):
HANSENET-ADSL,
HAMBURG, HAMBURG, DE. (DSL) n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 7cd1f812ed
NEW none[none] none:none
none|none none none

T:01:59:00 Win2K-f 217.201.192.211 (-):
TELECOM ITALIA MOBILE,
IT. n/a 445 pcap raw alerts
ruleset ftp
18 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

02:03:00 Win2K-f 92.11.231.214 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 32 of 33 eab50c3dea
[Firefox: 3 hits: 06-28 to 06-29] none[none] none:none
none|none none none

T:02:07:00 Win2K-f 79.138.204.232 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 21 of 33 d78e9b7f39
NEW none[none] none:none
none|none none none

02:11:00 WinXP 122.30.176.51 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxima.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 c1f444637f
NEW none[none] none:none
none|none none none

02:18:00 WinXP 217.249.64.32 (T-DIALIN.NET):
DEUTSCHE TELEKOM AG,
KAUFBEUREN, BAYERN, DE. (DIAL) n/a 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

02:19:00 WinXP 77.198.5.96 (GAOLAND.NET):
DYNAMIC POOLS,
FR. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 28 of 33 a9c8d121f2
[Firefox: 3 hits: 06-28 to 06-29] none[none] none:none
none|none none none

T:02:34:00 Win2K-f 88.134.201.166 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
57 lines Yeah : 1.8
profile none summary
tarball 20 of 33 8f93398287
NEW none[none] none:none
none|none none none

02:34:00 Win2K-f 98.105.20.15 (-):
. n/a 445 pcap raw alerts
ruleset shell
3 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

02:35:00 Win2K-f 124.86.180.92 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 23 of 33 776bdb2f05
NEW none[none] none:none
none|none none none

T:02:36:00 Win2K-f 91.66.125.219 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

02:37:00 Win2K-f 116.80.62.169 (INFOWEB.NE.JP):
INFOWEB(FUJITSU LTD.),
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:02:37:00 Win2K-f 213.25.115.242 (OSLINK.PL):
OSLINK SP. Z O.O,
CHOJNICE, POMORSKIE, PL. (DIAL) n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 7b727d2330
NEW none[none] none:none
none|none none none

T:02:38:00 Win2K-f 124.100.15.97 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

02:47:00 Win2K-f 92.10.35.51 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 32 of 33 d1de343252
NEW none[none] none:none
none|none none none

02:47:00 WinXP 87.15.245.39 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
VICENZA, VENETO, IT. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
20 lines Yeah : 1.3
profile none summary
tarball 32 of 33 9b2aaba1ba
NEW none[none] none:none
none|none none none

02:49:00 WinXP 119.11.109.0 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 13 of 33 ee22860b8f
NEW none[none] none:none
none|none none none

T:02:49:00 Win2K-f 122.17.246.99 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
52 lines Yeah : 1.8
profile none summary
tarball 16 of 33 3027d57000
[Firefox: 3 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:02:50:00 WinXP 213.36.0.245 (PPP.TISCALI.FR):
TISCALI FRANCE,
FR. (DIAL) n/a 445 pcap raw alerts
ruleset ftp
19 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:02:56:00 WinXP 85.182.26.26 (ALICEDSL.DE):
HANSENET-ADSL,
OBERHAUSEN, NORDRHEIN-WESTFALEN, DE. 69.247.147.113:13001 HK:proxim.ircgalaxy.pl
US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
44 lines Yeah : 1.8
profile none summary
tarball 29 of 33 8700fb55fc
NEW none[none] none:none
none|none none none

T:02:59:00 Win2K-f 217.22.120.156 (INTERAL.CO.IL):
EILATINTER-CUSTOMERS,
EILAT, HADAROM (SOUTHERN), IL. (DIAL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 12 of 33 6472c3cb36
NEW none[none] none:none
none|none none none

T:03:06:00 Win2K-f 221.188.232.112 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:03:08:00 Win2K-f 220.96.245.32 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
29 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

03:10:00 WinXP 222.144.249.241 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
18 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2770 hits: 12-31 to 06-29] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

T:03:12:00 WinXP 86.145.212.89 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
LONDON, ENGLAND, UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:03:15:00 WinXP 81.195.170.194 (-):
OOO JURIDICHESKAJA KOMPANIJA GRUPPA NEZAVISIMIH KONSULTANTOV,
MOSCOW, MOSKVA, RU. (100Mbps) n/a 445 pcap raw alerts
ruleset other
10 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:03:20:00 Win2K-f 70.61.108.121 (RR.COM):
ROAD RUNNER HOLDCO LLC,
CHARLOTTE, NORTH CAROLINA, US. n/a US:microsoft.com
US:download.microsoft.com
US:198.78.220.124:80
US:199.93.44.124:80
US:8.12.202.125:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
73f1082158
[Firefox:112 hits: 06-18 to 06-29] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

03:22:00 WinXP 60.236.81.204 (MESH.AD.JP):
NEC CORPORATION,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

03:25:00 Win2K-f 123.222.120.90 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:03:32:00 Win2K-f 117.102.159.65 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

03:35:00 Win2K-f 61.207.153.156 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 13 of 33 db64d0a16b
NEW none[none] none:none
none|none none none

03:35:00 WinXP 83.45.255.221 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
A CORUñA, GALICIA, ES. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 28 of 32 dbae597718
NEW none[none] none:none
none|none none none

03:42:00 WinXP 91.66.125.219 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

03:42:00 Win2K-f 122.21.252.158 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:03:43:00 Win2K-f 118.109.187.214 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 63ae892ad8
NEW none[none] none:none
none|none none none

T:03:49:00 WinXP 202.70.241.145 (ONINET.NE.JP):
OKAYAMA NETWORK INC,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

03:55:00 WinXP 118.236.153.141 (-):
. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 32 of 32 93385541f3
[Firefox: 3 hits: 06-22 to 06-29] none[4] none:none
none|none none trace

03:56:00 Win2K-f 122.53.169.189 (PLDT.NET):
IPG,
PH. n/a US:microsoft.com
US:download.microsoft.com
HK:proxim.ircgalaxy.pl
US:204.160.126.126:80
US:205.128.79.126:80
US:207.123.46.126:80 135 pcap raw alerts
ruleset other
126 lines Yeah : 1.3
profile none summary
tarball 29 of 33
33 of 33 16874933ea
[Firefox:11 hits: 06-18 to 06-28]
76ee340669
[Firefox:11 hits: 06-18 to 06-28] 16874933ea [1]
none [4] ASM:Graph
none:none
Armadillo|
PolyEnE| lines=82
none trace
trace

T:03:58:00 Win2K-f 121.83.5.192 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 18 of 33 3a5eeeac1b
NEW none[none] none:none
none|none none none

T:04:00:00 Win2K-f 122.26.204.96 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 32 of 33 cef8a241be
NEW none[none] none:none
none|none none none

04:04:00 WinXP 217.226.255.247 (T-DIALIN.NET):
DEUTSCHE TELEKOM AG,
FRANKFURT, HESSEN, DE. (DIAL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 30 of 33 c431d6bb86
NEW none[none] none:none
none|none none none

04:06:00 Win2K-f 124.97.167.127 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:04:08:00 WinXP 92.40.214.241 (IKBCC.COM):
EU-ZZ,
UK. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 31 of 33 dfec585ee1
NEW none[none] none:none
none|none none none

04:09:00 Win2K-f 81.137.216.248 (BTOPENWORLD.COM):
SINGLE STATIC IP ADDRESSES,
LONDON, ENGLAND, UK. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:04:10:00 WinXP 212.76.226.182 (CODITEL.NET):
CODITEL - INTERNET SERVICES,
BRUSSELS, BRUSSELS, BE. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 3f8d1c3246
[Firefox: 2 hits: 06-28 to 06-29] none[none] none:none
none|none none none

04:16:00 WinXP 85.179.162.15 (ALICEDSL.DE):
HANSENET-ADSL,
DE. (DSL) n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 29 of 32 54836c1279
NEW none[none] none:none
none|none none none

04:18:00 Win2K-f 123.220.16.83 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:04:21:00 Win2K-f 118.236.64.238 (-):
. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 17 of 33 9eeace63d5
NEW none[none] none:none
none|none none none

04:22:00 Win2K-f 221.191.134.140 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
34 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:04:23:00 WinXP 221.185.129.68 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

04:25:00 Win2K-f 220.106.253.19 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
OKINAWA, OKINAWA, JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:04:26:00 Win2K-f 118.236.253.200 (-):
. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 29 of 33 c3822667c2
NEW none[none] none:none
none|none none none

04:30:00 WinXP 85.177.138.237 (ALICEDSL.DE):
HANSENET-ADSL,
DE. n/a 445 pcap raw alerts
ruleset other
8 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:04:30:00 WinXP 77.198.5.96 (GAOLAND.NET):
DYNAMIC POOLS,
FR. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 28 of 33 a9c8d121f2
[Firefox: 3 hits: 06-28 to 06-29] none[none] none:none
none|none none none

04:36:00 WinXP 207.171.202.223 (IP-207-171-202-10.WRECWIRELESS.COOP):
WELLS RURAL ELECTRIC COMPANY,
SAN FRANCISCO, CALIFORNIA, US. n/a US:microsoft.com
US:download.microsoft.com
US:199.93.46.126:80
US:204.160.126.124:80
US:206.33.45.125:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
73f1082158
[Firefox:112 hits: 06-18 to 06-29] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:04:37:00 Win2K-f 122.25.35.60 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset other
14 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

04:40:00 WinXP 61.224.221.175 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2770 hits: 12-31 to 06-29] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

04:42:00 Win2K-f 125.198.34.149 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

04:44:00 WinXP 118.1.251.228 (-):
. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 31 of 32 741e3b03b3
[Firefox:83 hits: 09-28 to 06-29] e0197e8a64 [0] ASM:Graph
none|none lines=62 trace

