|
Time |
Victim OS |
Infection Source |
C&C Server |
DNS Lookups & Failed Connects |
Infection Port |
Packet Trace |
Detection Signatures |
Infection Chatter |
BotHunter Analysis |
Behavioral Cluster |
Forensic Logs |
Antivirus Labels |
Packed Malware_Binary |
Unpacked egg.exe |
Unpacked egg.asm |
Packer PEID |
Data Strings |
Syscall Trace |
| T:00:09:00 | WinXP | 79.163.177.77 (-): IDEA, PL. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:00:26:00 | WinXP | 91.139.198.77 (-): CABLETEL_CMTS, BG. |
n/a | :proxim.ircgalaxy.pl 115.126.2.121:65520 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 00:31:00 | WinXP | 121.73.136.247 (TELSTRACLEAR.NET): TELECOMMUNICATIONS COMPANY, NZ. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.173.47:80 US:208.111.173.52:80 |
135 | pcap | raw alerts ruleset |
other 350 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 00:38:00 | Win2K-f | 172.132.202.40 (AOL.COM): AMERICA ONLINE, RESTON, VIRGINIA, US. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.173.47:80 US:208.111.173.52:80 |
135 | pcap | raw alerts ruleset |
other 86 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 00:45:00 | WinXP | 71.72.163.74 (RR.COM): ROAD RUNNER HOLDCO LLC, GREENVILLE, OHIO, US. |
n/a | RU:moscow-advokat.ru US:lia.zanet.net :lulea.se.eu.undernet.org SE:qis.md.us.dal.net SE:ced.dal.net NL:london.uk.eu.undernet.org NL:diemen.nl.eu.undernet.org :caen.fr.eu.undernet.org :gaspode.zanet.org.za SE:vancouver.dal.net SE:ozbytes.dal.net :flanders.be.eu.undernet.org :brussels.be.eu.undernet.org SE:coins.dal.net AT:graz.at.eu.undernet.org SE:viking.dal.net |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:00:45:00 | WinXP | 69.85.108.41 (ELLIJAY.COM): ELLIJAY COMMUNITY TELEVISION, BLUE RIDGE, GEORGIA, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:00:53:00 | Win2K-f | 70.65.28.75 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, RED DEER, ALBERTA, CA. (DSL) |
n/a | :proxim.ircgalaxy.pl US:microsoft.com US:download.microsoft.com 115.126.2.121:80 US:198.78.201.126:80 US:199.93.41.126:80 US:199.93.44.124:80 |
135 | pcap | raw alerts ruleset |
other 126 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 00:54:00 | Win2K-f | 69.107.174.37 (PACBELL.NET): 3CIM INC, SAN JOSE, CALIFORNIA, US. (DSL) |
n/a | :proxim.ircgalaxy.pl US:microsoft.com US:download.microsoft.com 115.126.2.121:65520 US:198.78.201.126:80 US:199.93.41.126:80 US:199.93.44.124:80 |
135 | pcap | raw alerts ruleset |
other 113 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 00:59:00 | WinXP | 88.174.49.66 (PROXAD.NET): PROXAD / FREE SAS, FR. |
n/a | :proxim.ircgalaxy.pl UA:citi-bank.ru 115.126.2.121:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 01:10:00 | Win2K-f | 76.78.9.177 (APOGEENET.NET): APOGEE TELECOM INC, AUSTIN, TEXAS, US. |
115.126.2.121:65520 | :proxim.ircgalaxy.pl | 445 | pcap | raw alerts ruleset |
irc 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:01:11:00 | Win2K-f | 76.78.9.177 (APOGEENET.NET): APOGEE TELECOM INC, AUSTIN, TEXAS, US. |
n/a | :proxim.ircgalaxy.pl 115.126.2.121:80 |
445 | pcap | raw alerts ruleset |
irc 12 lines |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:01:29:00 | Win2K-f | 99.141.131.163 (-): . |
n/a | :proxim.ircgalaxy.pl | 445 | pcap | raw alerts ruleset |
irc 18 lines |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 01:50:00 | Win2K-f | 122.55.219.22 (PLDT.NET): IPG, PH. |
115.126.2.121:65520 | US:microsoft.com US:download.microsoft.com :proxim.ircgalaxy.pl US:192.221.99.124:80 US:198.78.201.126:80 US:4.23.60.125:80 |
