Multiperspective Malware Analysis Page

Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

01 July 2008
<prev> <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.

Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]

Time
Victim
OS
Infection
Source
C&C
Server
DNS Lookups &
Failed Connects Infection
Port
Packet
Trace
Detection
Signatures
Infection
Chatter
BotHunter
Analysis
Behavioral
Cluster
Forensic
Logs
Antivirus
Labels
Packed Malware_Binary Unpacked egg.exe
Unpacked egg.asm
Packer PEID
Data Strings
Syscall Trace

00:07:00 Win2K-f 118.236.169.2 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 23 of 33 3b05a7e449
[Firefox: 2 hits: 06-29 to 06-30] none[none] none:none
none|none none none

00:10:00 WinXP 217.218.253.231 (-):
MARKAZI TELECOMUNICATION COMPANY,
IR. (100Mbps) n/a 445 pcap raw alerts
ruleset other
9 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

00:14:00 Win2K-f 86.138.220.245 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
LONDON, ENGLAND, UK. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
21 lines Yeah : 1.3
profile none summary
tarball 30 of 33 c789e64d64
NEW none[none] none:none
none|none none none

T:00:16:00 Win2K-f 60.38.129.95 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 30 of 33 1f7c55af5a
[Firefox: 2 hits: 06-27 to 06-28] none[none] none:none
none|none none none

00:20:00 WinXP 217.237.94.111 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
TRIER, RHEINLAND-PFALZ, DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
20 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

00:28:00 WinXP 78.8.21.75 (NET.PL):
DIALOG,
WROCLAW, DOLNOSLASKIE, PL. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

00:30:00 Win2K-f 91.66.67.182 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 f0661a9806
NEW none[none] none:none
none|none none none

00:35:00 WinXP 121.115.108.58 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 0d4eb498e6
NEW none[none] none:none
none|none none none

T:00:37:00 WinXP 119.11.112.35 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
21 lines Yeah : 1.3
profile none summary
tarball 13 of 33 a896c13b26
NEW none[none] none:none
none|none none none

T:00:44:00 WinXP 218.210.225.206 (SPARQNET.NET):
NEW CENTURY INFOCOMM TECH CO. LTD,
TAIPEI, T'AI-PEI, TW. (DSL) n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
77 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32
0 of 33 53bfe15e91
[Firefox:301 hits: 06-17 to 06-30]
73f1082158
[Firefox:128 hits: 06-18 to 06-30]
e07c29c4ae
[Firefox:46 hits: 06-19 to 06-30] none[4]
73f1082158[1]
e07c29c4ae[1] none:none
ASM:Graph
ASM:Graph
tElock|
Armadillo|
FSG| none
lines=81
lines=92 trace
trace
trace

00:50:00 Win2K-f 77.198.205.21 (GAOLAND.NET):
DYNAMIC POOLS,
FR. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 8 of 33 646da52c64
NEW none[none] none:none
none|none none none

00:50:00 Win2K-f 87.4.159.128 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
MILANO, LOMBARDIA, IT. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 5f160b61fa
NEW none[none] none:none
none|none none none

T:00:51:00 Win2K-f 91.141.109.12 (I-ONE.AT):
NETWORK OF ONE GMBH,
VIENNA, WIEN, AT. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

00:56:00 Win2K-f 122.221.13.92 (UCOM.NE.JP):
UCOM CORP,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 21 of 33 ffbcbff716
NEW none[none] none:none
none|none none none

T:00:56:00 Win2K-f 221.113.242.64 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
OSAKA, OSAKA, JP. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:00:57:00 WinXP 98.30.146.23 (-):
. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 3ae357d17b
[Firefox:727 hits: 05-01 to 06-29] 462a7be171 [0] ASM:Graph
PolyEnE| lines=73 trace

01:00:00 WinXP 221.126.128.32 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

01:06:00 WinXP 85.180.9.240 (ALICEDSL.DE):
HANSENET-ADSL,
STUTTGART, BADEN-WURTTEMBERG, DE. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:01:11:00 Win2K-f 123.217.214.106 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 13 of 33 16df44dfe9
NEW none[none] none:none
none|none none none

01:18:00 Win2K-f 82.234.83.146 (PROXAD.NET):
PROXAD / FREE SAS,
TOULOUSE, MIDI-PYRENEES, FR. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 31 of 32 00710a2ffa
[Firefox: 2 hits: 06-28 to 06-30] none[none] none:none
none|none none none

T:01:20:00 Win2K-f 119.11.101.195 (-):
. n/a 445 pcap raw alerts
ruleset ftp
19 lines Yeah : 1.3
profile none summary
tarball 30 of 33 c4fe07012a
[Firefox: 2 hits: 06-30 to 06-30] none[none] none:none
none|none none none

01:23:00 Win2K-f 125.192.176.254 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

01:30:00 Win2K-f 222.147.239.113 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 12 of 33 a96d6f6d31
[Firefox: 4 hits: 06-28 to 06-30] none[none] none:none
none|none none none

T:01:31:00 WinXP 81.181.16.175 (-):
GENIUS NETWORK SYSTEM SRL,
GALATI, GALATI, RO. (DSL) n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 30 of 33 54f0165aa3
NEW none[none] none:none
none|none none none

01:37:00 Win2K-f 85.181.190.0 (ALICEDSL.DE):
HANSENET-ADSL,
DE. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:01:38:00 Win2K-f 217.202.74.139 (-):
TELECOM ITALIA MOBILE,
IT. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 30 of 33 ff4b083ee6
NEW none[none] none:none
none|none none none

01:39:00 WinXP 122.135.154.231 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 30 de8053c642
NEW none[none] none:none
none|none none none

01:43:00 Win2K-f 62.198.222.127 (DSL.TELIANET.DK):
TELIANET,
DK. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

01:45:00 Win2K-f 60.39.209.18 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 3440a48074
NEW none[none] none:none
none|none none none

T:01:49:00 Win2K-f 82.235.10.53 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 13 of 33 5ac52e86a2
NEW none[none] none:none
none|none none none

T:01:49:00 Win2K-f 123.254.42.33 (PIKARA.NE.JP):
STNET INCORPORATED,
TAKAMATSU, KAGAWA, JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

01:49:00 WinXP 221.127.157.190 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 11 of 32 b36b95f94d
[Firefox: 2 hits: 06-28 to 06-30] none[none] none:none
none|none none none

T:01:55:00 WinXP 88.134.245.79 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:01:57:00 WinXP 219.122.243.72 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 31 of 33 a94c0f8d84
NEW none[none] none:none
none|none none none

02:02:00 Win2K-f 120.75.103.36 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

02:03:00 Win2K-f 125.175.68.119 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

02:05:00 Win2K-f 91.67.116.192 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:02:07:00 WinXP 84.187.74.217 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
KAMEN, NORDRHEIN-WESTFALEN, DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

02:07:00 WinXP 24.67.23.149 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. (DSL) n/a 135 pcap raw alerts
ruleset other
1011 lines Yeah : 1.3
profile none summary
tarball 18 of 33 36cb92d98e
NEW none[none] none:none
none|none none none

T:02:07:00 Win2K-f 221.127.150.77 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:02:14:00 Win2K-f 87.2.24.140 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
TREVISO, VENETO, IT. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:02:20:00 WinXP 92.11.200.180 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 12 of 33 9a32965bc8
[Firefox: 7 hits: 06-28 to 06-30] none[none] none:none
none|none none none

02:21:00 Win2K-f 222.238.58.96 (HANANET.NET):
HANARO TELECOM INC,
SEOUL, KYONGGI-DO, KR. n/a HK:proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:64.62.216.10:80 135 pcap raw alerts
ruleset other
113 lines Yeah : 1.3
profile none summary
tarball 30 of 33
28 of 33 533d15b5ce
[Firefox: 3 hits: 06-21 to 06-29]
58c343a8d8
[Firefox: 3 hits: 06-21 to 06-29] none[4]
58c343a8d8[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=82 trace
trace

02:32:00 WinXP 122.130.228.208 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 29 of 33 285239f377
NEW none[none] none:none
none|none none none

T:02:34:00 WinXP 82.227.193.137 (PROXAD.NET):
PROXAD / FREE SAS,
LYON, RHONE-ALPES, FR. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 ea912b50d0
NEW none[none] none:none
none|none none none

T:02:39:00 WinXP 91.64.88.252 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 399a88233f
NEW none[none] none:none
none|none none none

02:43:00 Win2K-f 118.8.96.82 (-):
. n/a HK:proxim.ircgalaxy.pl 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 d0ed1644b4
NEW none[none] none:none
none|none none none

T:02:48:00 WinXP 121.117.55.199 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

02:52:00 WinXP 118.105.150.46 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 505238d7ef
[Firefox: 6 hits: 06-28 to 06-29] none[none] none:none
none|none none none

T:02:57:00 Win2K-f 124.86.106.238 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset other
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:02:59:00 WinXP 60.39.209.18 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset other
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:03:04:00 Win2K-f 117.102.156.26 (-):
. n/a 445 pcap raw alerts
ruleset ftp
17 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

03:08:00 Win2K-f 118.8.248.15 (-):
. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

03:09:00 WinXP 122.135.24.224 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset other
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

03:09:00 Win2K-f 24.87.45.96 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
RICHMOND, BRITISH COLUMBIA, CA. (DSL) n/a US:microsoft.com
US:download.microsoft.com
US:199.93.41.126:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:301 hits: 06-17 to 06-30]
a08f3b74a4
[Firefox:109 hits: 06-18 to 06-30] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:03:16:00 WinXP 61.34.194.118 (BORA.NET):
DACOM CORP,
SEOUL, KYONGGI-DO, KR. (100Mbps) n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
97 lines Yeah : 1.3
profile none summary
tarball 0 of 33
29 of 32 57ce4acac2
[Firefox:29 hits: 06-17 to 06-30]
83f26f5044
[Firefox: 3 hits: 06-20 to 06-28] 57ce4acac2 [1]
none [4] ASM:Graph
none:none
Armadillo|
tElock| lines=81
none trace
trace

T:03:19:00 WinXP 118.8.248.15 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

03:21:00 Win2K-f 60.41.40.91 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:03:24:00 Win2K-f 220.104.255.230 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

03:26:00 Win2K-f 217.184.228.52 (MEDIAWAYS.NET):
VARIOUS ONLINE SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:03:27:00 Win2K-f 217.19.121.112 (RUNEXT.COM):
PROVIDER LOCAL REGISTRY,
RU. n/a 445 pcap raw alerts
ruleset ftp
36 lines Yeah : 1.3
profile none summary
tarball 11 of 33 c2ac306ca0
NEW none[none] none:none
none|none none none

T:03:31:00 Win2K-f 118.240.120.138 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

03:35:00 Win2K-f 88.134.245.79 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

03:37:00 WinXP 219.105.117.172 (ADACHI.NE.JP):
CABLE TELEVISION ADACHI CORP,
JP. n/a 445 pcap raw alerts
ruleset shell
ftp
15 lines Yeah : 1.3
profile none summary
tarball 29 of 32 dd5b183a77
[Firefox: 2 hits: 06-09 to 06-21] none[4] none:none
none|none none trace

03:40:00 Win2K-f 122.29.160.110 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

03:43:00 WinXP 58.93.28.168 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:03:46:00 Win2K-f 123.254.38.238 (PIKARA.NE.JP):
STNET INCORPORATED,
TAKAMATSU, KAGAWA, JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

03:46:00 Win2K-f 78.148.124.178 (OPALTELECOM.NET):
OPAL TELECOMMUNICATIONS INTERNET SERVICE PROVIDER,
UK. 72.10.172.218:7763 CA:fuck.urpal43sourpalhuh.com
CA:dong.nagitiriheiwu.net
CA:teek.ihshsd8.com
CA:japan.youngpeyatech.info
CA:72.10.169.26:2293
CA:72.10.172.218:2938
CA:72.10.172.218:7763
CA:72.10.172.218:9928 445 pcap raw alerts
ruleset ftp
lanman
195 lines Yeah : 1.8
profile none summary
tarball 31 of 33 85ad54f7a9
NEW none[none] none:none
none|none none none