T:04:47:00 Win2K-f 91.66.125.23 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 b4a43d2c1c
NEW none[none] none:none
none|none none none

04:49:00 WinXP 86.135.18.83 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
LONDON, ENGLAND, UK. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 31 of 32 cce9566ceb
[Firefox:11 hits: 06-12 to 06-29] none[4] none:none
PolyEnE| none trace

T:04:49:00 WinXP 91.66.24.137 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 31 of 33 d8a2d17ef8
NEW none[none] none:none
none|none none none

04:51:00 Win2K-f 217.219.80.94 (-):
ANGIZEH NEGAR KHAVARAN ISP,
TEHRAN, TEHRAN, IR. (100Mbps) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
22 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

04:54:00 Win2K-f 92.13.133.7 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 32 of 33 eab50c3dea
[Firefox: 3 hits: 06-28 to 06-29] none[none] none:none
none|none none none

T:04:59:00 Win2K-f 118.105.145.109 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 4c718f0d24
NEW none[none] none:none
none|none none none

05:04:00 WinXP 91.66.99.246 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 32 of 33 d160f9372c
[Firefox: 2 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:05:07:00 Win2K-f 79.21.49.209 (SRC.ORG):
TELECOM ITALIA NET,
ROME, LAZIO, IT. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 31 of 33 65818ea356
NEW none[none] none:none
none|none none none

T:05:09:00 WinXP 88.134.125.67 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
22 lines Yeah : 1.3
profile none summary
tarball 26 of 32 3dab831bee
NEW none[none] none:none
none|none none none

05:13:00 WinXP 60.237.86.130 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:05:14:00 Win2K-f 119.72.62.249 (-):
. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
19 lines Yeah : 1.3
profile none summary
tarball 30 of 33 4cfdb7f87a
NEW none[none] none:none
none|none none none

05:16:00 Win2K-f 92.8.12.52 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball 22 of 33 dd41a9ad4b
NEW none[none] none:none
none|none none none

T:05:19:00 Win2K-f 71.104.53.235 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
ONTARIO, CALIFORNIA, US. (DSL) n/a US:microsoft.com
US:download.microsoft.com
HK:proxim.ircgalaxy.pl
US:192.221.110.126:80
US:198.78.220.126:80
US:207.123.37.126:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
73f1082158
[Firefox:112 hits: 06-18 to 06-29] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

05:19:00 Win2K-f 70.250.104.52 (SWBELL.NET):
MID MISSOURI BROADBAND AND CABLE LLC,
LOOSE CREEK, MISSOURI, US. n/a US:microsoft.com
US:download.microsoft.com
US:192.221.110.126:80
US:198.78.220.126:80
US:207.123.37.126:80 135 pcap raw alerts
ruleset other
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
73f1082158
[Firefox:112 hits: 06-18 to 06-29] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:05:29:00 WinXP 86.159.196.238 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
UK. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 17 of 33 0db584b1c8
NEW none[none] none:none
none|none none none

T:05:29:00 Win2K-f 60.37.142.209 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
KOH SAMUI, SURAT THANI, TH. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 16 of 33 3027d57000
[Firefox: 3 hits: 06-27 to 06-28] none[none] none:none
none|none none none

05:33:00 WinXP 210.79.131.145 (MEDIATTI.NET):
MEDIATTI COMMUNICATIONS INC,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 29 831f4ee0a7
[Firefox:666 hits: 07-11 to 06-29] eb7546c600 [0] ASM:Graph
none|none lines=61 trace

T:05:42:00 WinXP 81.220.66.130 (REV.NUMERICABLE.FR):
DHCP POOL LYON,
LYON, RHONE-ALPES, FR. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 24 of 33 af0b670f9d
NEW none[none] none:none
none|none none none

05:43:00 Win2K-f 4.254.167.20 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
US. n/a US:microsoft.com
US:download.microsoft.com
US:204.2.133.57:80
US:204.2.133.73:80 135 pcap raw alerts
ruleset other
59 lines Yeah : 1.3
profile none summary
tarball 33 of 33
8 of 33 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
b7082104e4
[Firefox:17 hits: 06-18 to 06-29] none[4]
none [4] none:none
none:none
tElock|
tElock| none
none trace
trace

05:44:00 WinXP 82.52.22.176 (POOL8252.INTERBUSINESS.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
BOLOGNA, EMILIA-ROMAGNA, IT. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 8 of 32 0d0848244e
NEW none[none] none:none
none|none none none

05:45:00 WinXP 125.200.81.35 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxima.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 13 of 33 4a6ba0f5ba
[Firefox: 2 hits: 06-28 to 06-28] none[none] none:none
none|none none none

T:05:47:00 WinXP 122.27.12.83 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 b17ccd664c
NEW none[none] none:none
none|none none none

T:05:48:00 WinXP 221.190.109.213 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
29 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:05:48:00 WinXP 123.218.5.141 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
30 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:05:53:00 Win2K-f 80.218.182.112 (HISPEED.CH):
CABLECOMMAIN-NET,
ZURICH, ZURICH, CH. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 31 of 33 63127e98ab
NEW none[none] none:none
none|none none none

06:05:00 Win2K-f 80.240.195.114 (SWIFTKENYA.COM):
SWIFT GLOBAL (K) LTD ISP,
NAIROBI, NAIROBI AREA, KE. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball 17 of 33 d73dc9430a
NEW none[none] none:none
none|none none none

06:05:00 Win2K-f 122.27.12.83 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 31 of 33 b17ccd664c
NEW none[none] none:none
none|none none none

T:06:15:00 WinXP 122.26.134.87 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 fd01b2e27c
NEW none[none] none:none
none|none none none

06:16:00 WinXP 118.236.235.152 (-):
. n/a HK:ircd.zief.pl
HK:210.245.211.11:80 445 pcap raw alerts
ruleset shell
ftp
13 lines Yeah : 0.8
profile none summary
tarball 32 of 32 93385541f3
[Firefox: 3 hits: 06-22 to 06-29] none[4] none:none
none|none none trace

T:06:17:00 Win2K-f 122.21.252.158 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:06:20:00 WinXP 4.224.237.2 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
FAIRBORN, OHIO, US. (DIAL) n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:3117 hits: 12-31 to 06-29] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:06:20:00 WinXP 202.70.252.119 (ONINET.NE.JP):
OKAYAMA NETWORK INC,
OKAYAMA, OKAYAMA, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

06:22:00 Win2K-f 202.70.252.119 (ONINET.NE.JP):
OKAYAMA NETWORK INC,
OKAYAMA, OKAYAMA, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:06:23:00 Win2K-f 125.192.214.216 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:06:23:00 Win2K-f 118.240.155.140 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

06:27:00 Win2K-f 92.10.227.244 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
20 lines Yeah : 1.3
profile none summary
tarball 30 of 33 07fddab522
NEW none[none] none:none
none|none none none

T:06:29:00 Win2K-f 123.254.38.181 (PIKARA.NE.JP):
STNET INCORPORATED,
TAKAMATSU, KAGAWA, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:06:30:00 WinXP 221.126.139.218 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 11 of 32 b36b95f94d
NEW none[none] none:none
none|none none none

06:36:00 Win2K-f 61.231.138.96 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAOYUAN, T'AI-WAN, TW. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2770 hits: 12-31 to 06-29] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

06:39:00 Win2K-f 85.181.24.146 (ALICEDSL.DE):
HANSENET-ADSL,
MUNICH, BAYERN, DE. (DSL) n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset shell
5 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

06:48:00 Win2K-f 118.236.155.222 (-):
. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 31 of 33 dae8d87246
NEW none[none] none:none
none|none none none

T:06:50:00 Win2K-f 122.135.84.31 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:06:51:00 Win2K-f 122.21.224.172 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
29 lines Yeah : 1.3
profile none summary
tarball 13 of 33 450e12e7a8
NEW none[none] none:none
none|none none none

06:59:00 WinXP 69.153.244.98 (SWBELL.NET):
PPPOX POOL - BRAS1 STLSMO,
ST. LOUIS, MISSOURI, US. (DSL) n/a EU:siliconfireware.ru
SE:kavkazcenter.com
SE:kavkazcenter.net
FI:kavkazchat.com
US:chechenpress.info
GB:chechenpress.co.uk
US:shaheeds.org
:daymohk.info
:chripress.org
:marsho.dk
:wpad
DE:212.227.111.29:80
DE:217.11.54.126:80
GB:217.194.210.198:80
US:69.25.142.48:80
US:72.29.65.216:80
EU:78.47.200.154:80
FI:80.81.183.162:80
SE:88.80.5.157:80
SE:88.80.5.15:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 ab5e47bf8d
[Firefox:54 hits: 05-10 to 06-28] none[3] none:none
ASPack| none trace

07:01:00 Win2K-f 125.174.230.254 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 55e81fcf1e
NEW none[none] none:none
none|none none none

T:07:07:00 Win2K-f 211.29.17.115 (OPTUSNET.COM.AU):
OPTUS INTERNET - RETAIL,
MELBOURNE, VICTORIA, AU. (DIAL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

07:09:00 WinXP 60.238.253.66 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

07:10:00 Win2K-f 125.175.60.124 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
YOKOHAMA, KANAGAWA, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

07:11:00 WinXP 125.195.59.204 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a US:chat-shqip.org
:www.proxy-socks.net
:daymohk.info
:marsho.dk
US:w3bs.chat-shqip.org
CA:www.bmo.com
CA:www.cwbank.com
CA:198.96.181.1:80
CA:205.206.208.25:80
GB:217.194.210.198:80
US:69.247.147.113:12351
US:69.247.147.113:13001
US:69.25.142.48:80
US:72.29.65.216:80
FI:80.81.183.162:80
SE:88.80.5.157:80
SE:88.80.5.15:80 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 702fe1335a
[Firefox: 2 hits: 06-28 to 06-29] none[none] none:none
none|none none none