135 | pcap | raw alerts ruleset |
irc 149 lines |
Yeah : 1.8 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| T:01:59:00 | WinXP | 203.91.176.117 (STARCAT.NE.JP): KMN CORPORATION, NAGOYA, AICHI, JP. |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.110.125:80 US:205.128.73.126:80 US:207.123.37.126:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 02:00:00 | WinXP | 78.49.192.164 (ALICEDSL.DE): HANSENET TELEKOMMUNIKATION GMBH, HAMBURG, HAMBURG, DE. (DSL) |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:02:02:00 | Win2K-f | 211.119.72.250 (BORA.NET): BORANET-NET, KR. |
115.126.2.121:65520 | :proxim.ircgalaxy.pl US:microsoft.com US:download.microsoft.com :fleshkatera.cn :lolika.cn :www.upononjob.cn :mulfika.cn 115.126.2.121:65520 US:192.221.110.125:80 |
135 | pcap | raw alerts ruleset |
http irc 245 lines |
Yeah : 1.8 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 02:04:00 | Win2K-f | 211.117.152.186 (HANANET.NET): HANARO TELECOM INC, SEOUL, KYONGGI-DO, KR. |
115.126.2.121:65520 | 135 | pcap | raw alerts ruleset |
irc 12 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 02:09:00 | WinXP | 75.79.45.60 (-): . |
n/a | US:microsoft.com US:download.microsoft.com US:198.78.201.126:80 US:207.123.37.123:80 |
135 | pcap | raw alerts ruleset |
http 77 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| T:02:09:00 | WinXP | 92.41.44.232 (IKBCC.COM): EU-ZZ, UK. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 02:12:00 | Win2K-f | 216.161.137.131 (QWEST.NET): QWEST COMMUNICATIONS CORPORATION, BOISE, IDAHO, US. |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.99.126:80 |
135 | pcap | raw alerts ruleset |
other 81 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| T:02:13:00 | Win2K-f | 125.58.65.146 (-): . |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.99.126:80 |
135 | pcap | raw alerts ruleset |
other 59 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| T:02:20:00 | WinXP | 92.40.186.227 (IKBCC.COM): EU-ZZ, UK. |
115.126.2.121:65520 | :proxim.ircgalaxy.pl UA:citi-bank.ru :fleshkatera.cn UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http irc 10 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 02:22:00 | WinXP | 92.40.186.227 (IKBCC.COM): EU-ZZ, UK. |
n/a | :proxim.ircgalaxy.pl UA:citi-bank.ru 115.126.2.121:65520 UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 02:23:00 | WinXP | 94.191.147.160 (-): . |
n/a | RU:moscow-advokat.ru SE:vancouver.dal.net :gaspode.zanet.org.za :washington.dc.us.undernet.org US:lia.zanet.net SE:viking.dal.net :lulea.se.eu.undernet.org SE:qis.md.us.dal.net SE:ozbytes.dal.net :brussels.be.eu.undernet.org SE:coins.dal.net NL:diemen.nl.eu.undernet.org SE:ced.dal.net :los-angeles.ca.us.undernet.org NL:london.uk.eu.undernet.org :flanders.be.eu.undernet.org SE:broadway.ny.us.dal.net RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 02:43:00 | Win2K-f | 151.197.30.35 (VERIZON.NET): VERIZON INTERNET SERVICES INC, PHILADELPHIA, PENNSYLVANIA, US. |
115.126.2.121:65520 | 135 | pcap | raw alerts ruleset |
irc 7 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:02:44:00 | Win2K-f | 222.236.225.26 (HANANET.NET): HANARO TELECOM INC, KR. |
115.126.2.121:65520 | US:microsoft.com :proxim.ircgalaxy.pl US:download.microsoft.com US:208.111.148.226:80 |
135 | pcap | raw alerts ruleset |
irc 145 lines |