03:47:00 WinXP 123.254.38.238 (PIKARA.NE.JP):
STNET INCORPORATED,
TAKAMATSU, KAGAWA, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:03:52:00 Win2K-f 61.226.132.65 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TW. n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
175 lines Yeah : 1.3
profile none summary
tarball 31 of 33
28 of 32 133401d618
[Firefox: 4 hits: 06-18 to 06-30]
847d491ed3
NEW none[4]
847d491ed3[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=82 trace
trace

T:03:54:00 Win2K-f 118.236.63.56 (-):
. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com
IL:dl.mcboo.com
US:b128.mcboo.com 445 pcap raw alerts
ruleset ftp
irc
http
249 lines Yeah : 1.8
profile none summary
tarball 29 of 33
25 of 33
27 of 33 0d0fa96607
[Firefox: 2 hits: 06-27 to 06-29]
897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29] none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

03:56:00 Win2K-f 92.3.208.103 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl
HK:210.245.211.11:80 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 29 of 33 bf33cc4c19
NEW none[none] none:none
none|none none none

03:59:00 WinXP 58.90.64.69 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:04:00:00 Win2K-f 61.113.209.228 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 210.245.211.11:65520 US:microsoft.com
HK:proxima.ircgalaxy.pl
US:download.microsoft.com
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com
IL:dl.mcboo.com
:berlinads3.com
US:b148.mcboo.com
US:198.78.220.126:80
US:204.160.126.126:80
US:207.123.37.126:80 135 pcap raw alerts
ruleset irc
http
576 lines Yeah : 1.8
profile none summary
tarball 31 of 33
0 of 33
25 of 33
27 of 33 168aab35a3
[Firefox:21 hits: 06-17 to 06-30]
4c3df24b32
[Firefox:35 hits: 06-17 to 06-30]
897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29] none[4]
4c3df24b32[1]
none [none]
none [none] none:none
ASM:Graph
none:none
none:none
tElock|
Armadillo|
none|none
none|none none
lines=81
none
none trace
trace
none
none

T:04:08:00 Win2K-f 125.215.103.126 (PIKARA.NE.JP):
PIKARA(STNET INCORPORATED),
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:04:11:00 Win2K-f 119.11.96.76 (-):
. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 28 of 32 ceaa4e5204
NEW none[none] none:none
none|none none none

04:12:00 WinXP 80.141.71.121 (T-DIALIN.NET):
DEUTSCHE TELEKOM AG,
COLOGNE, NORDRHEIN-WESTFALEN, DE. (DIAL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 32 of 33 399a88233f
NEW none[none] none:none
none|none none none

04:14:00 Win2K-f 221.191.95.105 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:04:15:00 WinXP 220.156.25.184 (HI-HO.NE.JP):
INTERNET INITIATIVE JAPAN INC,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset shell
ftp
13 lines Yeah : 0.8
profile none summary
tarball 31 of 32 741e3b03b3
[Firefox:87 hits: 09-28 to 06-30] e0197e8a64 [0] ASM:Graph
none|none lines=62 trace

04:18:00 WinXP 122.17.195.35 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

04:19:00 Win2K-f 118.105.145.179 (-):
. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 30 of 33 505238d7ef
[Firefox: 6 hits: 06-28 to 06-29] none[none] none:none
none|none none none

T:04:20:00 Win2K-f 221.127.171.208 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 28 of 33 c78dc18831
NEW none[none] none:none
none|none none none

T:04:23:00 Win2K-f 78.148.79.132 (OPALTELECOM.NET):
OPAL TELECOMMUNICATIONS INTERNET SERVICE PROVIDER,
UK. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:04:26:00 WinXP 118.5.26.171 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

04:37:00 WinXP 122.29.57.4 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:04:38:00 WinXP 221.127.143.99 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:04:43:00 WinXP 220.221.81.28 (PLALA.OR.JP):
NTT COMMUNICATIONS CORPORATION,
YOKOHAMA, KANAGAWA, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 31 of 33 269d3893a9
NEW none[none] none:none
none|none none none

T:04:44:00 Win2K-f 121.82.204.57 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. 210.245.211.11:65520 HK:proxima.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com
IL:dl.mcboo.com
US:dl.targetsaver.com
US:csx.adservs.com
IL:194.90.224.82:80
US:216.133.246.155:80
US:216.133.246.157:80 445 pcap raw alerts
ruleset ftp
irc
http
859 lines Yeah : 1.8
profile none summary
tarball 14 of 30
25 of 33
27 of 33
30 of 33 5f179f8406
NEW
897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29]
d152a86ae8
NEW none[none]
none [none]
none [none]
none [none] none:none
none:none
none:none
none:none
none|none
none|none
none|none
none|none none
none
none
none none
none
none
none

04:45:00 Win2K-f 86.175.56.71 (BTOPENWORLD.COM):
BT PUBLIC INTERNET SERVICE,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:04:49:00 WinXP 125.102.247.196 (UCOM.NE.JP):
G-AC0003N,
JP. (100Mbps) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:04:50:00 Win2K-f 58.88.38.37 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 13 of 33 450e12e7a8
[Firefox: 2 hits: 06-29 to 06-30] none[none] none:none
none|none none none

04:53:00 Win2K-f 92.16.144.149 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 21 of 33 5e1fb9b73f
NEW none[none] none:none
none|none none none

T:04:59:00 Win2K-f 217.22.120.31 (INTERAL.CO.IL):
EILATINTER-CUSTOMERS,
EILAT, HADAROM (SOUTHERN), IL. (DIAL) n/a 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:05:03:00 Win2K-f 82.234.226.57 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. n/a US:dl.targetsaver.com
US:216.133.246.155:80
US:216.133.246.157:80 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:05:05:00 WinXP 220.220.144.39 (PLALA.OR.JP):
NTT COMMUNICATIONS CORPORATION,
YONEZAWA, YAMAGATA, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:05:10:00 Win2K-f 122.17.147.169 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

05:10:00 WinXP 123.220.83.225 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 1.3
profile none summary
tarball 31 of 32 741e3b03b3
[Firefox:87 hits: 09-28 to 06-30] e0197e8a64 [0] ASM:Graph
none|none lines=62 trace

T:05:19:00 Win2K-f 208.105.159.136 (-):
. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
DE:dl2.teenpassage.com
HK:210.245.211.11:65520
US:64.62.216.10:80
US:64.62.216.56:80
DE:85.114.143.2:80 135 pcap raw alerts
ruleset irc
122 lines Yeah : 1.8
profile none summary
tarball 31 of 33
29 of 33 dfbaaf577c
[Firefox: 2 hits: 06-18 to 06-30]
f504b4af20
[Firefox: 2 hits: 06-18 to 06-30] none[4]
f504b4af20[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=82 trace
trace

05:20:00 Win2K-f 121.80.37.161 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. n/a HK:proxim.ircgalaxy.pl
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 9f401fc3a9
NEW none[none] none:none
none|none none none

05:24:00 WinXP 133.205.196.213 (NIIGATA-U.AC.JP):
JAPAN NETWORK INFORMATION CENTER,
TOKYO, TOKYO, JP. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
18 lines Yeah : 1.3
profile none summary
tarball 29 of 33 910ee72436
NEW none[none] none:none
none|none none none

05:25:00 Win2K-f 77.20.208.13 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a 445 pcap raw alerts
ruleset ftp
53 lines Yeah : 1.3
profile none summary
tarball 32 of 33 037d04feed
[Firefox: 3 hits: 06-28 to 06-30] none[none] none:none
none|none none none

T:05:27:00 Win2K-f 195.8.175.65 (-):
NORTHWEST LEARNING GRID,
SALFORD, ENGLAND, UK. n/a 445 pcap raw alerts
ruleset http
2 lines Argh : 0.3
profile none summary
tarball none none none none none none none

05:29:00 WinXP 60.33.8.187 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 15 of 33 a793802e3c
NEW none[none] none:none
none|none none none

T:05:34:00 Win2K-f 118.8.143.14 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

05:38:00 Win2K-f 118.236.161.207 (-):
. n/a 445 pcap raw alerts
ruleset other
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

05:41:00 WinXP 124.85.137.109 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 29 of 33 9d32aaa9ba
[Firefox: 2 hits: 06-28 to 06-29] none[none] none:none
none|none none none

T:05:41:00 Win2K-f 78.146.234.216 (-):
OPAL TELECOM DSL,
UK. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com 445 pcap raw alerts
ruleset irc
ftp
http
124 lines Yeah : 1.8
profile none summary
tarball 31 of 33
25 of 33
27 of 33 1a9fa0fa9f
NEW
897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29] none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

05:42:00 WinXP 122.132.44.17 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 27 of 30 ee2f2a2cf9
NEW none[none] none:none
none|none none none

T:05:45:00 WinXP 85.240.46.172 (DSL.TELEPAC.PT):
TELEPAC - COMUNICACOES INTERACTIVAS SA,
FARO, FARO, PT. (DSL) n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:3123 hits: 12-31 to 06-30] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

T:05:48:00 Win2K-f 118.236.167.248 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

05:51:00 Win2K-f 60.38.26.78 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:05:51:00 Win2K-f 124.102.130.241 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

06:00:00 WinXP 60.254.246.38 (EMOBILE.AD.JP):
EMOBILE LTD,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 24 of 33 53e0fc4e37
NEW none[none] none:none
none|none none none

T:06:06:00 Win2K-f 122.25.149.79 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:06:09:00 WinXP 12.198.245.158 (GUMLOG.NET):
CARNESVILLE GUMLOG CABLE TV,
LAVONIA, GEORGIA, US. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com
US:206.251.244.226:80
US:208.111.159.99:80
HK:210.245.211.11:65520 135 pcap raw alerts
ruleset irc
http
218 lines Yeah : 1.8
profile none summary
tarball 28 of 33
25 of 33
27 of 33
30 of 33 4f4473e7fe
NEW
897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29]
b0cc588e2d
NEW none[none]
none [none]
none [none]
none [none] none:none
none:none
none:none
none:none
none|none
none|none
none|none
none|none none
none
none
none none
none
none
none

06:09:00 Win2K-f 222.144.245.166 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:06:12:00 Win2K-f 118.8.96.82 (-):
. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
US:chat-shqip.org
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:w3bs.chat-shqip.org
US:wr.mcboo.com
US:206.251.244.226:80
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001
DE:85.114.143.2:80 445 pcap raw alerts
ruleset ftp
irc
http
71 lines Yeah : 1.8
profile none summary
tarball 18 of 33
25 of 33
27 of 33 0b8db33cc5
NEW
897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29] none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

06:14:00 Win2K-f 88.134.154.152 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 32 3dab831bee
[Firefox: 2 hits: 06-28 to 06-30] none[none] none:none
none|none none none

T:06:14:00 WinXP 86.134.191.245 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
UK. n/a 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 1.3
profile none summary
tarball 31 of 32 cce9566ceb
[Firefox:13 hits: 06-12 to 06-30] none[4] none:none
PolyEnE| none trace

T:06:23:00 WinXP 122.26.68.140 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com
US:206.251.244.226:80
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
http
125 lines Yeah : 1.8
profile none summary
tarball 25 of 33
27 of 33
29 of 31 897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29]
be6d817241
NEW none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

T:06:25:00 Win2K-f 202.70.232.58 (ONINET.NE.JP):
OKAYAMA NETWORK INC,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
http
29 lines Yeah : 1.3
profile none summary
tarball 30 of 33 cac0d238f7
NEW none[none] none:none
none|none none none

06:28:00 Win2K-f 122.29.168.48 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

06:29:00 WinXP 122.2.104.120 (PLDT.NET):
IPG,
PH. n/a US:microsoft.com
US:download.microsoft.com
US:208.111.148.111:80 135 pcap raw alerts
ruleset other
178 lines Yeah : 1.3
profile none summary
tarball 30 of 33
29 of 33 68cac0810a
NEW
dee14ccd21
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:06:40:00 Win2K-f 222.239.30.74 (-):
INCHON CABLE TV NAMDONG BROADCAST,
INCHON, KYONGGI-DO, KR. n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
76 lines Yeah : 1.3
profile none summary
tarball 0 of 33
33 of 33
0 of 32 4c3df24b32
[Firefox:35 hits: 06-17 to 06-30]
53bfe15e91
[Firefox:301 hits: 06-17 to 06-30]
b5919931fe
[Firefox:46 hits: 06-20 to 06-30] 4c3df24b32 [1]
none [4]
b5919931fe[1] ASM:Graph
none:none
ASM:Graph
Armadillo|
tElock|
ASProtect| lines=81
none
lines=90 trace
trace
trace