T:07:16:00 WinXP 217.226.204.64 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
KAISERSLAUTERN, RHEINLAND-PFALZ, DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 0cc0d45d44
NEW none[none] none:none
none|none none none

T:07:19:00 Win2K-f 222.144.238.31 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
32 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

07:20:00 WinXP 92.3.177.76 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 b96c53aded
[Firefox: 3 hits: 06-28 to 06-29] none[none] none:none
none|none none none

07:22:00 WinXP 221.191.224.165 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset other
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

07:24:00 Win2K-f 81.11.185.66 (DSL.SCARLET.BE):
PI-BELGIUM,
MORTSEL, ANTWERPEN, BE. (DSL) n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 30 of 33 92de3628a4
NEW none[none] none:none
none|none none none

07:25:00 Win2K-f 218.251.36.138 (EONET.NE.JP):
K-OPTICOM CORPORATION,
OSAKA, OSAKA, JP. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 a94c0f8d84
NEW none[none] none:none
none|none none none

T:07:26:00 WinXP 121.82.191.45 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 17 of 33 64477225c9
[Firefox: 3 hits: 06-28 to 06-29] none[none] none:none
none|none none none

07:29:00 WinXP 122.27.14.175 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:07:30:00 WinXP 91.64.196.79 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 24376e4bba
[Firefox: 4 hits: 06-28 to 06-29] none[none] none:none
none|none none none

T:07:32:00 Win2K-f 218.224.40.119 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
NAGOYA, AICHI, JP. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 32 of 33 73c3772dd1
NEW none[none] none:none
none|none none none

07:40:00 WinXP 122.135.84.31 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:07:42:00 Win2K-f 118.236.155.222 (-):
. n/a 445 pcap raw alerts
ruleset ftp
29 lines Yeah : 1.3
profile none summary
tarball 31 of 33 dae8d87246
NEW none[none] none:none
none|none none none

T:07:55:00 WinXP 75.119.26.29 (LDMI.COM):
IDEAL TECHNOLOGY SOLUTIONS US INC,
US. n/a HK:proxim.ircgalaxy.pl 135 pcap raw alerts
ruleset other
274 lines Yeah : 1.3
profile none summary
tarball 30 of 33 13cfd63045
NEW none[none] none:none
none|none none none

T:07:57:00 Win2K-f 71.111.144.113 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
BEAVERTON, OREGON, US. (DSL) n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
125 lines Yeah : 1.3
profile none summary
tarball 31 of 33
29 of 33
0 of 32 0ce45fa5a0
NEW
6425779bc8
NEW
b5919931fe
[Firefox:42 hits: 06-20 to 06-29] none[none]
none [none]
b5919931fe[1] none:none
none:none
ASM:Graph
none|none
none|none
ASProtect| none
none
lines=90 none
none
trace

07:58:00 Win2K-f 220.102.231.2 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 28 of 33 c6338d25cd
NEW none[none] none:none
none|none none none

T:07:59:00 Win2K-f 119.72.97.61 (-):
. n/a 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 25 of 33 34be9e26e0
NEW none[none] none:none
none|none none none

T:08:06:00 Win2K-f 118.0.117.116 (-):
. n/a 445 pcap raw alerts
ruleset ftp
41 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

08:07:00 WinXP 61.231.130.138 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2770 hits: 12-31 to 06-29] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

T:08:08:00 Win2K-f 88.134.86.203 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 80433c452f
NEW none[none] none:none
none|none none none

T:08:09:00 WinXP 213.120.15.114 (BT.NET):
BT PUBLIC INTERNET SERVICE,
LONDON, ENGLAND, UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
19 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

08:09:00 WinXP 86.145.11.55 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
LONDON, ENGLAND, UK. n/a 445 pcap raw alerts
ruleset shell
ftp
13 lines Yeah : 0.8
profile none summary
tarball 31 of 32 cce9566ceb
[Firefox:11 hits: 06-12 to 06-29] none[4] none:none
PolyEnE| none trace

08:10:00 Win2K-f 118.7.155.70 (-):
. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 b52c1ba519
NEW none[none] none:none
none|none none none

08:13:00 WinXP 123.218.164.2 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 31 of 33 2fe5c70997
NEW none[none] none:none
none|none none none

T:08:18:00 Win2K-f 80.135.238.169 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
COLOGNE, NORDRHEIN-WESTFALEN, DE. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:08:18:00 Win2K-f 119.72.23.84 (-):
. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
30 lines Yeah : 1.3
profile none summary
tarball 30 of 33 a44176b901
[Firefox: 3 hits: 06-28 to 06-28] none[none] none:none
none|none none none

T:08:19:00 WinXP 77.20.14.12 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 e7d78a305b
NEW none[none] none:none
none|none none none

08:22:00 Win2K-f 122.26.226.148 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

08:23:00 WinXP 118.236.95.231 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 925b5301d4
NEW none[none] none:none
none|none none none

T:08:23:00 WinXP 200.114.235.42 (COM.AR):
CABLEVISION S.A,
BUENOS AIRES, BUENOS AIRES, AR. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:08:25:00 WinXP 200.175.72.20 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a DE:siliconfireware.ru
US:searchportal.information.com
:www.proxy-socks.net
:wpad
EU:ebookfinaltrash.ru
CA:www.cwbank.com
US:208.73.212.12:80
DE:212.227.111.29:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
http
2 lines Yeah : 0.8
profile none summary
tarball 29 of 29 a12cab51ef
[Firefox:1080 hits: 05-01 to 06-29] 40f7f463c4 [0] ASM:Graph
ASPack| lines=281
embedded dns trace

T:08:31:00 Win2K-f 89.218.20.111 (ADSL.ONLINE.KZ):
KAZAKHTELECOM DATA NETWORK ADMINISTRATION,
KZ. n/a 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

08:36:00 WinXP 60.42.201.142 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 17 of 32 b169ddd225
NEW none[none] none:none
none|none none none

08:43:00 WinXP 124.87.35.83 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 20ef97231e
NEW none[none] none:none
none|none none none

08:44:00 WinXP 79.77.160.248 (AS9105.COM):
TELINCO,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:08:45:00 Win2K-f 70.241.89.75 (SWBELL.NET):
PPPOX POOL - RBACK21 HSTNTX,
HOUSTON, TEXAS, US. (DSL) n/a HK:proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
77 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33
0 of 32 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
a08f3b74a4
[Firefox:101 hits: 06-18 to 06-29]
b5919931fe
[Firefox:42 hits: 06-20 to 06-29] none[4]
a08f3b74a4[1]
b5919931fe[1] none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
ASProtect| none
lines=81
lines=90 trace
trace
trace

08:55:00 WinXP 125.215.75.129 (PIKARA.NE.JP):
PIKARA(STNET INCORPORATED),
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
30 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:08:56:00 Win2K-f 213.226.177.49 (TVK.LT):
UAB TELEVIZIJOS KOMUNIKACIJOS,
VILNIUS, VILNIAUS APSKRITIS, LT. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 12 of 33 0b0c6a7b64
NEW none[none] none:none
none|none none none

09:05:00 Win2K-f 122.30.197.160 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

09:06:00 WinXP 120.75.65.73 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 32 729460379a
NEW none[none] none:none
none|none none none

T:09:09:00 Win2K-f 118.236.142.46 (-):
. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

09:13:00 WinXP 58.91.71.14 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset other
17 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

09:16:00 WinXP 118.237.0.199 (-):
. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 31 of 32 27b945de66
[Firefox: 7 hits: 06-20 to 06-29] none[4] none:none
none|none none trace

T:09:18:00 WinXP 82.207.7.206 (UKRTEL.NET):
UKRTELECOM IP ACCESS NETWORK IN LVIV,
LVIV, L'VIVS'KA OBLAST', UA. (DIAL) n/a 445 pcap raw alerts
ruleset ftp
19 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:09:20:00 Win2K-f 118.236.65.37 (-):
. 72.10.172.218:7763 US:mx1.hotmail.com
US:mailin-01.mx.aol.com
US:ftp.newaol.com
US:yutunrz.1dumb.com
US:mailin-03.mx.aol.com
US:mcduii.3-a.net
CA:fuck.urpal43sourpalhuh.com
:jdjsloy.dynserv.com
**:wyqggvow.afraid.org
:nttstziinpa.hn.org
US:143.215.15.145:80
US:205.188.252.17:25
CA:72.10.172.218:7763 445 pcap raw alerts
ruleset ftp
lanman
http
irc
374 lines Yeah : 1.8
profile none summary
tarball 30 of 32
29 of 32
1 of 33 110fa63f66
NEW
8acd7e1937
[Firefox: 3 hits: 06-22 to 06-27]
feaa30bbbd
NEW none[none]
8acd7e1937[1]
none [none] none:none
ASM:Graph
none:none
none|none
none|none
none|none none
lines=0
none none
trace
none

09:21:00 Win2K-f 118.0.117.116 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
40 lines Yeah : 1.3
profile none summary
tarball 9 of 33 eca3a42e16
NEW none[none] none:none
none|none none none

09:23:00 Win2K-f 92.13.28.160 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
34 lines Yeah : 1.3
profile none summary
tarball 31 of 33 f4a8c4177e
[Firefox: 3 hits: 06-28 to 06-29] none[none] none:none
none|none none none

09:25:00 WinXP 85.181.27.6 (ALICEDSL.DE):
HANSENET-ADSL,
DE. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:09:28:00 Win2K-f 88.12.153.79 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
MADRID, MADRID, ES. 72.10.172.218:7763 HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.8
profile none summary
tarball 20 of 33 10bb89cd13
NEW none[none] none:none
none|none none none

T:09:29:00 WinXP 193.250.146.248 (ABO.WANADOO.FR):
WANADOO FRANCE,
PARIS, ILE-DE-FRANCE, FR. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 32 of 32 03f912899b
[Firefox:22 hits: 12-14 to 06-29] 83893bd25d [0] ASM:Graph
none|none lines=65 trace

T:09:31:00 Win2K-f 221.188.246.16 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 2b2bd3d3c5
NEW none[none] none:none
none|none none none

09:32:00 WinXP 91.141.125.18 (I-ONE.AT):
NETWORK OF ONE GMBH,
VIENNA, WIEN, AT. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 30 of 33 fd8c628520
NEW none[none] none:none
none|none none none

T:09:39:00 Win2K-f 213.22.244.86 (CPE.NETCABO.PT):
TVCABO-PORTUGAL CABLE MODEM NETWORK,
PT. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 9 of 33 88ea00e846
NEW none[none] none:none
none|none none none

09:51:00 WinXP 83.178.9.172 (TELE2.SE):
TELE2 INTERNET PROVIDER,
SE. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 20 of 33 fe58de7629
NEW none[none] none:none
none|none none none

T:09:52:00 WinXP 119.72.13.188 (-):
. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 32 eb174ca661
NEW none[none] none:none
none|none none none

09:55:00 Win2K-f 118.108.64.139 (-):
. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 8e220829dc
NEW none[none] none:none
none|none none none

10:01:00 Win2K-f 118.236.168.130 (-):
. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 32 of 33 baea578234
NEW none[none] none:none
none|none none none

10:06:00 Win2K-f 123.225.216.101 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:10:09:00 Win2K-f 79.77.160.248 (AS9105.COM):
TELINCO,
UK. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

10:15:00 Win2K-f 4.245.113.123 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
SPARKS, NEVADA, US. (DIAL) n/a US:microsoft.com
US:download.microsoft.com
US:207.123.37.125:80 135 pcap raw alerts
ruleset other
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
73f1082158
[Firefox:112 hits: 06-18 to 06-29] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

10:15:00 WinXP 118.236.162.188 (-):
. n/a 445 pcap raw alerts
ruleset shell
ftp
13 lines Yeah : 0.8
profile none summary
tarball 32 of 32 93385541f3
[Firefox: 3 hits: 06-22 to 06-29] none[4] none:none
none|none none trace

T:10:18:00 WinXP 86.144.216.188 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
OXFORD, ENGLAND, UK. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 c789e64d64
NEW none[none] none:none
none|none none none

T:10:20:00 WinXP 24.24.234.55 (RR.COM):
ROAD RUNNER HOLDCO LLC,
WESTMINSTER, CALIFORNIA, US. n/a 135 pcap raw alerts
ruleset other
74 lines Yeah : 1.3
profile none summary
tarball 0 of 32 73f1082158
[Firefox:112 hits: 06-18 to 06-29] 73f1082158 [1] ASM:Graph
Armadillo| lines=81 trace

T:10:22:00 WinXP 118.236.154.47 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:10:23:00 Win2K-f 125.198.41.133 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:10:25:00 Win2K-f 88.134.166.77 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DRESDEN, SACHSEN, DE. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 32 of 33 530856613e
[Firefox: 2 hits: 06-28 to 06-29] none[none] none:none
none|none none none

10:30:00 Win2K-f 124.100.114.89 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 e7895f2da4
NEW none[none] none:none
none|none none none

10:32:00 WinXP 85.178.162.210 (ALICEDSL.DE):
HANSENET-ADSL,
BERLIN, BERLIN, DE. (DSL) n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 797d57e146
NEW none[none] none:none
none|none none none

T:10:46:00 Win2K-f 62.198.222.127 (DSL.TELIANET.DK):
TELIANET,
DK. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 b812f4ac12
NEW none[none] none:none
none|none none none

10:50:00 WinXP 217.94.240.125 (T-DIALIN.NET):
DEUTSCHE TELEKOM AG,
SINDELFINGEN, BADEN-WURTTEMBERG, DE. (DIAL) n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 1ba3d9d3e8
NEW none[none] none:none
none|none none none

T:10:59:00 WinXP 91.65.222.244 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

11:05:00 WinXP 24.84.62.36 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. n/a HK:proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:198.78.220.126:80
US:205.128.66.126:80
US:4.23.60.125:80 135 pcap raw alerts
ruleset other
114 lines Yeah : 1.3
profile none summary
tarball 30 of 33
31 of 33 0c3483f84f
NEW
9d553b4136
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:11:10:00 WinXP 213.76.154.12 (LANNET.PL):
LANNET S.C. W. KOMALA Z. LOMPERTA,
WARSAW, MAZOWIECKIE, PL. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 32 of 33 bac08f30c4
NEW none[none] none:none
none|none none none

11:10:00 Win2K-f 91.65.38.41 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:11:19:00 Win2K-f 83.233.173.167 (SWIPNET.SE):
PROVIDER LOCAL REGISTRY,
SE. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 68302d5812
NEW none[none] none:none
none|none none none

T:11:20:00 Win2K-f 85.152.232.108 (CM-85-152-232-10.TELECABLE.ES):
TELECABLE,
AVILES, ASTURIAS, ES. (DSL) n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

11:23:00 WinXP 80.96.151.206 (NEXTRA.RO):
SC-NEXTRA TELECOM SRL,
TIMISOARA, TIMIS, RO. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

11:25:00 WinXP 92.11.213.7 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 12 of 33 9a32965bc8
[Firefox: 4 hits: 06-28 to 06-29] none[none] none:none
none|none none none

T:11:37:00 WinXP 92.12.212.41 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 e511b659f8
NEW none[none] none:none
none|none none none

T:11:40:00 WinXP 87.15.88.196 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
BERGAMO, LOMBARDIA, IT. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 4f3df56c30
[Firefox: 4 hits: 06-28 to 06-29] none[none] none:none
none|none none none

T:11:42:00 WinXP 24.84.232.228 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
KAMLOOPS, BRITISH COLUMBIA, CA. n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
77 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
73f1082158
[Firefox:112 hits: 06-18 to 06-29] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:11:44:00 Win2K-f 123.216.117.156 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 31 of 33 43d4a635a9
NEW none[none] none:none
none|none none none

11:48:00 Win2K-f 91.67.195.225 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

11:49:00 Win2K-f 85.179.149.253 (ALICEDSL.DE):
HANSENET-ADSL,
DE. (DSL) n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 22 of 33 d86d961939
NEW none[none] none:none
none|none none none

11:51:00 WinXP 84.9.149.230 (BULLDOGDSL.COM):
BKL-BAS-002 DYNAMIC IP POOL,
SOUTHAMPTON, ENGLAND, UK. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

12:02:00 WinXP 217.19.121.80 (RUNEXT.COM):
PROVIDER LOCAL REGISTRY,
RU. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

12:03:00 WinXP 203.180.89.141 (BMOBILE.NE.JP):
JAPAN COMMUNICATION INC,
JP. n/a EU:siliconfireware.ru
GB:new.egg.com
:wpad
DE:212.227.111.29:80
DE:217.11.54.126:80
GB:217.145.225.22:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 a12cab51ef
[Firefox:1080 hits: 05-01 to 06-29] 40f7f463c4 [0] ASM:Graph
ASPack| lines=281
embedded dns trace

12:06:00 Win2K-f 92.9.106.115 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:12:11:00 Win2K-f 217.30.154.30 (NET.PL):
STATIC BROADBAND SERVICES,
WROCLAW, DOLNOSLASKIE, PL. (DIAL) n/a 445 pcap raw alerts
ruleset ftp
18 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

12:11:00 Win2K-f 82.234.36.34 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 32 00710a2ffa
NEW none[none] none:none
none|none none none

T:12:14:00 WinXP 83.37.11.104 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
VITORIA, PAIS VASCO, ES. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 32 of 33 fa69ec9963
NEW none[none] none:none
none|none none none

T:12:16:00 WinXP 63.25.93.171 (UU.NET):
UUNET TECHNOLOGIES INC,
US. n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.83:80 135 pcap raw alerts
ruleset http
117 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
73f1082158
[Firefox:112 hits: 06-18 to 06-29] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:12:17:00 WinXP 151.118.186.155 (QWEST.NET):
QWEST BROADBAND,
PHOENIX, ARIZONA, US. n/a 135 pcap raw alerts
ruleset other
12 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:12:18:00 Win2K-f 221.191.92.191 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset other
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

12:19:00 Win2K-f 84.126.248.36 (ONO.COM):
PROVIDER LOCAL REGISTRY,
ES. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

12:28:00 WinXP 85.179.149.59 (ALICEDSL.DE):
HANSENET-ADSL,
DE. (DSL) n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 22 of 33 d86d961939
NEW none[none] none:none
none|none none none

T:12:37:00 Win2K-f 81.11.173.86 (DSL.SCARLET.BE):
PI-BELGIUM,
MORTSEL, ANTWERPEN, BE. (DSL) n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 92de3628a4
NEW none[none] none:none
none|none none none

T:12:40:00 Win2K-f 60.39.25.155 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 16 of 33 c6f8fb9835
NEW none[none] none:none
none|none none none

T:12:43:00 WinXP 83.37.98.123 (RIMA-TDE.NET):
TELEFONICA DE ESPANA,
ALBACETE, CASTILLA-LA MANCHA, ES. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball 19 of 33 e623e10695
NEW none[none] none:none
none|none none none

12:48:00 Win2K-f 91.66.91.106 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a 445 pcap raw alerts
ruleset ftp
37 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

12:48:00 Win2K-f 81.3.251.96 (-):
ONE,
AT. n/a 445 pcap raw alerts
ruleset other
10 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:12:59:00 WinXP 92.10.4.188 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 12 of 33 ac164e8362
[Firefox: 3 hits: 06-28 to 06-28] none[none] none:none
none|none none none

T:13:01:00 Win2K-f 80.188.149.24 (IOL.CZ):
DIAL UP USERS,
PRAGUE, HLAVNI MESTO PRAHA, CZ. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
19 lines Yeah : 1.3
profile none summary
tarball 31 of 33 a23aa7e413
NEW none[none] none:none
none|none none none