T:06:41:00 WinXP 62.11.33.79 (DIALUP.TISCALI.IT):
TISCALI ITALIA SPA,
NAPOLI, CAMPANIA, IT. (DIAL) n/a DE:siliconfireware.ru
US:searchportal.information.com
:wpad
:www.proxy-socks.net
US:208.73.212.12:80
DE:212.227.111.29:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
http
2 lines Yeah : 0.8
profile none summary
tarball 29 of 29 df17a625ee
[Firefox:477 hits: 05-04 to 06-30] 9bbdd086c5 [0] ASM:Graph
ASPack| lines=186
embedded dns trace

T:06:41:00 WinXP 221.126.10.6 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
35 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

06:42:00 Win2K-f 92.10.245.29 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a 445 pcap raw alerts
ruleset ftp
15 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:06:45:00 Win2K-f 84.60.110.255 (ARCOR-IP.NET):
ARCOR-DSL-NET,
BOCHUM, NORDRHEIN-WESTFALEN, DE. 210.245.211.11:65520 US:w3bs.chat-shqip.org
HK:proxim.ircgalaxy.pl
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset irc
3 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:06:48:00 WinXP 118.240.119.112 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

06:49:00 WinXP 81.57.120.145 (PROXAD.NET):
PROXAD / FREE SAS,
PARIS, ILE-DE-FRANCE, FR. n/a 445 pcap raw alerts
ruleset other
14 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:06:51:00 Win2K-f 213.170.204.7 (-):
DIAL SERVICES IP POOL,
ATHENS, ATTIKI, GR. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
US:chat-shqip.org
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:w3bs.chat-shqip.org
US:wr.mcboo.com
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
http
78 lines Yeah : 1.8
profile none summary
tarball 16 of 31
25 of 33
27 of 33 472c9e41f0
NEW
897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29] none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

06:54:00 WinXP 92.9.211.116 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:80
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
18 lines Yeah : 1.3
profile none summary
tarball 24 of 33 b89e9e83fe
NEW none[none] none:none
none|none none none

T:06:55:00 Win2K-f 92.16.144.149 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 21 of 33 5e1fb9b73f
NEW none[none] none:none
none|none none none

T:07:06:00 WinXP 118.236.245.164 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

07:08:00 WinXP 122.26.101.68 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

07:11:00 Win2K-f 91.66.53.43 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 21 of 32 e352ca2db1
NEW none[none] none:none
none|none none none

07:12:00 Win2K-f 218.223.214.219 (CTT.NE.JP):
CABLE TELEVISION TOYAMA INCORPORETED,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:07:14:00 Win2K-f 86.162.218.217 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
UK. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
US:ksn.a1001186.wrs.mcboo.com
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset irc
http
60 lines Yeah : 1.3
profile none summary
tarball 25 of 33
27 of 33 897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29] none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:07:15:00 WinXP 82.238.121.95 (PROXAD.NET):
PROXAD / FREE SAS,
BELFORT, FRANCHE-COMTE, FR. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 a0139d7ad8
[Firefox:445 hits: 05-02 to 06-27] d9e9662db1 [0] ASM:Graph
PolyEnE| lines=68 trace

T:07:23:00 Win2K-f 122.26.101.68 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:07:25:00 Win2K-f 123.254.1.121 (PIKARA.NE.JP):
STNET INCORPORATED,
TAKAMATSU, KAGAWA, JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:w3bs.chat-shqip.org
US:wr.mcboo.com
US:206.251.244.226:80
HK:210.245.211.11:80
US:69.247.147.113:12351
US:69.247.147.113:13001
DE:85.114.143.2:80 445 pcap raw alerts
ruleset ftp
irc
http
75 lines Yeah : 1.3
profile none summary
tarball 25 of 33
27 of 33
20 of 33 897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29]
d8a6a7370d
NEW none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

07:28:00 WinXP 125.193.48.251 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a 445 pcap raw alerts
ruleset other
12 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

07:29:00 WinXP 125.174.144.144 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 05c06c2445
NEW none[none] none:none
none|none none none

T:07:29:00 Win2K-f 78.8.22.178 (NET.PL):
DIALOG,
WROCLAW, DOLNOSLASKIE, PL. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

07:30:00 WinXP 118.236.245.164 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:07:33:00 WinXP 222.144.192.254 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
DE:dl2.teenpassage.com
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001
DE:85.114.143.2:80 445 pcap raw alerts
ruleset ftp
irc
29 lines Yeah : 1.8
profile none summary
tarball 31 of 33 b333d29ff7
[Firefox: 3 hits: 06-29 to 06-29] none[none] none:none
none|none none none

T:07:39:00 Win2K-f 122.17.17.59 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 210.245.211.11:65520 US:chat-shqip.org
HK:proxim.ircgalaxy.pl
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset irc
5 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:07:39:00 WinXP 92.12.118.154 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:80
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
29 lines Yeah : 1.3
profile none summary
tarball 32 of 33 eab50c3dea
[Firefox: 6 hits: 06-28 to 06-30] none[none] none:none
none|none none none

T:07:48:00 Win2K-f 118.236.70.228 (-):
. 72.10.172.218:7382 US:mx1.hotmail.com
SE:ftp.icq.com
US:yutunrz.1dumb.com
US:maila.microsoft.com
US:mailin-03.mx.aol.com
US:mailin-02.mx.aol.com
:http.icq.com.edgesuite.net
**:glilepv.1dumb.com
**:mlxvdl.3-a.net
:xfbdspu.dynserv.com
:qbycxpxz.afraid.org
:gypzmaudtlv.hn.org
CA:italian.swiifatecihno.com
US:znvibonyf.yi.org
US:wbghid.1dumb.com
US:eniaaknrxb.3-a.net
:swywlq.dynserv.com
:sbjuixfbjvk.afraid.org
:eqnjjsw.hn.org
US:vcjhkcs.1dumb.com
US:oryqnlh.1dumb.com
US:zuzingvqq.1dumb.com
US:xuydvczwv.1dumb.com
US:diumdvn.3-a.net
:zjtjed.hn.org
**:ckprgeaehcu.yi.org
US:emdsuc.3-a.net
CA:japan.youngpeyatech.info
:xxoawdzz.afraid.org
**:prjcmv.yi.org
US:cjbrho.1dumb.com
**:ambdttv.yi.org
:rhyywkj.hn.org
:gjklxeff.dynserv.com
US:wnglhqtouq.1dumb.com
CA:done.blacktiehsbdcs.com
:wppjzd.hn.org
:yupqcp.hn.org
US:143.215.15.145:80
US:143.215.15.60:80
US:205.188.252.17:25
US:65.54.244.136:25
CA:72.10.172.218:7382 445 pcap raw alerts
ruleset ftp
lanman
http
313 lines Yeah : 1.8
profile none summary
tarball 29 of 32 6b92545496
NEW none[none] none:none
none|none none none

07:59:00 WinXP 86.155.86.145 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
SWANSEA, WALES, UK. n/a 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 1.3
profile none summary
tarball 29 of 29 831f4ee0a7
[Firefox:667 hits: 07-11 to 06-30] eb7546c600 [0] ASM:Graph
none|none lines=61 trace

T:07:59:00 Win2K-f 79.3.207.73 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA NET,
PIACENZA, EMILIA-ROMAGNA, IT. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

08:00:00 WinXP 122.208.197.101 (UCOM.NE.JP):
IML,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:08:02:00 WinXP 123.254.37.175 (PIKARA.NE.JP):
STNET INCORPORATED,
TAKAMATSU, KAGAWA, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:08:03:00 Win2K-f 96.227.147.107 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
US. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset other
0 lines Argh : 0.3
profile none summary
tarball none none none none none none none

08:05:00 WinXP 92.12.197.72 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:80
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 32 of 33 eab50c3dea
[Firefox: 6 hits: 06-28 to 06-30] none[none] none:none
none|none none none

08:07:00 Win2K-f 124.87.181.93 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:08:08:00 WinXP 91.67.134.215 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 19 of 33 7cdd05c351
[Firefox: 2 hits: 06-28 to 06-28] none[none] none:none
none|none none none

08:09:00 Win2K-f 121.84.151.166 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 22 of 33 d5306e3eec
NEW none[none] none:none
none|none none none

T:08:13:00 Win2K-f 221.170.172.30 (MESH.AD.JP):
BIGLOBE-CIDR-BLK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 32 32aeda82d5
NEW none[none] none:none
none|none none none

08:14:00 Win2K-f 118.0.2.46 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

08:18:00 WinXP 119.72.1.252 (-):
. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 a44176b901
[Firefox: 4 hits: 06-28 to 06-30] none[none] none:none
none|none none none

T:08:21:00 Win2K-f 91.64.34.179 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 21 of 33 55125e15a2
NEW none[none] none:none
none|none none none

08:24:00 WinXP 88.134.84.132 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 31 of 33 b4a43d2c1c
NEW none[none] none:none
none|none none none

08:26:00 Win2K-f 118.236.242.89 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 29 of 32 5388c029f5
NEW none[none] none:none
none|none none none

T:08:28:00 WinXP 78.54.99.57 (ALICEDSL.DE):
HANSENET TELEKOMMUNIKATION GMBH,
HAMBURG, HAMBURG, DE. (DSL) 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:206.251.244.226:80 445 pcap raw alerts
ruleset ftp
irc
http
38 lines Yeah : 1.8
profile none summary
tarball 27 of 33
32 of 33 a014934a72
[Firefox:24 hits: 06-28 to 06-29]
c064765b14
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:08:29:00 Win2K-f 91.65.92.165 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 20 of 33 91e65991e6
NEW none[none] none:none
none|none none none

T:08:32:00 Win2K-f 92.10.57.142 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a 445 pcap raw alerts
ruleset ftp
22 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:08:38:00 Win2K-f 221.191.111.226 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com
US:206.251.244.226:80
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001
DE:85.114.143.2:80 445 pcap raw alerts
ruleset ftp
irc
http
79 lines Yeah : 1.8
profile none summary
tarball 25 of 33
27 of 33
19 of 33 897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29]
cd9f81717d
NEW none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

08:39:00 Win2K-f 118.0.204.217 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 24 of 33 a4938cfce0
NEW none[none] none:none
none|none none none

08:41:00 WinXP 118.240.187.7 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:08:45:00 WinXP 213.202.38.54 (QUICKNET.CH):
QUICKNET IS AN ISP IN SWITZERLAND,
BERN, BERN, CH. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
32 lines Yeah : 1.3
profile none summary
tarball 30 of 33 0b33581023
NEW none[none] none:none
none|none none none

T:08:51:00 Win2K-f 213.76.120.153 (TPNET.PL):
TELEKOMUNIKACJA POLSKA S.A. CST,
BIALYSTOK, PODLASKIE, PL. (DIAL) n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 32 of 33 8d51183047
NEW none[none] none:none
none|none none none

T:08:59:00 WinXP 122.18.221.61 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 31 of 33 e7ca4ccf68
NEW none[none] none:none
none|none none none

08:59:00 Win2K-f 123.220.144.186 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset ftp
36 lines Yeah : 1.3
profile none summary
tarball 31 of 33 287b27516c
NEW none[none] none:none
none|none none none

T:09:00:00 WinXP 221.127.233.40 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball 17 of 33 1ca3d2c6a9
NEW none[none] none:none
none|none none none

09:09:00 Win2K-f 61.231.137.64 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. n/a 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

09:10:00 Win2K-f 80.235.144.198 (BLUEYONDER.CO.UK):
EUROBELL-HSI-DYNAMIC-IP,
UK. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:80
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 23 of 33 e5b49a6ee9
NEW none[none] none:none
none|none none none