13:01:00 Win2K-f 118.8.215.251 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

13:07:00 Win2K-f 118.236.167.244 (-):
. n/a 445 pcap raw alerts
ruleset other
4 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:13:09:00 Win2K-f 60.254.215.145 (EMOBILE.AD.JP):
EMOBILE LTD,
TOKYO, TOKYO, JP. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
22 lines Yeah : 1.3
profile none summary
tarball 30 of 33 e9a6dc415a
NEW none[none] none:none
none|none none none

T:13:10:00 WinXP 59.115.100.106 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a 445 pcap raw alerts
ruleset shell
3 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:13:17:00 WinXP 123.221.237.212 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:13:21:00 Win2K-f 92.12.186.156 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 12 of 33 ac164e8362
[Firefox: 3 hits: 06-28 to 06-28] none[none] none:none
none|none none none

13:22:00 Win2K-f 82.246.227.108 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. n/a 445 pcap raw alerts
ruleset other
8 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

13:24:00 WinXP 66.9.164.35 (INTELLISPACE.NET):
INTELLISPACE INC,
SCHAUMBURG, ILLINOIS, US. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
29 lines Yeah : 1.3
profile none summary
tarball 31 of 33 aae6342c89
NEW none[none] none:none
none|none none none

T:13:24:00 Win2K-f 82.244.181.38 (PROXAD.NET):
PROXAD / FREE SAS,
VERSAILLES, ILE-DE-FRANCE, FR. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 21 of 33 e4d07f5d69
NEW none[none] none:none
none|none none none

13:28:00 WinXP 88.134.146.159 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 5531425510
NEW none[none] none:none
none|none none none

13:33:00 Win2K-f 220.105.152.125 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

13:36:00 WinXP 68.149.154.56 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
EDMONTON, ALBERTA, CA. (DSL) n/a US:microsoft.com
US:download.microsoft.com
US:192.221.99.124:80
US:207.123.46.125:80
US:207.123.46.126:80 135 pcap raw alerts
ruleset other
77 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
73f1082158
[Firefox:112 hits: 06-18 to 06-29] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:13:37:00 WinXP 190.188.0.126 (NET.AR):
PRIMA S.A,
AR. n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:3117 hits: 12-31 to 06-29] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

13:50:00 WinXP 93.120.154.5 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:13:50:00 WinXP 65.173.139.164 (MAYSVILLEKY.NET):
LIME STONE CABLE,
MAYSVILLE, KENTUCKY, US. (DSL) n/a DE:siliconfireware.ru
:wpad
US:searchportal.information.com
US:sprw.information.com
US:spi.domainsponsor.com
DE:ebookfinaltrash.ru
US:204.13.161.51:80
DE:212.227.111.29:80
DE:217.11.54.126:80 445 pcap raw alerts
ruleset http
http
http
15 lines Yeah : 0.8
profile none summary
tarball 29 of 29 a12cab51ef
[Firefox:1080 hits: 05-01 to 06-29] 40f7f463c4 [0] ASM:Graph
ASPack| lines=281
embedded dns trace

13:53:00 Win2K-f 217.125.201.199 (RIMA-TDE.NET):
TELEFONICA DE ESPANA SAU (NCC#2001040161),
MADRID, MADRID, ES. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:14:08:00 Win2K-f 118.109.152.199 (-):
. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 31 of 32 32aeda82d5
NEW none[none] none:none
none|none none none

14:18:00 WinXP 62.11.24.194 (DIALUP.TISCALI.IT):
TISCALI ITALIA SPA,
VERONA, VENETO, IT. (DIAL) n/a DE:siliconfireware.ru
DE:ebookfinaltrash.ru
:wpad
DE:212.227.111.29:80
DE:217.11.54.126:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 df17a625ee
[Firefox:476 hits: 05-04 to 06-29] 9bbdd086c5 [0] ASM:Graph
ASPack| lines=186
embedded dns trace

T:14:21:00 WinXP 122.146.83.160 (SPARQNET.NET):
NEW CENTURY INFOCOMM TECH. CO. LTD,
TW. n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
78 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
73f1082158
[Firefox:112 hits: 06-18 to 06-29] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:14:32:00 WinXP 69.176.15.82 (MIS.NET):
MIKROTEC INTERNET SERVICES INC,
LEXINGTON, KENTUCKY, US. (DSL) 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:3117 hits: 12-31 to 06-29] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:14:37:00 Win2K-f 84.126.248.36 (ONO.COM):
PROVIDER LOCAL REGISTRY,
ES. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

14:38:00 WinXP 119.94.188.238 (-):
. n/a US:microsoft.com
US:download.microsoft.com
US:204.160.126.126:80
US:206.33.45.125:80
US:207.123.47.126:80 135 pcap raw alerts
ruleset other
81 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
57ce4acac2
[Firefox:27 hits: 06-17 to 06-29] none[4]
57ce4acac2[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

14:48:00 WinXP 92.12.186.156 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 12 of 33 ac164e8362
[Firefox: 3 hits: 06-28 to 06-28] none[none] none:none
none|none none none

14:49:00 WinXP 4.225.210.201 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
LOVELAND, COLORADO, US. (DIAL) n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:3117 hits: 12-31 to 06-29] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:14:51:00 WinXP 69.153.62.233 (SWBELL.NET):
PPPOX POOL RBACK9 SNANTX,
SAN ANTONIO, TEXAS, US. (DSL) n/a EU:siliconfireware.ru
:wpad
US:searchportal.information.com
US:spi.domainsponsor.com
:landdev1.lap.internal 445 pcap raw alerts
ruleset http
http
6 lines Yeah : 0.8
profile none summary
tarball 29 of 29 a12cab51ef
[Firefox:1080 hits: 05-01 to 06-29] 40f7f463c4 [0] ASM:Graph
ASPack| lines=281
embedded dns trace

14:59:00 WinXP 62.243.170.39 (ADSL-DHCP.TELE.DK):
TDC-TELEDANMARK-BREDBAANDSADSL-NET,
GREVE, ROSKILDE, DK. (DSL) n/a DE:siliconfireware.ru
:wpad
:www.proxy-socks.net
DE:212.227.111.29:80
DE:217.11.54.126:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 a12cab51ef
[Firefox:1080 hits: 05-01 to 06-29] 40f7f463c4 [0] ASM:Graph
ASPack| lines=281
embedded dns trace

T:15:00:00 WinXP 4.233.194.239 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
NEW HAMPSHIRE, US. (DIAL) n/a 445 pcap raw alerts
ruleset ftp
13 lines Yeah : 1.3
profile none summary
tarball 29 of 29 1a2c0e6130
[Firefox:442 hits: 12-31 to 06-29] 048df78048 [0] ASM:Graph
none|none lines=61 trace

T:15:00:00 Win2K-f 118.20.84.153 (-):
. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:15:19:00 WinXP 71.65.24.176 (RR.COM):
ROAD RUNNER HOLDCO LLC,
ANN ARBOR, MICHIGAN, US. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 31 of 32 741e3b03b3
[Firefox:83 hits: 09-28 to 06-29] e0197e8a64 [0] ASM:Graph
none|none lines=62 trace

15:27:00 Win2K-f 79.64.108.121 (AS9105.COM):
TELINCO,
UK. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 30 of 32 4765ee5d72
NEW none[none] none:none
none|none none none

T:15:38:00 WinXP 207.5.207.93 (SUSCOM-MAINE.NET):
GREAT WORKS INTERNET,
BRUNSWICK, MAINE, US. n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
73f1082158
[Firefox:112 hits: 06-18 to 06-29] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

15:41:00 WinXP 85.240.163.173 (DSL.TELEPAC.PT):
PT.COM - COMUNICACOES INTERACTIVAS S.A,
LEIRIA, LEIRIA, PT. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 13 of 33 ffb3b175e5
[Firefox: 7 hits: 06-27 to 06-29] none[none] none:none
none|none none none

15:41:00 WinXP 24.65.79.12 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
EDMONTON, ALBERTA, CA. (DSL) n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
113 lines Yeah : 1.3
profile none summary
tarball 31 of 32
23 of 33 bca9e0fb5f
[Firefox: 6 hits: 06-18 to 06-25]
e53a9ea82e
[Firefox: 6 hits: 06-18 to 06-25] none[4]
e53a9ea82e[1] none:none
ASM:Graph
PolyEnE|
Armadillo| none
lines=81 trace
trace

T:15:42:00 Win2K-f 116.39.221.3 (-):
LG POWERCOMM,
SEOUL, KYONGGI-DO, KR. n/a US:microsoft.com
HK:proxima.ircgalaxy.pl
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
97 lines Yeah : 1.3
profile none summary
tarball 31 of 33
31 of 33 4ab2ecbc0f
NEW
65eb2e3aee
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:15:46:00 Win2K-f 79.64.108.121 (AS9105.COM):
TELINCO,
UK. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball 30 of 32 4765ee5d72
NEW none[none] none:none
none|none none none

T:15:48:00 Win2K-f 4.242.132.123 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
DALLAS, OREGON, US. (DIAL) n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
a08f3b74a4
[Firefox:101 hits: 06-18 to 06-29] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:15:48:00 WinXP 123.254.13.119 (PIKARA.NE.JP):
STNET INCORPORATED,
TAKAMATSU, KAGAWA, JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 32 of 33 ddf9439cc6
NEW none[none] none:none
none|none none none

T:15:53:00 Win2K-f 118.236.245.98 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

15:54:00 WinXP 80.137.223.65 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
HAMBURG, HAMBURG, DE. n/a 445 pcap raw alerts
ruleset ftp
21 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

15:55:00 Win2K-f 91.141.104.191 (I-ONE.AT):
NETWORK OF ONE GMBH,
VIENNA, WIEN, AT. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 19 of 32 0993a67cea
NEW none[none] none:none
none|none none none