T:09:13:00 Win2K-f 125.215.96.175 (PIKARA.NE.JP):
PIKARA(STNET INCORPORATED),
JP. 210.245.211.11:65520 US:w3bs.chat-shqip.org
HK:proxim.ircgalaxy.pl
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset irc
3 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:09:17:00 Win2K-f 81.57.78.77 (PROXAD.NET):
PROXAD / FREE TELECOM,
PARIS, ILE-DE-FRANCE, FR. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:09:18:00 WinXP 78.54.172.24 (ALICEDSL.DE):
HANSENET TELEKOMMUNIKATION GMBH,
HAMBURG, HAMBURG, DE. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:09:30:00 Win2K-f 77.20.208.13 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 32 of 33 037d04feed
[Firefox: 3 hits: 06-28 to 06-30] none[none] none:none
none|none none none

T:09:39:00 WinXP 124.87.181.93 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:09:43:00 Win2K-f 217.43.248.136 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
LIVERPOOL, ENGLAND, UK. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:09:44:00 WinXP 124.100.117.145 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 31 of 32 741e3b03b3
[Firefox:87 hits: 09-28 to 06-30] e0197e8a64 [0] ASM:Graph
none|none lines=62 trace

T:09:46:00 WinXP 82.54.136.66 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
BERGAMO, LOMBARDIA, IT. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 23 of 33 d91d29e04d
NEW none[none] none:none
none|none none none

09:51:00 WinXP 122.134.231.245 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

09:53:00 Win2K-f 88.134.86.228 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 32 of 33 530856613e
[Firefox: 3 hits: 06-28 to 06-30] none[none] none:none
none|none none none

09:54:00 Win2K-f 87.4.18.236 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
IT. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 4f3df56c30
[Firefox: 6 hits: 06-28 to 06-30] none[none] none:none
none|none none none

T:10:01:00 Win2K-f 118.0.199.251 (-):
. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 29 of 32 e2f02283ee
NEW none[none] none:none
none|none none none

T:10:02:00 Win2K-f 78.146.208.6 (-):
OPAL TELECOM DSL,
UK. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 1a9fa0fa9f
NEW none[none] none:none
none|none none none

10:09:00 WinXP 12.210.18.215 (MCHSI.COM):
MEDIACOM COMMUNICATIONS CORP,
PECATONICA, ILLINOIS, US. n/a DE:siliconfireware.ru
GB:welcome3.smile.co.uk
:wpad
GB:195.92.84.198:80
DE:212.227.111.29:80
DE:217.11.54.126:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 a12cab51ef
[Firefox:1087 hits: 05-01 to 06-30] 40f7f463c4 [0] ASM:Graph
ASPack| lines=281
embedded dns trace

10:11:00 Win2K-f 220.221.95.80 (PLALA.OR.JP):
NTT COMMUNICATIONS CORPORATION,
JP. n/a HK:proxim.ircgalaxy.pl
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 31 of 33 9750d49a0f
[Firefox: 2 hits: 06-27 to 06-28] none[none] none:none
none|none none none

T:10:14:00 Win2K-f 82.234.83.146 (PROXAD.NET):
PROXAD / FREE SAS,
TOULOUSE, MIDI-PYRENEES, FR. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset ftp
irc
http
117 lines Yeah : 1.8
profile none summary
tarball 31 of 33
25 of 33
27 of 33 4783eb6d42
NEW
897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29] none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

T:10:25:00 WinXP 68.144.252.213 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. (DSL) n/a US:microsoft.com
US:download.microsoft.com
US:198.78.220.124:80
US:199.93.46.125:80 135 pcap raw alerts
ruleset http
77 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:301 hits: 06-17 to 06-30]
73f1082158
[Firefox:128 hits: 06-18 to 06-30] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

10:26:00 WinXP 77.198.30.72 (GAOLAND.NET):
DYNAMIC POOLS,
FR. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 28 of 33 a9c8d121f2
[Firefox: 5 hits: 06-28 to 06-30] none[none] none:none
none|none none none

10:26:00 WinXP 79.3.207.73 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA NET,
PIACENZA, EMILIA-ROMAGNA, IT. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
19 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

10:27:00 WinXP 86.152.245.133 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
LONDON, ENGLAND, UK. n/a 445 pcap raw alerts
ruleset shell
ftp
14 lines Yeah : 1.3
profile none summary
tarball 31 of 32 cce9566ceb
[Firefox:13 hits: 06-12 to 06-30] none[4] none:none
PolyEnE| none trace

T:10:28:00 Win2K-f 201.250.15.226 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset irc
11 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

10:30:00 Win2K-f 12.73.50.180 (ATT.NET):
AT&T WORLDNET SERVICES,
LAFAYETTE, LOUISIANA, US. (DIAL) n/a 135 pcap raw alerts
ruleset other
51 lines Yeah : 1.3
profile none summary
tarball 2 of 33 d458154c3f
NEW none[none] none:none
none|none none none

T:10:33:00 WinXP 62.227.102.188 (T-DIALIN.NET):
DEUTSCHE TELEKOM AG,
STUTTGART, BADEN-WURTTEMBERG, DE. (DIAL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 22 of 32 a8a815af4c
NEW none[none] none:none
none|none none none

T:10:38:00 Win2K-f 88.134.88.123 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 3b4a0f77ad
[Firefox: 2 hits: 06-28 to 06-28] none[none] none:none
none|none none none

10:44:00 Win2K-f 122.16.124.36 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 24 of 33 510ab8dde4
NEW none[none] none:none
none|none none none

T:10:50:00 Win2K-f 213.13.225.254 (DSL.TELEPAC.PT):
TELEPAC - COMUNICACOES INTERACTIVAS SA,
MAIA, PORTO, PT. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 13 of 33 ffb3b175e5
[Firefox: 8 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:10:50:00 WinXP 222.144.192.254 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
US:chat-shqip.org
DE:dl2.teenpassage.com
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001
DE:85.114.143.2:80 445 pcap raw alerts
ruleset ftp
irc
34 lines Yeah : 1.8
profile none summary
tarball 31 of 33 b333d29ff7
[Firefox: 3 hits: 06-29 to 06-29] none[none] none:none
none|none none none

10:51:00 WinXP 41.214.186.225 (-):
. n/a HK:proxim.ircgalaxy.pl
UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 30 of 33 c432127d17
NEW none[none] none:none
none|none none none

T:10:54:00 WinXP 92.12.8.139 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
DE:dl2.teenpassage.com
US:w3bs.chat-shqip.org
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com
US:206.251.244.226:80
HK:210.245.211.11:80
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
http
65 lines Yeah : 1.3
profile none summary
tarball 25 of 33
27 of 33
31 of 33 897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29]
f4a8c4177e
[Firefox: 4 hits: 06-28 to 06-30] none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

T:10:57:00 Win2K-f 78.48.223.38 (ALICEDSL.DE):
HANSENET TELEKOMMUNIKATION GMBH,
HAMBURG, HAMBURG, DE. (DSL) n/a 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 30 of 33 252642d53e
NEW none[none] none:none
none|none none none

10:57:00 Win2K-f 80.218.176.249 (HISPEED.CH):
CABLECOMMAIN-NET,
ZURICH, ZURICH, CH. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 24 of 33 a958fceda2
NEW none[none] none:none
none|none none none

T:11:00:00 Win2K-f 91.65.190.170 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 554d4569fa
NEW none[none] none:none
none|none none none

11:02:00 WinXP 89.137.190.197 (-):
ASTRAL ROMAN DOCSIS NETWORK,
RO. n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 a0139d7ad8
[Firefox:445 hits: 05-02 to 06-27] d9e9662db1 [0] ASM:Graph
PolyEnE| lines=68 trace

T:11:02:00 WinXP 89.137.190.197 (-):
ASTRAL ROMAN DOCSIS NETWORK,
RO. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 29 of 29 a0139d7ad8
[Firefox:445 hits: 05-02 to 06-27] d9e9662db1 [0] ASM:Graph
PolyEnE| lines=68 trace

T:11:02:00 Win2K-f 222.147.249.101 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
OSAKA, OSAKA, JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

11:08:00 WinXP 88.117.92.209 (TELEKOM.AT):
HIGHWAY CUSTOMERS,
INNSBRUCK, TIROL, AT. (DSL) n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:80
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 29 of 33 5c3b578760
NEW none[none] none:none
none|none none none

11:15:00 Win2K-f 116.82.228.206 (OCN.NE.JP):
FUJITSU LIMITED,
JP. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset lanman
shell
ftp
shell
39 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2778 hits: 12-31 to 06-30] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

T:11:18:00 Win2K-f 85.182.94.156 (ALICEDSL.DE):
HANSENET-ADSL,
HAMBURG, HAMBURG, DE. (DSL) n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 24 of 33 51b4b12d5d
NEW none[none] none:none
none|none none none

T:11:22:00 WinXP 118.0.2.46 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
29 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:11:25:00 Win2K-f 78.49.117.174 (ALICEDSL.DE):
HANSENET TELEKOMMUNIKATION GMBH,
HAMBURG, HAMBURG, DE. (DSL) n/a 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 30 of 33 252642d53e
NEW none[none] none:none
none|none none none

11:30:00 WinXP 78.146.221.45 (-):
OPAL TELECOM DSL,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 27 of 33 78422b8304
[Firefox: 2 hits: 06-28 to 06-29] none[none] none:none
none|none none none

11:31:00 Win2K-f 123.222.177.74 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 29 of 33 2b2ee8ca9f
NEW none[none] none:none
none|none none none

T:11:38:00 Win2K-f 92.9.218.215 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a 445 pcap raw alerts
ruleset other
8 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

11:40:00 WinXP 88.134.112.117 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 32 of 33 80433c452f
NEW none[none] none:none
none|none none none

T:11:40:00 Win2K-f 85.178.200.108 (ALICEDSL.DE):
HANSENET-ADSL,
FRANKFURT, HESSEN, DE. (DSL) n/a 445 pcap raw alerts
ruleset shell
4 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:11:44:00 WinXP 77.20.197.94 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:11:50:00 WinXP 217.246.139.124 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
DE. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
US:chat-shqip.org
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:w3bs.chat-shqip.org
US:wr.mcboo.com
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
http
78 lines Yeah : 1.8
profile none summary
tarball 25 of 33
27 of 33
18 of 33 897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29]
db508ed4b9
NEW none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

11:50:00 WinXP 123.254.12.45 (PIKARA.NE.JP):
STNET INCORPORATED,
TAKAMATSU, KAGAWA, JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:80
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 32 of 33 ddf9439cc6
[Firefox: 2 hits: 06-30 to 06-30] none[none] none:none
none|none none none

11:53:00 Win2K-f 92.0.235.33 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl
HK:210.245.211.11:80 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 17713b53db
NEW none[none] none:none
none|none none none

11:55:00 WinXP 67.150.13.242 (MDSG-PACWEST.COM):
PAC-WEST MANAGED MODEM NAS POOL,
LOS ANGELES, CALIFORNIA, US. n/a 445 pcap raw alerts
ruleset ftp
12 lines Yeah : 0.8
profile none summary
tarball 29 of 29 1a2c0e6130
[Firefox:443 hits: 12-31 to 06-30] 048df78048 [0] ASM:Graph
none|none lines=61 trace

11:58:00 Win2K-f 118.0.199.251 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 29 of 32 e2f02283ee
NEW none[none] none:none
none|none none none

12:02:00 Win2K-f 24.181.78.250 (CHARTER.COM):
CHARTER COMMUNICATIONS,
CARROLLTON, GEORGIA, US. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 23 of 33 60858ada67
NEW none[none] none:none
none|none none none

T:12:03:00 WinXP 118.8.79.29 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:12:06:00 Win2K-f 84.13.207.157 (84.IN-ADDR.ARPA):
OPAL TELECOM DSL NETWORK,
LONDON, ENGLAND, UK. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

12:09:00 WinXP 71.104.209.73 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
YUCAIPA, CALIFORNIA, US. (DSL) n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:1373 hits: 12-31 to 06-30] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

T:12:09:00 WinXP 71.104.209.73 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
YUCAIPA, CALIFORNIA, US. (DSL) n/a RU:moscow-advokat.ru
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:1373 hits: 12-31 to 06-30] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

T:12:11:00 Win2K-f 91.66.52.223 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 21 of 32 e352ca2db1
NEW none[none] none:none
none|none none none

T:12:18:00 Win2K-f 213.242.238.40 (-):
PPTP CONNECTIONS,
EKATERINBURG, SVERDLOVSKAYA OBLAST', RU. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

12:19:00 Win2K-f 92.12.93.14 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a
HK:210.245.211.11:65520
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 32 of 33 eab50c3dea
[Firefox: 6 hits: 06-28 to 06-30] none[none] none:none
none|none none none

12:20:00 WinXP 80.135.201.82 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
COLOGNE, NORDRHEIN-WESTFALEN, DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:12:26:00 WinXP 122.133.112.29 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 28 of 33 a9c8d121f2
[Firefox: 5 hits: 06-28 to 06-30] none[none] none:none
none|none none none

12:37:00 WinXP 80.96.13.120 (RNC.RO):
RNC,
CONSTANTA, CONSTANTA, RO. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

12:37:00 WinXP 92.40.216.16 (IKBCC.COM):
EU-ZZ,
UK. n/a HK:proxim.ircgalaxy.pl
HK:210.245.211.11:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none 5ed8a3de6e
NEW none[4] none:none
ASPack| none trace

T:12:45:00 Win2K-f 92.13.147.174 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 12 of 33 ac164e8362
[Firefox: 7 hits: 06-28 to 06-30] none[none] none:none
none|none none none

12:56:00 WinXP 69.216.98.142 (AMERITECH.NET):
PPPOX POOL - RBACK5 SFLDMI,
DETROIT, MICHIGAN, US. n/a US:microsoft.com
US:download.microsoft.com
US:192.221.110.125:80
US:192.221.99.124:80
US:207.123.44.125:80 135 pcap raw alerts
ruleset other
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:301 hits: 06-17 to 06-30]
a08f3b74a4
[Firefox:109 hits: 06-18 to 06-30] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:12:59:00 Win2K-f 24.87.143.44 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
SURREY, BRITISH COLUMBIA, CA. (DSL) 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
DE:85.114.143.2:80 135 pcap raw alerts
ruleset irc
287 lines Yeah : 1.8
profile none summary
tarball 30 of 33 7df41a77e6
[Firefox: 3 hits: 06-16 to 06-25] none[4] none:none
PolyEnE| none trace

T:13:04:00 Win2K-f 92.3.177.76 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

13:05:00 Win2K-f 88.134.198.46 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 12 of 33 0964bad7d2
NEW none[none] none:none
none|none none none

13:17:00 WinXP 70.67.253.172 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
DUNCAN, BRITISH COLUMBIA, CA. (DSL) n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 32 of 33 35e6a883c4
NEW none[none] none:none
none|none none none

T:13:17:00 WinXP 70.67.253.172 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
DUNCAN, BRITISH COLUMBIA, CA. (DSL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 32 of 33 35e6a883c4
NEW none[none] none:none
none|none none none

13:19:00 WinXP 88.134.85.171 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:13:21:00 Win2K-f 24.181.78.250 (CHARTER.COM):
CHARTER COMMUNICATIONS,
CARROLLTON, GEORGIA, US. 210.245.211.11:65520 69.247.147.113:13001 HK:proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:chat-shqip.org
DE:85.114.143.2:80 445 pcap raw alerts
ruleset ftp
irc
http
101 lines Yeah : 1.8
profile none summary
tarball 23 of 33
25 of 33
27 of 33 60858ada67
NEW
897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29] none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

13:26:00 WinXP 88.111.219.239 (AS9105.COM):
TISCALI UK LTD,
STOKE ON TRENT, ENGLAND, UK. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 19 of 33 879211c9c5
NEW none[none] none:none
none|none none none

T:13:26:00 Win2K-f 79.20.67.250 (SRC.ORG):
TELECOM ITALIA NET,
ROME, LAZIO, IT. 217.170.244.2:443
CZ:217.170.244.2:443 445 pcap raw alerts
ruleset shell
ftp
irc
29 lines Yeah : 1.8
profile none summary
tarball 29 of 32 28c7521dd3
NEW none[none] none:none
none|none none none

T:13:31:00 WinXP 85.132.37.19 (AZ-IX.NET):
PROVIDER LOCAL REGISTRY,
AZ. 210.245.211.11:65520 69.247.147.113:12351 HK:proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:13001
DE:85.114.143.2:80 445 pcap raw alerts
ruleset ftp
irc
38 lines Yeah : 1.8
profile none summary
tarball 17 of 33 c54044475f
NEW none[none] none:none
none|none none none

T:13:33:00 Win2K-f 85.152.232.201 (CM-85-152-232-10.TELECABLE.ES):
TELECABLE,
AVILES, ASTURIAS, ES. (DSL) n/a 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:13:42:00 WinXP 123.50.69.4 (-):
MANA INTERNET SERVICE PROVIDER,
PAPEETE, FRENCH POLYNESIA, PF. n/a 445 pcap raw alerts
ruleset ftp
13 lines Yeah : 0.8
profile none summary
tarball 31 of 32 741e3b03b3
[Firefox:87 hits: 09-28 to 06-30] e0197e8a64 [0] ASM:Graph
none|none lines=62 trace

13:49:00 WinXP 83.97.143.54 (CM-83-97-128-10.TELECABLE.ES):
TELECABLE,
GIJON, ASTURIAS, ES. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

13:51:00 WinXP 91.141.109.104 (I-ONE.AT):
NETWORK OF ONE GMBH,
VIENNA, WIEN, AT. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 831b8074b9
NEW none[none] none:none
none|none none none

T:13:53:00 WinXP 78.48.9.64 (ALICEDSL.DE):
HANSENET TELEKOMMUNIKATION GMBH,
GELSENKIRCHEN, NORDRHEIN-WESTFALEN, DE. (DSL) n/a 445 pcap raw alerts
ruleset shell
4 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:13:58:00 Win2K-f 212.139.124.84 (AS9105.COM):
X-STREAM-UK-NL-BE,
LONDON, ENGLAND, UK. (DSL) 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
45 lines Yeah : 1.8
profile none summary
tarball 19 of 33 879211c9c5
NEW none[none] none:none
none|none none none

13:59:00 Win2K-f 91.65.59.216 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 20 of 33 91e65991e6
NEW none[none] none:none
none|none none none

14:00:00 WinXP 84.126.248.16 (ONO.COM):
PROVIDER LOCAL REGISTRY,
ES. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:14:07:00 Win2K-f 87.15.146.52 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
IT. n/a HK:proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
DE:85.114.143.2:80 445 pcap raw alerts
ruleset ftp
irc
29 lines Yeah : 1.3
profile none summary
tarball 31 of 33 e511b659f8
NEW none[none] none:none
none|none none none

14:07:00 WinXP 91.67.182.164 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

14:13:00 Win2K-f 92.8.160.26 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a 445 pcap raw alerts
ruleset ftp
18 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

14:14:00 WinXP 121.80.52.140 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 29 of 32 378e6075c9
NEW none[none] none:none
none|none none none

T:14:16:00 WinXP 80.41.150.185 (AS9105.COM):
TISCALI UK LTD,
LONDON, ENGLAND, UK. (DSL) n/a 445 pcap raw alerts
ruleset shell
ftp
16 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:14:22:00 WinXP 24.222.51.165 (EASTLINK.CA):
EASTLINK,
TRURO, NOVA SCOTIA, CA. (100Mbps) n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
112 lines Yeah : 1.3
profile none summary
tarball none
0 of 33
none c929e6508d
NEW
e07c29c4ae
[Firefox:46 hits: 06-19 to 06-30]
ee1d9a67bb
NEW c929e6508d [1]
e07c29c4ae[1]
none [4] ASM:Graph
ASM:Graph
none:none
Armadillo|
FSG|
tElock| lines=82
lines=92
none trace
trace
trace

T:14:27:00 Win2K-f 59.115.100.80 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a 445 pcap raw alerts
ruleset shell
3 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:14:29:00 WinXP 86.129.180.238 (BTCENTRALPLUS.COM):
BT-CENTRAL-PLUS,
LONDON, ENGLAND, UK. (DSL) 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
41 lines Yeah : 1.8
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:14:31:00 Win2K-f 58.88.138.126 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset other
13 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

14:34:00 Win2K-f 216.203.250.75 (ALGX.NET):
XO COMMUNICATIONS,
SCOTTSDALE, ARIZONA, US. n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
98 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:301 hits: 06-17 to 06-30]
a08f3b74a4
[Firefox:109 hits: 06-18 to 06-30] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

14:40:00 WinXP 87.15.164.244 (RETAIL.TELECOMITALIA.IT):
TELECOM ITALIA S.P.A. TIN EASY LITE,
IT. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
17 lines Yeah : 1.3
profile none summary
tarball 10 of 33 4f3df56c30
[Firefox: 6 hits: 06-28 to 06-30] none[none] none:none
none|none none none

14:53:00 Win2K-f 123.225.22.32 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset other
14 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:14:54:00 WinXP 121.114.154.123 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
51 lines Yeah : 1.8
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:14:54:00 Win2K-f 70.183.161.219 (COX.NET):
COX COMMUNICATIONS,
WOONSOCKET, RHODE ISLAND, US. n/a US:microsoft.com
US:download.microsoft.com
US:199.93.41.126:80
US:199.93.46.125:80 135 pcap raw alerts
ruleset http
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 33 53bfe15e91
[Firefox:301 hits: 06-17 to 06-30]
a08f3b74a4
[Firefox:109 hits: 06-18 to 06-30] none[4]
a08f3b74a4[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

14:55:00 WinXP 61.119.137.240 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
TOKYO, TOKYO, JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 31 of 33 b8c6e87e9c
NEW none[none] none:none
none|none none none

T:14:57:00 WinXP 85.179.193.80 (ALICEDSL.DE):
HANSENET-ADSL,
DE. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com
US:206.251.244.226:80
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset ftp
irc
http
75 lines Yeah : 1.8
profile none summary
tarball 25 of 33
27 of 33
31 of 33 897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29]
d4dc72c717
NEW none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

15:00:00 Win2K-f 88.134.222.180 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:15:04:00 Win2K-f 81.191.83.191 (BLUECOM.NO):
BLUECOM-DHCP-KRISTIANSAND,
NO. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
38 lines Yeah : 1.8
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:15:05:00 Win2K-f 70.63.215.246 (RR.COM):
ROAD RUNNER HOLDCO LLC,
HERNDON, VIRGINIA, US. n/a HK:proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:198.78.220.124:80
US:198.78.220.126:80
US:207.123.46.125:80
HK:210.245.211.11:80 135 pcap raw alerts
ruleset other
190 lines Yeah : 1.3
profile none summary
tarball 29 of 32
none 2110c8100f
[Firefox: 4 hits: 06-19 to 06-27]
e818015a89
[Firefox: 3 hits: 06-23 to 06-27] none[4]
e818015a89[1] none:none
ASM:Graph
PolyEnE|
Armadillo| none
lines=81 trace
trace

T:15:05:00 WinXP 82.6.12.228 (NTL.COM):
NTL INFRASTRUCTURE - RENFREW,
WELWYN GARDEN CITY, ENGLAND, UK. n/a HK:proxim.ircgalaxy.pl
HK:210.245.211.11:80 445 pcap raw alerts
ruleset http
irc
50 lines Yeah : 0.8
profile none summary
tarball 30 of 33 0c5e413f57
NEW none[none] none:none
none|none none none

T:15:14:00 Win2K-f 66.58.195.227 (GCI.NET):
GCI COMMUNICATIONS INC,
ANCHORAGE, ALASKA, US. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset irc
http
55 lines Yeah : 1.3
profile none summary
tarball 28 of 32
25 of 33
27 of 33 66d680665b
NEW
897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29] none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

T:15:22:00 WinXP 118.6.247.234 (-):
. 69.247.147.113:13001 US:chat-shqip.org 445 pcap raw alerts
ruleset ftp
irc
39 lines Yeah : 1.8
profile none summary
tarball 13 of 33 450e12e7a8
[Firefox: 2 hits: 06-29 to 06-30] none[none] none:none
none|none none none