T:15:59:00 WinXP 67.55.154.203 (SOUTHSLOPE.NET):
SOUTH SLOPE COOPERATIVE TELEPHONE,
NORTH LIBERTY, IOWA, US. (DSL) n/a UA:citi-bank.ru
:parex-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 27 of 32 f190da6fbe
[Firefox:28 hits: 12-15 to 05-10] d8dc6af14c [0] ASM:Graph
PolyEnE| lines=68 trace

16:03:00 Win2K-f 118.8.16.216 (-):
. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 26ac4391e0
[Firefox: 3 hits: 06-28 to 06-29] none[none] none:none
none|none none none

T:16:10:00 WinXP 190.161.30.233 (VTR.NET):
VTR BANDA ANCHA S.A,
PATERSON, NEW JERSEY, US. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

16:12:00 WinXP 123.225.72.236 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

16:25:00 WinXP 59.114.216.253 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:1371 hits: 12-31 to 06-29] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

T:16:32:00 Win2K-f 78.130.8.136 (REV.OPTIMUS.PT):
OPTIMUS PORTUGAL,
PT. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 31 of 33 e0d20c2736
NEW none[none] none:none
none|none none none

T:16:33:00 WinXP 221.127.149.201 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:16:38:00 WinXP 75.179.35.8 (RR.COM):
ROAD RUNNER HOLDCO LLC,
AKRON, OHIO, US. n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
59 lines Yeah : 1.3
profile none summary
tarball 33 of 33
8 of 33 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
b7082104e4
[Firefox:17 hits: 06-18 to 06-29] none[4]
none [4] none:none
none:none
tElock|
tElock| none
none trace
trace

16:53:00 Win2K-f 125.215.101.162 (PIKARA.NE.JP):
PIKARA(STNET INCORPORATED),
JP. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 8521970203
NEW none[none] none:none
none|none none none

T:16:55:00 WinXP 202.88.238.238 (ASIANET.CO.IN):
ASIANET IS A ISP PROVIDING ACCESS THROUGH CABLE,
TRIVANDRUM, KERALA, IN. n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
111 lines Yeah : 1.3
profile none summary
tarball 31 of 33
29 of 33
0 of 33 133401d618
[Firefox: 3 hits: 06-18 to 06-23]
7819d05bbf
[Firefox: 2 hits: 06-21 to 06-23]
e07c29c4ae
[Firefox:44 hits: 06-19 to 06-29] none[4]
7819d05bbf[1]
e07c29c4ae[1] none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
FSG| none
lines=82
lines=92 trace
trace
trace

16:55:00 Win2K-f 118.20.84.153 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

16:58:00 WinXP 123.50.65.71 (-):
MANA INTERNET SERVICE PROVIDER,
PAPEETE, FRENCH POLYNESIA, PF. n/a 445 pcap raw alerts
ruleset ftp
13 lines Yeah : 0.8
profile none summary
tarball 31 of 32 741e3b03b3
[Firefox:83 hits: 09-28 to 06-29] e0197e8a64 [0] ASM:Graph
none|none lines=62 trace

17:16:00 Win2K-f 60.46.102.28 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

17:18:00 WinXP 12.74.205.203 (ATT.NET):
AT&T WORLDNET SERVICES,
SAN ANTONIO, TEXAS, US. (DIAL) n/a HK:proxim.ircgalaxy.pl
UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 32 of 32 67f9b1a0ed
NEW none[none] none:none
none|none none none

T:17:18:00 Win2K-f 92.0.13.154 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 12 of 33 9a32965bc8
[Firefox: 4 hits: 06-28 to 06-29] none[none] none:none
none|none none none

T:17:23:00 Win2K-f 220.97.160.66 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
CHENNAI, TAMIL NADU, IN. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 b2382cdf36
NEW none[none] none:none
none|none none none

17:28:00 WinXP 118.4.118.167 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

17:33:00 WinXP 92.2.94.1 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 12 of 33 9a32965bc8
[Firefox: 4 hits: 06-28 to 06-29] none[none] none:none
none|none none none

T:17:33:00 Win2K-f 125.197.44.150 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a 445 pcap raw alerts
ruleset other
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:17:34:00 WinXP 118.236.118.57 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

17:36:00 WinXP 24.35.114.126 (CABLESPEED.COM):
CABLESPEED - MARYLAND,
GLEN BURNIE, MARYLAND, US. (DSL) n/a HK:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 32 of 33 59074c6509
NEW none[none] none:none
none|none none none

T:17:36:00 WinXP 24.35.114.126 (CABLESPEED.COM):
CABLESPEED - MARYLAND,
GLEN BURNIE, MARYLAND, US. (DSL) n/a HK:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 32 of 33 59074c6509
NEW none[none] none:none
none|none none none

17:39:00 Win2K-f 119.72.57.18 (-):
. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 17 of 33 43b324d347
NEW none[none] none:none
none|none none none

17:46:00 WinXP 222.144.175.199 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

17:49:00 Win2K-f 60.239.30.24 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 30 of 33 702fe1335a
[Firefox: 2 hits: 06-28 to 06-29] none[none] none:none
none|none none none

18:01:00 Win2K-f 71.101.193.205 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
PALMETTO, FLORIDA, US. (DSL) n/a US:microsoft.com
US:download.microsoft.com
US:199.93.46.124:80
US:204.160.126.126:80
US:205.128.79.124:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
a08f3b74a4
[Firefox:101 hits: 06-18 to 06-29] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

18:03:00 WinXP 124.99.243.42 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 23 of 33 776bdb2f05
NEW none[none] none:none
none|none none none

18:09:00 Win2K-f 220.97.160.66 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
CHENNAI, TAMIL NADU, IN. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 31 of 33 b2382cdf36
NEW none[none] none:none
none|none none none

T:18:10:00 WinXP 118.3.108.47 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

18:19:00 Win2K-f 67.125.140.230 (PACBELL.NET):
AT&T INTERNET SERVICES,
FRESNO, CALIFORNIA, US. n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80 135 pcap raw alerts
ruleset other
94 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
a08f3b74a4
[Firefox:101 hits: 06-18 to 06-29] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

18:21:00 WinXP 58.95.223.54 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

18:21:00 Win2K-f 221.188.193.100 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:18:21:00 Win2K-f 118.109.137.17 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:18:23:00 WinXP 74.214.47.11 (METROCAST.NET):
GMP CABLE TV,
BERWICK, PENNSYLVANIA, US. 194.109.11.65:6556 :0x80.my-secure.name
NL:0x80.my1x1.com
NL:0x80.martiansong.com 135 pcap raw alerts
ruleset other
230 lines Yeah : 1.8
profile none summary
tarball 32 of 33 fe22b8315f
[Firefox: 3 hits: 06-19 to 06-23] none[4] none:none
StarForce| none trace

T:18:27:00 WinXP 123.213.2.67 (-):
HANARO TELECOM,
SEOUL, KYONGGI-DO, KR. n/a HK:proxima.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
97 lines Yeah : 1.3
profile none summary
tarball 31 of 33
29 of 32 168aab35a3
[Firefox:19 hits: 06-17 to 06-29]
61426996c3
NEW none[4]
61426996c3[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=82 trace
trace

T:18:30:00 WinXP 58.88.48.120 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

18:36:00 WinXP 70.74.216.121 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
73f1082158
[Firefox:112 hits: 06-18 to 06-29] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:18:39:00 Win2K-f 125.203.108.197 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. (DSL) n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 a2e87c8f2f
NEW none[none] none:none
none|none none none

18:40:00 WinXP 201.69.132.222 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 f502585714
[Firefox:88 hits: 05-03 to 06-25] ae590430c5 [0] ASM:Graph
PolyEnE| lines=63 trace

18:43:00 Win2K-f 124.84.117.99 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:18:54:00 Win2K-f 61.218.193.250 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80 135 pcap raw alerts
ruleset http
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
57ce4acac2
[Firefox:27 hits: 06-17 to 06-29] none[4]
57ce4acac2[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

18:58:00 Win2K-f 122.2.43.218 (PLDT.NET):
JNEC7300I03_CONSUMER,
CEBU, CEBU CITY, PH. n/a 135 pcap raw alerts
ruleset other
300 lines Yeah : 1.3
profile none summary
tarball 30 of 32 8354fa612f
NEW none[none] none:none
none|none none none

T:18:58:00 WinXP 208.32.149.29 (BUGGS.NET):
BUGGS NET TELEPHONE,
LA CROSSE, VIRGINIA, US. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
3 lines Yeah : 0.8
profile none summary
tarball 29 of 29 f502585714
[Firefox:88 hits: 05-03 to 06-25] ae590430c5 [0] ASM:Graph
PolyEnE| lines=63 trace

18:59:00 WinXP 119.11.104.101 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 30 of 33 c4fe07012a
NEW none[none] none:none
none|none none none

19:02:00 Win2K-f 119.11.98.210 (-):
. n/a 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 30 of 33 c4fe07012a
NEW none[none] none:none
none|none none none

T:19:06:00 WinXP 190.137.92.112 (NET.AR):
TELECOM ARGENTINA S.A,
AR. n/a HK:proxim.ircgalaxy.pl
UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 32 of 33 78b29f38ed
[Firefox: 4 hits: 06-29 to 06-29] none[none] none:none
none|none none none

19:09:00 WinXP 118.21.113.89 (-):
. n/a 445 pcap raw alerts
ruleset ftp
30 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:19:14:00 WinXP 221.126.7.22 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
35 lines Yeah : 1.8
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

19:15:00 Win2K-f 71.51.117.57 (EMBARQHSD.NET):
EMBARQ CORPORATION,
WINTER PARK, FLORIDA, US. n/a US:microsoft.com
US:download.microsoft.com
US:199.93.46.124:80 135 pcap raw alerts
ruleset other
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
a08f3b74a4
[Firefox:101 hits: 06-18 to 06-29] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:19:16:00 WinXP 222.144.220.84 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 69.247.147.113:13001 HK:proxim.ircgalaxy.pl
US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
41 lines Yeah : 1.8
profile none summary
tarball 19 of 33 5b194892cf
NEW none[none] none:none
none|none none none

T:19:19:00 Win2K-f 125.196.174.178 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

19:23:00 Win2K-f 202.70.249.50 (ONINET.NE.JP):
OKAYAMA NETWORK INC,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset other
14 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:19:31:00 Win2K-f 78.148.246.77 (OPALTELECOM.NET):
OPAL TELECOMMUNICATIONS INTERNET SERVICE PROVIDER,
UK. n/a 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 32 of 33 3f8d1c3246
[Firefox: 2 hits: 06-28 to 06-29] none[none] none:none
none|none none none

19:32:00 Win2K-f 61.207.215.192 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:19:37:00 WinXP 118.98.217.142 (-):
. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
41 lines Yeah : 1.8
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:19:38:00 WinXP 4.244.39.177 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
ST. LOUIS, MISSOURI, US. (DIAL) 194.54.90.246:80 UA:citi-bank.ru
US:adult-empire.com 445 pcap raw alerts
ruleset http
3 lines Yeah : 1.3
profile none summary
tarball 19 of 29 97e4d0d863
[Firefox: 4 hits: 07-25 to 11-22] none[none] none:none
none|none none none

19:39:00 WinXP 4.244.39.177 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
ST. LOUIS, MISSOURI, US. (DIAL) n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:3117 hits: 12-31 to 06-29] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:19:44:00 Win2K-f 124.102.0.149 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 31 of 33 d60e1eb1a2
NEW none[none] none:none
none|none none none

19:48:00 Win2K-f 83.233.173.167 (SWIPNET.SE):
PROVIDER LOCAL REGISTRY,
SE. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 68302d5812
NEW none[none] none:none
none|none none none

T:19:49:00 Win2K-f 83.234.145.57 (-):
(IR001812) BAYKALPHONECOMPANY,
RU. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
34 lines Yeah : 1.8
profile none summary
tarball 13 of 33 18101f06ca
NEW none[none] none:none
none|none none none

T:19:49:00 WinXP 122.29.192.137 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 72.10.172.218:9928 US:mx1.hotmail.com
US:mailin-04.mx.aol.com
SE:ftp.icq.com
US:mailin-03.mx.aol.com
US:yutunrz.1dumb.com
:http.icq.com.edgesuite.net
HK:proxima.ircgalaxy.pl
CA:tai.ihshsd8.com
US:mm.esskil99.info 445 pcap raw alerts
ruleset ftp
http
irc
54 lines Yeah : 1.8
profile none summary
tarball 13 of 33
30 of 33 59aafd5707
NEW
a65ca3dcdf
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:19:58:00 Win2K-f 118.236.242.117 (-):
. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
67 lines Yeah : 1.8
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:19:59:00 Win2K-f 76.244.176.42 (PACBELL.NET):
AT&T INTERNET SERVICES,
US. n/a US:microsoft.com
US:download.microsoft.com
US:192.221.110.126:80
US:199.93.41.124:80
US:207.123.37.125:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
a08f3b74a4
[Firefox:101 hits: 06-18 to 06-29] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

20:02:00 WinXP 58.91.117.64 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

20:04:00 Win2K-f 218.169.84.150 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
18 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2770 hits: 12-31 to 06-29] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

20:07:00 Win2K-f 118.109.190.216 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:20:08:00 WinXP 118.98.219.46 (-):
. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
65 lines Yeah : 1.8
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

20:14:00 WinXP 61.254.247.130 (HAEDONGTEK.CO.KR):
THRUNET CO. LTD,
SEOUL, KYONGGI-DO, KR. n/a HK:proxima.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
87 lines Yeah : 1.3
profile none summary
tarball 31 of 33
0 of 33 6f630e7aa2
NEW
a08f3b74a4
[Firefox:101 hits: 06-18 to 06-29] none[none]
a08f3b74a4[1] none:none
ASM:Graph
none|none
Armadillo| none
lines=81 none
trace

T:20:15:00 Win2K-f 65.68.44.78 (SWBELL.NET):
AT&T INTERNET SERVICES,
KANSAS CITY, MISSOURI, US. (DSL) n/a HK:proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
125 lines Yeah : 1.3
profile none summary
tarball 32 of 33
0 of 32
28 of 32 3f0a5b2ebe
[Firefox: 4 hits: 06-18 to 06-26]
b5919931fe
[Firefox:42 hits: 06-20 to 06-29]
c6bfb5f0f2
[Firefox: 4 hits: 06-18 to 06-26] none[4]
b5919931fe[1]
c6bfb5f0f2[1] none:none
ASM:Graph
ASM:Graph
PolyEnE|
ASProtect|
Armadillo| none
lines=90
lines=81 trace
trace
trace

T:20:17:00 WinXP 122.134.52.71 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
63 lines Yeah : 1.8
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

20:20:00 Win2K-f 91.64.144.233 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
BERLIN, BERLIN, DE. n/a 445 pcap raw alerts
ruleset other
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

20:23:00 WinXP 123.50.73.97 (-):
MANA INTERNET SERVICE PROVIDER,
PAPEETE, FRENCH POLYNESIA, PF. n/a 445 pcap raw alerts
ruleset ftp
13 lines Yeah : 0.8
profile none summary
tarball 31 of 32 741e3b03b3
[Firefox:83 hits: 09-28 to 06-29] e0197e8a64 [0] ASM:Graph
none|none lines=62 trace

T:20:25:00 Win2K-f 60.254.219.244 (EMOBILE.AD.JP):
EMOBILE LTD,
TOKYO, TOKYO, JP. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
21 lines Yeah : 1.3
profile none summary
tarball 31 of 33 aa120660b4
NEW none[none] none:none
none|none none none

20:26:00 Win2K-f 118.110.100.7 (-):
. n/a 445 pcap raw alerts
ruleset other
11 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

20:27:00 Win2K-f 202.70.72.150 (NTC.NET.NP):
NEPAL TELECOMMUNICATIONS CORPORATION,
KATHMANDU, BAGMATI, NP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
22 lines Yeah : 1.3
profile none summary
tarball 10 of 33 4f3df56c30
[Firefox: 4 hits: 06-28 to 06-29] none[none] none:none
none|none none none

T:20:32:00 WinXP 24.79.80.12 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
BURNABY, BRITISH COLUMBIA, CA. n/a HK:proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
136 lines Yeah : 1.3
profile none summary
tarball 29 of 33
31 of 33 9d07de7076
NEW
9e4de1fdb9
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

20:38:00 WinXP 119.95.117.234 (-):
. n/a 135 pcap raw alerts
ruleset other
205 lines Yeah : 1.3
profile none summary
tarball 28 of 33 157666b6e6
NEW none[none] none:none
none|none none none

T:20:45:00 Win2K-f 85.234.123.159 (-):
JSC REGIONAL COMPANY SVYAZTRANZIT,
RU. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
29 lines Yeah : 1.8
profile none summary
tarball 8 of 33 68ca30f6f8
NEW none[none] none:none
none|none none none

T:20:49:00 WinXP 24.95.240.44 (RR.COM):
ROAD RUNNER HOLDCO LLC,
KISSIMMEE, FLORIDA, US. n/a RU:moscow-advokat.ru
:flanders.be.eu.undernet.org
SE:qis.md.us.dal.net
US:lia.zanet.net
:los-angeles.ca.us.undernet.org
SE:broadway.ny.us.dal.net
SE:ced.dal.net
SE:vancouver.dal.net
NO:london.uk.eu.undernet.org
SE:coins.dal.net 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:1371 hits: 12-31 to 06-29] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

20:49:00 Win2K-f 204.116.124.206 (INFOAVE.NET):
INFO AVENUE INTERNET SERVICES LLC,
MT. AIRY, NORTH CAROLINA, US. n/a US:microsoft.com
HK:proxim.ircgalaxy.pl
US:download.microsoft.com
US:207.123.46.125:80 135 pcap raw alerts
ruleset other
113 lines Yeah : 1.3
profile none summary
tarball 31 of 33
29 of 33 dfbaaf577c
NEW
f504b4af20
NEW none[4]
f504b4af20[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=82 trace
trace

21:00:00 WinXP 125.215.98.8 (PIKARA.NE.JP):
PIKARA(STNET INCORPORATED),
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:21:04:00 Win2K-f 221.127.239.108 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 29 of 33 be2b228ff8
NEW none[none] none:none
none|none none none

21:06:00 Win2K-f 124.103.241.191 (CULPEPPER.COM):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:21:09:00 WinXP 71.130.22.21 (PACBELL.NET):
WILLIAM MARTINEZ DBA,
PLANO, TEXAS, US. (DSL) n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
a08f3b74a4
[Firefox:101 hits: 06-18 to 06-29] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

21:09:00 Win2K-f 220.108.158.11 (PLALA.OR.JP):
PLALA NETWORKS INC,
SHIZUOKA, SHIZUOKA, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:21:10:00 Win2K-f 81.198.255.143 (-):
ADDRESS POOL FOR LTC-HOME CUSTOMERS,
RIGA, RIGA, LV. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:21:12:00 Win2K-f 65.169.129.130 (LIBERTYNAT.COM):
BTC BROADBAND INC,
BIXBY, OKLAHOMA, US. n/a HK:proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
113 lines Yeah : 1.3
profile none summary
tarball 29 of 33
30 of 33 ae43bb721a
[Firefox: 2 hits: 06-19 to 06-21]
b5a9a8f575
[Firefox: 2 hits: 06-19 to 06-21] ae43bb721a [1]
none [4] ASM:Graph
none:none
Armadillo|
StarForce| lines=81
none trace
trace