T:15:25:00 Win2K-f 61.231.137.64 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TW. 217.170.244.2:443
CZ:217.170.244.2:443 445 pcap raw alerts
ruleset shell
ftp
irc
27 lines Yeah : 1.8
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2778 hits: 12-31 to 06-30] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

15:25:00 WinXP 92.8.160.190 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a 445 pcap raw alerts
ruleset ftp
13 lines Yeah : 0.8
profile none summary
tarball 31 of 32 741e3b03b3
[Firefox:87 hits: 09-28 to 06-30] e0197e8a64 [0] ASM:Graph
none|none lines=62 trace

T:15:25:00 Win2K-f 59.115.148.54 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:microsoft.com
US:wr.mcboo.com
US:206.251.244.226:80
TW:59.115.148.54:49645 445 pcap raw alerts
ruleset shell
irc
http
50 lines Yeah : 1.3
profile none summary
tarball 25 of 33
27 of 33 897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29] none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

15:41:00 Win2K-f 92.2.8.145 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl
HK:210.245.211.11:80 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 e511b659f8
NEW none[none] none:none
none|none none none

15:43:00 Win2K-f 85.179.162.24 (ALICEDSL.DE):
HANSENET-ADSL,
DE. (DSL) n/a HK:proxim.ircgalaxy.pl
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 29 of 32 54836c1279
NEW none[none] none:none
none|none none none

T:15:53:00 WinXP 201.69.190.183 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a RU:moscow-advokat.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 1.3
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:1373 hits: 12-31 to 06-30] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

15:53:00 WinXP 201.69.190.183 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) n/a RU:moscow-advokat.ru
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:1373 hits: 12-31 to 06-30] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

15:54:00 WinXP 118.8.173.11 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

15:56:00 WinXP 213.242.238.141 (-):
PPTP CONNECTIONS,
EKATERINBURG, SVERDLOVSKAYA OBLAST', RU. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

16:09:00 WinXP 172.164.1.237 (AOL.COM):
AMERICA ONLINE,
US. n/a US:microsoft.com
US:download.microsoft.com
US:64.62.216.10:80
US:64.62.216.56:80 135 pcap raw alerts
ruleset other
139 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:301 hits: 06-17 to 06-30]
73f1082158
[Firefox:128 hits: 06-18 to 06-30] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:16:12:00 Win2K-f 4.245.118.98 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
SPARKS, NEVADA, US. (DIAL) n/a US:microsoft.com
US:download.microsoft.com 135 pcap raw alerts
ruleset http
76 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:301 hits: 06-17 to 06-30]
73f1082158
[Firefox:128 hits: 06-18 to 06-30] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

16:16:00 Win2K-f 210.3.38.85 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a CA:xx.sqlteam.info
CA:xx.nadnadzz.info
CA:xx.enterhere.biz
CA:67.43.236.98:10324
CA:67.43.236.98:1863
CA:67.43.236.98:5190
CA:67.43.236.99:10324
CA:67.43.236.99:1863
CA:67.43.236.99:5190 135 pcap raw alerts
ruleset other
419 lines Yeah : 1.3
profile none summary
tarball 29 of 33 d62e5a4ae7
NEW none[none] none:none
none|none none none

T:16:16:00 WinXP 208.126.17.87 (NETINS.NET):
JEFFERSON TELEPHONE COMPANY,
RAVENWOOD, MISSOURI, US. (DSL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 31 of 31 743e51a884
NEW none[none] none:none
none|none none none

16:17:00 WinXP 41.214.172.65 (-):
. n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 29 of 29 d42c1cc7c0
[Firefox:309 hits: 05-01 to 06-29] af9ca5bed1 [0] ASM:Graph
PolyEnE| lines=54 trace

T:16:24:00 WinXP 98.15.204.205 (-):
. 194.54.90.246:80 UA:citi-bank.ru
EU:kidos-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:3123 hits: 12-31 to 06-30] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

16:26:00 WinXP 123.222.182.2 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 29 of 33 2b2ee8ca9f
NEW none[none] none:none
none|none none none

T:16:28:00 Win2K-f 88.134.85.171 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 10 of 32 d8c66e9862
NEW none[none] none:none
none|none none none

T:16:29:00 Win2K-f 4.226.42.202 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
LEWISVILLE, TEXAS, US. (DIAL) n/a HK:proxim.ircgalaxy.pl
EE:62.65.192.24:80 445 pcap raw alerts
ruleset shell
3 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:16:33:00 WinXP 119.11.108.59 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
24 lines Yeah : 1.3
profile none summary
tarball 30 of 33 c4fe07012a
[Firefox: 2 hits: 06-30 to 06-30] none[none] none:none
none|none none none

16:38:00 WinXP 118.1.249.44 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:16:42:00 WinXP 68.145.226.217 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. (DSL) n/a RU:moscow-advokat.ru
:brussels.be.eu.undernet.org
:lulea.se.eu.undernet.org
NL:diemen.nl.eu.undernet.org
:caen.fr.eu.undernet.org
SE:qis.md.us.dal.net
NO:london.uk.eu.undernet.org
:washington.dc.us.undernet.org
AT:graz.at.eu.undernet.org
:los-angeles.ca.us.undernet.org
SE:coins.dal.net
RU:194.6.222.11:6667 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 25 of 25 7f60162c2c
[Firefox:1373 hits: 12-31 to 06-30] 1aad8e4632 [0] ASM:Graph
PolyEnE| lines=93
embedded dns trace

T:16:45:00 Win2K-f 61.229.154.171 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a HK:proxim.ircgalaxy.pl
EE:62.65.192.24:80 445 pcap raw alerts
ruleset shell
3 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

16:45:00 WinXP 190.220.86.95 (-):
. n/a HK:proxim.ircgalaxy.pl
UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 32 of 33 235eaa31f1
NEW none[none] none:none
none|none none none

T:16:54:00 Win2K-f 60.39.58.148 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

16:55:00 WinXP 61.207.164.38 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
SAPPORO, HOKKAIDO, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 18 of 33 ed9047a64f
NEW none[none] none:none
none|none none none

16:55:00 WinXP 213.25.120.147 (-):
TELEWIZJA KABLOWA SWIDNIK SP. Z O.O,
PL. n/a 445 pcap raw alerts
ruleset other
8 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:17:02:00 WinXP 24.83.93.137 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
SURREY, BRITISH COLUMBIA, CA. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com
IL:dl.mcboo.com
US:b152.mcboo.com
US:b155.mcboo.com 135 pcap raw alerts
ruleset irc
http
443 lines Yeah : 1.8
profile none summary
tarball 25 of 33
27 of 33
29 of 32 897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29]
c78281a815
NEW none[none]
none [none]
none [4] none:none
none:none
none:none
none|none
none|none
PolyEnE| none
none
none none
none
trace

17:10:00 Win2K-f 119.72.30.148 (-):
. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 244c2b0b97
NEW none[none] none:none
none|none none none

17:11:00 WinXP 121.84.3.56 (EONET.NE.JP):
K-OPTICOM CORPORATION,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 1cd3489669
NEW none[none] none:none
none|none none none

T:17:13:00 Win2K-f 80.87.71.104 (GHANATEL.COM.GH):
GHANA TELECOM ASSIGNMENT,
GH. (DIAL) n/a US:qtas.net
SE:scl.jullope.com
SE:84.244.5.183:2345 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 6 of 33 ec94a48510
NEW none[none] none:none
none|none none none

17:24:00 Win2K-f 60.254.206.218 (EMOBILE.AD.JP):
EMOBILE LTD,
TOKYO, TOKYO, JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 17 of 33 5f9d85d6ce
NEW none[none] none:none
none|none none none

T:17:25:00 Win2K-f 124.86.87.252 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 12 of 33 5df4bf97cf
NEW none[none] none:none
none|none none none

17:26:00 Win2K-f 168.226.106.198 (COM.AR):
TELEFONICA DE ARGENTINA,
BUENOS AIRES, BUENOS AIRES, AR. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:17:34:00 Win2K-f 172.191.102.30 (AOL.COM):
AMERICA ONLINE,
RESTON, VIRGINIA, US. (DIAL) n/a 135 pcap raw alerts
ruleset other
18 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

17:36:00 WinXP 209.74.9.140 (EPIX.NET):
FRONTIER COMMUNICATIONS OF AMERICA INC,
BLOOMSBURG, PENNSYLVANIA, US. n/a HK:proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:192.221.99.126:80
US:206.33.45.125:80
US:207.123.46.126:80
HK:210.245.211.11:65520 135 pcap raw alerts
ruleset other
140 lines Yeah : 1.3
profile none summary
tarball 28 of 33
31 of 33 ba4637f8f0
NEW
d02ae67164
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

17:36:00 WinXP 70.125.111.243 (RR.COM):
ROAD RUNNER HOLDCO LLC,
ST. PETERSBURG, FLORIDA, US. n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:3123 hits: 12-31 to 06-30] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

17:42:00 Win2K-f 64.192.67.81 (WCG.NET):
LIGHTCORE A CENTURYTELCOMPANY,
NASHUA, NEW HAMPSHIRE, US. n/a US:chat-shqip.org
US:microsoft.com
US:download.microsoft.com
HK:proxim.ircgalaxy.pl
US:w3bs.chat-shqip.org
US:199.93.46.124:80
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 135 pcap raw alerts
ruleset other
97 lines Yeah : 1.3
profile none summary
tarball 31 of 33
29 of 33 1b94c1cc14
NEW
62728ad1cd
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:17:51:00 WinXP 118.240.159.156 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

17:53:00 WinXP 124.195.159.212 (-):
. n/a HK:proxim.ircgalaxy.pl
US:microsoft.com
US:download.microsoft.com
US:204.160.126.124:80
US:204.160.126.126:80
US:206.33.45.125:80
HK:210.245.211.11:65520 135 pcap raw alerts
ruleset other
113 lines Yeah : 1.3
profile none summary
tarball 28 of 33
32 of 33 0dea508235
NEW
c5f0f47d5c
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:17:54:00 Win2K-f 75.138.120.28 (CHARTER.COM):
CHARTER COMMUNICATIONS,
HICKORY, NORTH CAROLINA, US. n/a US:microsoft.com
US:download.microsoft.com
US:204.160.126.126:80 135 pcap raw alerts
ruleset other
180 lines Yeah : 1.3
profile none summary
tarball 29 of 33
29 of 32 ae4bed1aa9
[Firefox: 2 hits: 06-21 to 06-27]
bc51bd8226
[Firefox: 2 hits: 06-21 to 06-27] ae4bed1aa9 [1]
none [4] ASM:Graph
none:none
Armadillo|
PolyEnE| lines=81
none trace
trace

T:17:58:00 WinXP 61.20.136.164 (-):
FAR EASTONE TELECOMMUNICATION CO. LTD,
TW. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 32 of 33 2b6229dbc5
NEW none[none] none:none
none|none none none

18:01:00 WinXP 118.8.32.196 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:18:06:00 WinXP 122.17.8.26 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
TOKYO, TOKYO, JP. 210.245.211.11:65520 HK:proxima.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:chat-shqip.org
US:wr.mcboo.com
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
http
146 lines Yeah : 1.8
profile none summary
tarball 25 of 33
27 of 33
31 of 33 897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29]
a4fbe49195
[Firefox: 2 hits: 06-27 to 06-28] none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

T:18:08:00 WinXP 70.45.119.104 (ONELINKPR.NET):
SAN JUAN CABLE LLC,
SAN JUAN, PUERTO RICO, PR. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 32 of 33 e19fa0dfad
NEW none[4] none:none
PolyEnE| none trace

T:18:13:00 Win2K-f 125.172.64.181 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

18:14:00 WinXP 60.39.58.148 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

18:20:00 Win2K-f 118.1.28.167 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:18:30:00 Win2K-f 202.39.210.91 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP,
TW. n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:301 hits: 06-17 to 06-30]
73f1082158
[Firefox:128 hits: 06-18 to 06-30] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:18:32:00 WinXP 64.183.209.202 (RR.COM):
ROAD RUNNER HOLDCO LLC,
DALLAS, TEXAS, US. n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
60 lines Yeah : 1.3
profile none summary
tarball 33 of 33
8 of 33 53bfe15e91
[Firefox:301 hits: 06-17 to 06-30]
b7082104e4
[Firefox:19 hits: 06-18 to 06-30] none[4]
none [4] none:none
none:none
tElock|
tElock| none
none trace
trace

T:18:32:00 WinXP 24.181.74.150 (CHARTER.COM):
CHARTER COMMUNICATIONS,
LAGRANGE, GEORGIA, US. n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
317 lines Yeah : 1.3
profile none summary
tarball 30 of 33
29 of 33 378a4bac36
NEW
d11b4c2e19
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:18:33:00 Win2K-f 121.116.118.237 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:18:39:00 WinXP 69.202.43.114 (RR.COM):
ROAD RUNNER HOLDCO LLC,
SCHENECTADY, NEW YORK, US. n/a EU:siliconfireware.ru
US:searchportal.information.com
US:sprw.information.com
US:spi.domainsponsor.com
GB:new.egg.com
:wpad
CA:www.cibc.com
US:208.73.212.12:80
DE:212.227.111.29:80
GB:217.145.225.22:80
EU:78.47.200.154:80 445 pcap raw alerts
ruleset http
http
http
9 lines Yeah : 0.8
profile none summary
tarball 0 of 33
0 of 33
29 of 29 002eb58800
NEW
84f44829ab
NEW
a12cab51ef
[Firefox:1087 hits: 05-01 to 06-30] none[none]
none [none]
40f7f463c4[0] none:none
none:none
ASM:Graph
none|none
none|none
ASPack| none
none
lines=281
embedded dns none
none
trace

18:41:00 WinXP 60.45.92.77 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 b8c6e87e9c
NEW none[none] none:none
none|none none none

18:42:00 Win2K-f 125.175.146.96 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 12 of 33 a96d6f6d31
[Firefox: 4 hits: 06-28 to 06-30] none[none] none:none
none|none none none

T:18:42:00 Win2K-f 92.2.8.145 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com
US:206.251.244.226:80
HK:210.245.211.11:80 445 pcap raw alerts
ruleset ftp
irc
http
70 lines Yeah : 1.3
profile none summary
tarball 25 of 33
27 of 33
31 of 33 897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29]
e511b659f8
NEW none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

18:44:00 WinXP 64.183.209.202 (RR.COM):
ROAD RUNNER HOLDCO LLC,
DALLAS, TEXAS, US. n/a US:microsoft.com
US:download.microsoft.com
US:198.78.220.124:80
US:205.128.79.125:80
US:207.123.46.125:80 135 pcap raw alerts
ruleset other
60 lines Yeah : 1.3
profile none summary
tarball 33 of 33
8 of 33 53bfe15e91
[Firefox:301 hits: 06-17 to 06-30]
b7082104e4
[Firefox:19 hits: 06-18 to 06-30] none[4]
none [4] none:none
none:none
tElock|
tElock| none
none trace
trace

18:56:00 WinXP 61.224.106.179 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TAIPEI, T'AI-PEI, TW. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2778 hits: 12-31 to 06-30] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

19:00:00 Win2K-f 118.19.56.165 (-):
. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:19:04:00 WinXP 123.220.93.186 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

19:05:00 WinXP 122.18.220.188 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:19:05:00 Win2K-f 121.2.146.19 (SO-NET.NE.JP):
SO-NET SERVICE,
JP. (DSL) n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 18 of 32 4347a366c8
NEW none[none] none:none
none|none none none

T:19:08:00 Win2K-f 207.171.232.161 (WELLSREC.NET):
WELLS RURAL ELECTRIC COMPANY,
SAN FRANCISCO, CALIFORNIA, US. n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80 135 pcap raw alerts
ruleset other
82 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:301 hits: 06-17 to 06-30]
73f1082158
[Firefox:128 hits: 06-18 to 06-30] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

19:14:00 WinXP 12.219.102.180 (MCHSI.COM):
MEDIACOM COMMUNICATIONS CORP,
DUBUQUE, IOWA, US. n/a 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:19:21:00 Win2K-f 216.27.114.73 (PRIMELINK1.NET):
PRIMELINK INC,
PLATTSBURGH, NEW YORK, US. 210.245.211.11:65520 US:microsoft.com
HK:proxim.ircgalaxy.pl
US:download.microsoft.com
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset irc
http
175 lines Yeah : 1.8
profile none summary
tarball 25 of 33
27 of 33
none
none 897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29]
dc20b6fe59
[Firefox: 3 hits: 06-23 to 06-26]
f97070ef2b
[Firefox: 3 hits: 06-23 to 06-26] none[none]
none [none]
dc20b6fe59[1]
none [4] none:none
none:none
ASM:Graph
none:none
none|none
none|none
Armadillo|
PolyEnE| none
none
lines=81
none none
none
trace
trace

19:22:00 Win2K-f 70.183.109.221 (COX.NET):
COX COMMUNICATIONS,
SAN DIEGO, CALIFORNIA, US. (100Mbps) n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:301 hits: 06-17 to 06-30]
73f1082158
[Firefox:128 hits: 06-18 to 06-30] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

19:26:00 Win2K-f 81.191.83.191 (BLUECOM.NO):
BLUECOM-DHCP-KRISTIANSAND,
NO. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:19:29:00 WinXP 60.236.134.19 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
29 lines Yeah : 1.3
profile none summary
tarball 28 of 33 a9c8d121f2
[Firefox: 5 hits: 06-28 to 06-30] none[none] none:none
none|none none none

T:19:31:00 WinXP 70.118.225.87 (RR.COM):
ROAD RUNNER HOLDCO LLC,
LAKELAND, FLORIDA, US. n/a 445 pcap raw alerts
ruleset http
1 line Argh : 0.3
profile none summary
tarball none none none none none none none

T:19:34:00 Win2K-f 221.127.142.229 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

19:35:00 Win2K-f 116.82.190.48 (OCN.NE.JP):
FUJITSU LIMITED,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:19:38:00 Win2K-f 202.147.193.229 (INFOKOM.NET):
INFOKOM ELEKTRINDO INC,
ID. (DSL) n/a HK:proxim.ircgalaxy.pl
HK:210.245.211.11:65520 135 pcap raw alerts
ruleset http
6 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:19:43:00 WinXP 60.239.251.152 (MESH.AD.JP):
NEC CORPORATION,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

19:58:00 WinXP 60.254.200.166 (EMOBILE.AD.JP):
EMOBILE LTD,
TOKYO, TOKYO, JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 18 of 33 f6f494b764
NEW none[none] none:none
none|none none none

20:01:00 Win2K-f 122.30.110.189 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 05d02aef50
[Firefox: 3 hits: 06-28 to 06-29] none[none] none:none
none|none none none

T:20:05:00 WinXP 4.142.111.104 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
ELGIN, ILLINOIS, US. (DIAL) n/a 135 pcap raw alerts
ruleset other
19 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:20:06:00 Win2K-f 189.70.57.47 (-):
. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
US:ksn.a1001186.wrs.mcboo.com 445 pcap raw alerts
ruleset irc
http
59 lines Yeah : 0.8
profile none summary
tarball 25 of 33
27 of 33 897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29] none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:20:07:00 WinXP 4.191.230.42 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
COLLEGEDALE, TENNESSEE, US. (DIAL) 217.170.244.2:443
CZ:217.170.244.2:443 445 pcap raw alerts
ruleset shell
ftp
irc
28 lines Yeah : 1.8
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2778 hits: 12-31 to 06-30] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

20:09:00 WinXP 123.198.72.218 (SO-NET.NE.JP):
SO-NET SERVICE,
JP. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 31 of 33 8a9994c64b
NEW none[none] none:none
none|none none none

T:20:13:00 WinXP 123.222.195.245 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:20:22:00 Win2K-f 121.2.14.193 (SO-NET.NE.JP):
SO-NET SERVICE,
JP. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com
US:206.251.244.226:80 445 pcap raw alerts
ruleset ftp
irc
http
123 lines Yeah : 1.8
profile none summary
tarball 28 of 32
25 of 33
27 of 33 3277dd91f9
NEW
897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29] none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

T:20:26:00 WinXP 61.209.26.51 (ODN.AD.JP):
OPEN DATA NETWORK(JAPAN TELECOM CO. LTD.),
JP. (DIAL) n/a UA:citi-bank.ru
UA:194.54.90.246:80 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 26 of 28 7d99b0e910
[Firefox:3123 hits: 12-31 to 06-30] 7a70e1b592 [0] ASM:Graph
PolyEnE| lines=68 trace

20:29:00 Win2K-f 119.72.4.76 (-):
. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
17 lines Yeah : 1.3
profile none summary
tarball 22 of 33 869081411d
[Firefox: 2 hits: 06-27 to 06-28] none[none] none:none
none|none none none

20:33:00 WinXP 4.225.137.112 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
LAWRENCEBURG, INDIANA, US. (DIAL) n/a US:microsoft.com
US:download.microsoft.com
US:204.160.126.126:80
US:205.128.79.124:80
US:207.123.37.125:80 135 pcap raw alerts
ruleset other
79 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:301 hits: 06-17 to 06-30]
73f1082158
[Firefox:128 hits: 06-18 to 06-30] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

20:37:00 Win2K-f 122.133.66.190 (MESH.AD.JP):
NEC BIGLOBE LTD,
TOKYO, TOKYO, JP. n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
17 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2778 hits: 12-31 to 06-30] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

T:20:42:00 Win2K-f 4.234.21.43 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
MIAMI, FLORIDA, US. (DIAL) 210.245.211.11:65520 217.170.244.2:443 HK:proxim.ircgalaxy.pl
US:ksn.a1001186.wrs.mcboo.com
US:206.251.244.226:80
CZ:217.170.244.2:443 445 pcap raw alerts
ruleset shell
ftp
irc
http
51 lines Yeah : 1.8
profile none summary
tarball 25 of 28
27 of 33 7fdfe363d5
[Firefox:2778 hits: 12-31 to 06-30]
a014934a72
[Firefox:24 hits: 06-28 to 06-29] 10862ea8b8 [0]
none [none] ASM:Graph
none:none
FSG|
none|none lines=1933
embedded dns
none trace
none

20:46:00 WinXP 221.171.144.108 (MESH.AD.JP):
BIGLOBE-CIDR-BLK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

20:55:00 Win2K-f 221.190.91.71 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:20:57:00 Win2K-f 123.225.134.213 (OCN.NE.JP):
NTT COMMUNICATIONS CORPORATION,
TOKYO, TOKYO, JP. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:206.251.244.226:80 445 pcap raw alerts
ruleset ftp
irc
http
43 lines Yeah : 1.8
profile none summary
tarball 27 of 33
29 of 31 a014934a72
[Firefox:24 hits: 06-28 to 06-29]
be6d817241
NEW none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:21:00:00 WinXP 219.164.60.158 (PLALA.OR.JP):
PLALA NETWORKS INC,
SHIZUOKA, SHIZUOKA, JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

21:03:00 WinXP 24.165.33.9 (RR.COM):
ROAD RUNNER HOLDCO LLC,
HONOLULU, HAWAII, US. n/a UA:citi-bank.ru 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball 32 of 32 21cc05003b
[Firefox: 4 hits: 08-18 to 09-15] none[none] none:none
none|none none none

21:20:00 WinXP 92.9.178.162 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 12 of 33 9a32965bc8
[Firefox: 7 hits: 06-28 to 06-30] none[none] none:none
none|none none none

21:28:00 WinXP 119.228.221.233 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:21:33:00 Win2K-f 118.19.56.165 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:21:34:00 Win2K-f 221.127.233.230 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 25 of 32 cd6fdcc911
NEW none[none] none:none
none|none none none

T:21:34:00 Win2K-f 70.74.202.207 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
CALGARY, ALBERTA, CA. n/a US:microsoft.com
US:download.microsoft.com
US:72.247.30.81:80
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:301 hits: 06-17 to 06-30]
73f1082158
[Firefox:128 hits: 06-18 to 06-30] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