21:15:00 WinXP 70.164.194.204 (COX.NET):
COX COMMUNICATIONS,
GAINESVILLE, FLORIDA, US. n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
73f1082158
[Firefox:112 hits: 06-18 to 06-29] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:21:17:00 Win2K-f 118.236.169.2 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 23 of 33 3b05a7e449
NEW none[none] none:none
none|none none none

21:19:00 Win2K-f 24.66.43.94 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
WINNIPEG, MANITOBA, CA. (DSL) n/a US:microsoft.com
HK:proxim.ircgalaxy.pl
US:download.microsoft.com
US:205.128.66.124:80
US:205.128.79.124:80
US:207.123.46.126:80 135 pcap raw alerts
ruleset other
94 lines Yeah : 1.3
profile none summary
tarball 31 of 33
1 of 33 48f8b1a711
[Firefox: 3 hits: 06-19 to 06-28]
aecf2a5fc9
[Firefox: 3 hits: 06-19 to 06-28] none[4]
aecf2a5fc9[1] none:none
ASM:Graph
PolyEnE|
Armadillo| none
lines=81 trace
trace

21:20:00 WinXP 118.98.219.46 (-):
. n/a 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:21:23:00 WinXP 122.26.31.32 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
34 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

21:27:00 Win2K-f 200.184.68.132 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a 445 pcap raw alerts
ruleset ftp
18 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:21:34:00 Win2K-f 213.45.38.156 (POOL21345.INTERBUSINESS.IT):
TELECOM ITALIA S.P.A,
PIACENZA, EMILIA-ROMAGNA, IT. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 32 of 33 ddf9439cc6
NEW none[none] none:none
none|none none none

T:21:35:00 WinXP 123.222.127.76 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

21:36:00 WinXP 66.19.5.50 (USLEC.NET):
USLEC CORP,
WORCESTER, MASSACHUSETTS, US. n/a RU:www.bbin.ru
:wpad
DE:siliconfireware.ru
GB:new.egg.com
RU:195.200.213.52:80
DE:212.227.111.29:80
DE:217.11.54.126:80
GB:217.145.225.22:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 a12cab51ef
[Firefox:1080 hits: 05-01 to 06-29] 40f7f463c4 [0] ASM:Graph
ASPack| lines=281
embedded dns trace

21:38:00 WinXP 4.244.48.108 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
SPRINGFIELD, MISSOURI, US. (DIAL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:3117 hits: 12-31 to 06-29] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:21:42:00 Win2K-f 220.109.71.70 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:21:47:00 WinXP 118.7.124.171 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

21:47:00 Win2K-f 125.215.105.6 (PIKARA.NE.JP):
PIKARA(STNET INCORPORATED),
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

21:59:00 Win2K-f 220.111.219.125 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 24 of 33 32db1e3b4d
NEW none[none] none:none
none|none none none

21:59:00 WinXP 4.225.141.41 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
LAWRENCEBURG, INDIANA, US. (DIAL) n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
100 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
73f1082158
[Firefox:112 hits: 06-18 to 06-29] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

22:02:00 Win2K-f 221.126.93.181 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:22:04:00 Win2K-f 124.86.89.115 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 32 of 33 a0b6f7359c
NEW none[none] none:none
none|none none none

T:22:07:00 WinXP 119.11.66.241 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
18 lines Yeah : 1.3
profile none summary
tarball 31 of 33 d6ffbfdf18
NEW none[none] none:none
none|none none none

22:09:00 WinXP 76.93.105.18 (-):
. n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
73f1082158
[Firefox:112 hits: 06-18 to 06-29] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

22:11:00 Win2K-f 221.184.220.243 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 16 of 33 df49df7e9e
NEW none[none] none:none
none|none none none

T:22:13:00 Win2K-f 118.108.66.58 (-):
. n/a 445 pcap raw alerts
ruleset other
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:22:17:00 WinXP 83.190.117.220 (CUST.TELE2.IT):
TELE2 ITALY S.A,
IT. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

22:21:00 WinXP 118.20.220.159 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 31 of 33 a558523d9e
NEW none[none] none:none
none|none none none

T:22:27:00 WinXP 220.102.113.37 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:22:28:00 WinXP 121.115.108.58 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 31 of 33 a2e87c8f2f
NEW none[none] none:none
none|none none none

22:30:00 Win2K-f 61.217.154.151 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a 445 pcap raw alerts
ruleset ftp
20 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

22:33:00 WinXP 122.26.219.107 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 8 of 33 b2fae7acd0
[Firefox: 2 hits: 06-28 to 06-29] none[none] none:none
none|none none none

22:49:00 WinXP 91.64.217.23 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
TRIER, RHEINLAND-PFALZ, DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 364d957b43
NEW none[none] none:none
none|none none none

T:22:51:00 Win2K-f 218.237.185.43 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a US:microsoft.com
HK:proxima.ircgalaxy.pl
US:download.microsoft.com
US:4.23.60.126:80 135 pcap raw alerts
ruleset other
87 lines Yeah : 1.3
profile none summary
tarball 31 of 33
0 of 33 168aab35a3
[Firefox:19 hits: 06-17 to 06-29]
4c3df24b32
[Firefox:34 hits: 06-17 to 06-29] none[4]
4c3df24b32[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

22:52:00 Win2K-f 80.219.101.173 (HISPEED.CH):
CABLECOMMAIN-NET,
ZURICH, ZURICH, CH. (DSL) n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 31 of 33 d7c5eee185
NEW none[none] none:none
none|none none none

T:22:52:00 Win2K-f 221.127.243.72 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 9 of 33 992112212e
NEW none[none] none:none
none|none none none

22:55:00 Win2K-f 61.199.147.29 (PLALA.OR.JP):
PLALA NETWORKS INC,
TOKYO, TOKYO, JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 18 of 33 4a64249404
NEW none[none] none:none
none|none none none

23:00:00 WinXP 119.11.112.35 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 13 of 33 a896c13b26
NEW none[none] none:none
none|none none none

T:23:02:00 Win2K-f 80.251.205.13 (-):
3 CUSTOMER DYNAMIC ADDRESS POOL,
SE. n/a 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 31 of 33 829052414a
[Firefox: 2 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:23:03:00 WinXP 207.144.10.193 (INFOAVE.NET):
INFO AVENUE INTERNET SERVICES LLC,
MT. AIRY, NORTH CAROLINA, US. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
29 lines Yeah : 1.3
profile none summary
tarball 30 of 33 3d95b4ac39
NEW none[none] none:none
none|none none none

23:06:00 Win2K-f 122.26.31.32 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:23:10:00 Win2K-f 222.147.236.145 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:23:22:00 Win2K-f 221.184.254.69 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:125 hits: 06-27 to 06-29] none[none] none:none
none|none none none

23:24:00 WinXP 99.163.51.250 (-):
. n/a 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 1.3
profile none summary
tarball 32 of 32 03f912899b
[Firefox:22 hits: 12-14 to 06-29] 83893bd25d [0] ASM:Graph
none|none lines=65 trace

T:23:24:00 Win2K-f 123.218.240.137 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:97 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:23:25:00 WinXP 221.126.129.76 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:23:25:00 WinXP 61.46.130.254 (ZAQ.NE.JP):
HIGASHI-OSAKA CABLE TELEVISION CO. LTD,
OSAKA, OSAKA, JP. n/a US:microsoft.com
US:download.microsoft.com
US:64.62.216.10:80 135 pcap raw alerts
ruleset http
77 lines Yeah : 1.3
profile none summary
tarball 0 of 32
33 of 33
0 of 33 07fabc79ef
[Firefox: 2 hits: 06-19 to 06-22]
53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
e07c29c4ae
[Firefox:44 hits: 06-19 to 06-29] 07fabc79ef [1]
none [4]
e07c29c4ae[1] ASM:Graph
none:none
ASM:Graph
Armadillo|
tElock|
FSG| lines=81
none
lines=92 trace
trace
trace

23:29:00 WinXP 118.7.82.135 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

23:33:00 Win2K-f 91.66.239.55 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a 445 pcap raw alerts
ruleset ftp
22 lines Yeah : 1.3
profile none summary
tarball 32 of 33 037d04feed
[Firefox: 2 hits: 06-28 to 06-28] none[none] none:none
none|none none none

T:23:34:00 Win2K-f 209.250.12.53 (CONVERGENTAZ.NET):
CONVERGENT INTERNET SOLUTIONS,
PRESCOTT, ARIZONA, US. n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
100 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32
0 of 32 53bfe15e91
[Firefox:274 hits: 06-17 to 06-29]
73f1082158
[Firefox:112 hits: 06-18 to 06-29]
b5919931fe
[Firefox:42 hits: 06-20 to 06-29] none[4]
73f1082158[1]
b5919931fe[1] none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
ASProtect| none
lines=81
lines=90 trace
trace
trace

23:40:00 WinXP 58.91.57.157 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 7bec55f05b
NEW none[none] none:none
none|none none none

23:42:00 Win2K-f 60.173.133.58 (AH163.NET):
CHINANET ANHUI PROVINCE NETWORK,
BEIJING, BEIJING, CN. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:67 hits: 06-27 to 06-29] none[none] none:none
none|none none none

T:23:42:00 Win2K-f 118.20.220.159 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 a558523d9e
NEW none[none] none:none
none|none none none

T:23:53:00 Win2K-f 122.17.133.72 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 d284c3c3f6
NEW none[none] none:none
none|none none none

T:23:56:00 WinXP 92.12.18.19 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 12 of 33 ac164e8362
[Firefox: 3 hits: 06-28 to 06-28] none[none] none:none
none|none none none

23:59:00 WinXP 216.126.173.175 (USLEC.NET):
USLEC CORP,
KNOXVILLE, TENNESSEE, US. n/a EU:siliconfireware.ru
:www.proxy-socks.net
:wpad
DE:212.227.111.29:80
DE:217.11.54.126:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 a12cab51ef
[Firefox:1080 hits: 05-01 to 06-29] 40f7f463c4 [0] ASM:Graph
ASPack| lines=281
embedded dns trace