T:21:34:00 WinXP 88.134.245.183 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
29 lines Yeah : 1.3
profile none summary
tarball 31 of 33 58ba8e9efd
[Firefox: 2 hits: 06-28 to 06-29] none[none] none:none
none|none none none

21:42:00 Win2K-f 202.179.239.155 (CABLENET.NE.JP):
CABLENET SAITAMA CO. LTD,
JP. (DSL) n/a US:microsoft.com
HK:proxim.ircgalaxy.pl
US:download.microsoft.com
HK:210.245.211.11:65520
US:72.247.30.83:80 135 pcap raw alerts
ruleset other
113 lines Yeah : 1.3
profile none summary
tarball 31 of 33
30 of 33 02cab5983b
NEW
76e6f343c5
NEW none[4]
76e6f343c5[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=82 trace
trace

T:21:43:00 Win2K-f 60.35.85.89 (PLALA.OR.JP):
PLALA NETWORKS INC,
OSAKA, OSAKA, JP. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset ftp
irc
29 lines Yeah : 1.8
profile none summary
tarball 30 of 33 e9b3449486
NEW none[none] none:none
none|none none none

T:21:53:00 Win2K-f 210.199.98.11 (ENJOY.NE.JP):
DEODEO INTERNET SERVICE(DEODEO CORPORATION),
JP. (DSL) 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:206.251.244.226:80 445 pcap raw alerts
ruleset ftp
irc
http
56 lines Yeah : 1.8
profile none summary
tarball 30 of 33
27 of 33 6bf9acfa77
NEW
a014934a72
[Firefox:24 hits: 06-28 to 06-29] none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

T:22:00:00 Win2K-f 213.208.14.243 (FROHNLEITEN.AT):
ISP WITH MANY LOCATIONS IN AUSTRIA,
AT. n/a 445 pcap raw alerts
ruleset ftp
20 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:22:03:00 Win2K-f 82.246.137.39 (PROXAD.NET):
PROXAD / FREE SAS,
NICE, PROVENCE-ALPES-COTE D'AZUR, FR. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 10 of 33 8c6b98ffe4
[Firefox: 3 hits: 06-28 to 06-28] none[none] none:none
none|none none none

22:08:00 WinXP 91.66.24.137 (SUPERKABEL.DE):
KABEL DEUTSCHLAND BREITBAND SERVICE GMBH,
DE. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 f7fe13b098
[Firefox: 3 hits: 06-28 to 06-29] none[none] none:none
none|none none none

T:22:14:00 Win2K-f 72.251.1.248 (1DIAL.COM):
AD-BASE SYSTEMS INC. (DBA GLOBALPOPS),
MISSOURI CITY, TEXAS, US. (DIAL) 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com 445 pcap raw alerts
ruleset shell
irc
http
55 lines Yeah : 1.8
profile none summary
tarball 25 of 33
27 of 33 897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29] none[none]
none [none] none:none
none:none
none|none
none|none none
none none
none

22:16:00 Win2K-f 119.11.98.85 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
20 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:22:17:00 WinXP 118.0.115.23 (-):
. 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:chat-shqip.org
US:wr.mcboo.com
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
irc
http
91 lines Yeah : 1.8
profile none summary
tarball 18 of 33
25 of 33
27 of 33 01471a5b7b
NEW
897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29] none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

T:22:26:00 WinXP 208.32.149.26 (BUGGS.NET):
BUGGS NET TELEPHONE,
LA CROSSE, VIRGINIA, US. 194.54.90.246:80 UA:citi-bank.ru 445 pcap raw alerts
ruleset http
2 lines Yeah : 1.3
profile none summary
tarball 29 of 29 f502585714
[Firefox:90 hits: 05-03 to 06-30] ae590430c5 [0] ASM:Graph
PolyEnE| lines=63 trace

T:22:29:00 Win2K-f 217.94.241.63 (T-DIALIN.NET):
DEUTSCHE TELEKOM AG,
STUTTGART, BADEN-WURTTEMBERG, DE. (DIAL) 210.245.211.11:65520 HK:proxim.ircgalaxy.pl
DE:dl2.teenpassage.com
US:ksn.a1001186.wrs.mcboo.com
US:wr.mcboo.com 445 pcap raw alerts
ruleset ftp
irc
http
127 lines Yeah : 1.8
profile none summary
tarball 30 of 33
25 of 33
27 of 33 1ba3d9d3e8
[Firefox: 2 hits: 06-29 to 06-30]
897d59617c
[Firefox:21 hits: 06-28 to 06-29]
a014934a72
[Firefox:24 hits: 06-28 to 06-29] none[none]
none [none]
none [none] none:none
none:none
none:none
none|none
none|none
none|none none
none
none none
none
none

T:22:34:00 Win2K-f 220.105.244.103 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

22:36:00 Win2K-f 4.226.228.217 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
WACO, TEXAS, US. (DIAL) n/a
CZ:217.170.244.2:443
CZ:82.114.64.251:443 445 pcap raw alerts
ruleset shell
ftp
18 lines Yeah : 1.3
profile none summary
tarball 25 of 28 7fdfe363d5
[Firefox:2778 hits: 12-31 to 06-30] 10862ea8b8 [0] ASM:Graph
FSG| lines=1933
embedded dns trace

22:44:00 WinXP 118.0.115.23 (-):
. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:65520
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 18 of 33 01471a5b7b
NEW none[none] none:none
none|none none none

T:22:49:00 Win2K-f 4.225.214.128 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
LOVELAND, COLORADO, US. (DIAL) n/a HK:proxim.ircgalaxy.pl
HK:210.245.211.11:65520
US:4.225.214.128:21 445 pcap raw alerts
ruleset shell
http
4 lines Yeah : 1.3
profile none summary
tarball none none none none none none none

T:22:51:00 WinXP 122.26.197.116 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 8 of 33 b2fae7acd0
[Firefox: 3 hits: 06-28 to 06-30] none[none] none:none
none|none none none

22:57:00 Win2K-f 77.20.215.181 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 31 of 33 655b67bcba
NEW none[none] none:none
none|none none none

T:23:05:00 Win2K-f 60.177.166.97 (163DATA.COM.CN):
CHINANET-ZJ HANGZHOU NODE NETWORK,
HANGZHOU, ZHEJIANG, CN. n/a HK:proxim.ircgalaxy.pl
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:23:05:00 Win2K-f 118.240.40.77 (-):
. n/a 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 20 of 33 17739a55ad
[Firefox:165 hits: 06-27 to 06-30] none[none] none:none
none|none none none

23:07:00 WinXP 24.80.161.105 (SHAWCABLE.NET):
SHAW COMMUNICATIONS INC,
VANCOUVER, BRITISH COLUMBIA, CA. (DSL) n/a US:microsoft.com
US:download.microsoft.com
US:205.128.79.124:80
US:207.123.47.126:80
US:8.12.202.125:80 135 pcap raw alerts
ruleset other
96 lines Yeah : 1.3
profile none summary
tarball 31 of 32
2 of 32 607b60ad51
[Firefox: 3 hits: 06-20 to 06-27]
e5c7bce70e
[Firefox: 3 hits: 06-20 to 06-27] none[4]
e5c7bce70e[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

23:13:00 Win2K-f 97.93.81.127 (-):
. n/a US:microsoft.com
US:download.microsoft.com
US:64.62.216.10:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:301 hits: 06-17 to 06-30]
73f1082158
[Firefox:128 hits: 06-18 to 06-30] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

23:14:00 Win2K-f 222.144.249.99 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 30 of 33 dd1195e952
[Firefox: 2 hits: 06-28 to 06-29] none[none] none:none
none|none none none

T:23:15:00 Win2K-f 125.121.162.165 (163DATA.COM.CN):
CHINANET-ZJ HANGZHOU NODE NETWORK,
HANGZHOU, ZHEJIANG, CN. n/a HK:proxim.ircgalaxy.pl
US:206.251.244.226:80
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset http
1 line Yeah : 0.8
profile none summary
tarball none none none none none none none

T:23:16:00 WinXP 92.0.146.158 (-):
CARPHONE WAREHOUSE BROADBAND SERVICES,
UK. n/a HK:proxim.ircgalaxy.pl
US:chat-shqip.org
US:w3bs.chat-shqip.org
HK:210.245.211.11:80
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 31 of 33 e511b659f8
NEW none[none] none:none
none|none none none

T:23:22:00 Win2K-f 85.177.32.13 (ALICEDSL.DE):
HANSENET-ADSL,
DE. n/a HK:proxim.ircgalaxy.pl
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 29 of 32 54836c1279
NEW none[none] none:none
none|none none none

23:25:00 WinXP 213.55.67.187 (TELECOM.NET.ET):
ETHIOPIAN TELECOMMUNICATION CORPORATION,
ADDIS ABABA, ADDIS ABABA, ET. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 9 of 33 4cd2a5e755
NEW none[none] none:none
none|none none none

T:23:31:00 Win2K-f 60.47.17.241 (PLALA.OR.JP):
PLALA NETWORKS INC,
JP. n/a HK:proxim.ircgalaxy.pl
HK:210.245.211.11:65520 445 pcap raw alerts
ruleset http
2 lines Yeah : 0.8
profile none summary
tarball none none none none none none none

T:23:32:00 Win2K-f 119.72.58.252 (-):
. n/a 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball 30 of 33 d450c97d2b
NEW none[none] none:none
none|none none none

T:23:37:00 Win2K-f 119.11.108.192 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:23:37:00 WinXP 88.134.40.100 (SUPERKABEL.DE):
KABEL-DEUTSCHLAND-CUSTOMER-SERVICES,
DE. (DSL) n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 30 of 33 d7ce7117a7
NEW none[none] none:none
none|none none none

23:37:00 WinXP 118.236.142.188 (-):
. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
26 lines Yeah : 1.3
profile none summary
tarball 10 of 33 d2c26e07fd
[Firefox:109 hits: 06-27 to 06-30] none[none] none:none
none|none none none

T:23:39:00 WinXP 65.86.192.131 (-):
NOVICK EDELSTEIN ET AL,
YONKERS, NEW YORK, US. (100Mbps) n/a US:microsoft.com
US:download.microsoft.com
US:199.93.41.124:80
US:199.93.41.126:80
US:207.123.46.125:80 135 pcap raw alerts
ruleset other
75 lines Yeah : 1.3
profile none summary
tarball 33 of 33
0 of 32 53bfe15e91
[Firefox:301 hits: 06-17 to 06-30]
73f1082158
[Firefox:128 hits: 06-18 to 06-30] none[4]
73f1082158[1] none:none
ASM:Graph
tElock|
Armadillo| none
lines=81 trace
trace

23:50:00 Win2K-f 80.177.4.121 (DEMON.CO.UK):
DEMON INTERNET / THUS PLC,
LONDON, ENGLAND, UK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
28 lines Yeah : 1.3
profile none summary
tarball 12 of 33 9a32965bc8
[Firefox: 7 hits: 06-28 to 06-30] none[none] none:none
none|none none none

23:54:00 WinXP 221.127.140.151 (HUTCHCITY.COM):
HUTCHISON GLOBAL COMMUNICATIONS,
HONG KONG, HONG KONG (SAR), HK. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
23 lines Yeah : 1.3
profile none summary
tarball 26 of 33 ca15c09536
[Firefox:136 hits: 06-27 to 06-30] none[none] none:none
none|none none none

23:56:00 WinXP 122.26.197.116 (OCN.NE.JP):
OPEN COMPUTER NETWORK,
JP. n/a US:chat-shqip.org
US:w3bs.chat-shqip.org
US:69.247.147.113:12351
US:69.247.147.113:13001 445 pcap raw alerts
ruleset ftp
27 lines Yeah : 1.3
profile none summary
tarball 8 of 33 b2fae7acd0
[Firefox: 3 hits: 06-28 to 06-30] none[none] none:none
none|none none none

T:23:59:00 Win2K-f 119.72.56.112 (-):
. n/a 445 pcap raw alerts
ruleset ftp
25 lines Yeah : 1.3
profile none summary
tarball none none none none none none none