Yeah : 1.8 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| T:02:46:00 | WinXP | 220.129.120.203 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, KAOHSIUNG, KAO-HSIUNG, TW. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 02:46:00 | WinXP | 220.129.120.203 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, KAOHSIUNG, KAO-HSIUNG, TW. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 02:52:00 | WinXP | 212.253.11.92 (SUPERONLINE.COM): SUPERONLINE INC, ISTANBUL, ISTANBUL, TR. |
n/a | :proxim.ircgalaxy.pl RU:moscow-advokat.ru :washington.dc.us.undernet.org US:lia.zanet.net :caen.fr.eu.undernet.org SE:qis.md.us.dal.net NL:london.uk.eu.undernet.org 115.126.2.121:65520 RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 02:57:00 | Win2K-f | 61.20.130.144 (-): FAR EASTONE TELECOMMUNICATION CO. LTD, TW. |
115.126.2.121:65520 | :proxim.ircgalaxy.pl 115.126.2.121:65520 |
135 | pcap | raw alerts ruleset |
irc 21 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:02:59:00 | WinXP | 201.69.35.82 (STERLINGSTUDENTS.NET): COMITE GESTOR DA INTERNET NO BRASIL, BR. (DSL) |
n/a | RU:moscow-advokat.ru RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:03:05:00 | Win2K-f | 218.228.171.227 (EONET.NE.JP): K-OPTICOM CORPORATION, HIMEJI, HYOGO, JP. |
115.126.2.121:65520 | US:microsoft.com :proxim.ircgalaxy.pl US:download.microsoft.com US:204.160.126.126:80 US:205.128.73.126:80 |
445 | pcap | raw alerts ruleset |
irc http 6 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:03:30:00 | WinXP | 74.218.252.66 (-): . |
n/a | :proxim.ircgalaxy.pl UA:citi-bank.ru 115.126.2.121:65520 UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 03:36:00 | Win2K-f | 61.220.116.19 (HINET.NET): DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD, TAIPEI, T'AI-PEI, TW. |
n/a | US:microsoft.com US:download.microsoft.com US:207.123.37.123:80 |
135 | pcap | raw alerts ruleset |
other 171 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| T:03:52:00 | WinXP | 88.163.5.117 (PROXAD.NET): PROXAD / FREE SAS, FR. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:04:09:00 | WinXP | 70.184.240.103 (COX.NET): COX COMMUNICATIONS, FALLS CHURCH, VIRGINIA, US. |
n/a | :proxim.ircgalaxy.pl US:microsoft.com US:download.microsoft.com 115.126.2.121:65520 US:198.78.201.126:80 US:204.160.126.126:80 US:205.128.73.126:80 |
135 | pcap | raw alerts ruleset |
other 114 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 04:34:00 | WinXP | 58.188.129.182 (EONET.NE.JP): K-OPTICOM CORPORATION, OSAKA, OSAKA, JP. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 15 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:04:46:00 | WinXP | 118.12.219.61 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 14 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 05:00:00 | WinXP | 87.50.92.21 (ADSL-DHCP.TELE.DK): TDC-TELEDANMARK-BREDBAANDSADSL-NET, COPENHAGEN, COPENHAGEN, DK. (DSL) |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:05:00:00 | WinXP | 87.50.92.21 (ADSL-DHCP.TELE.DK): TDC-TELEDANMARK-BREDBAANDSADSL-NET, COPENHAGEN, COPENHAGEN, DK. (DSL) |
n/a | RU:moscow-advokat.ru RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 05:26:00 | Win2K-f | 116.126.26.140 (-): HANARO TELECOM, SEOUL, KYONGGI-DO, KR. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.173.42:80 US:208.111.173.46:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| T:05:51:00 | Win2K-f | 119.92.25.7 (-): . |
n/a | US:microsoft.com US:download.microsoft.com :proxim.ircgalaxy.pl 115.126.2.121:65520 US:192.221.99.124:80 US:199.93.44.124:80 US:199.93.44.126:80 |
135 | pcap | raw alerts ruleset |
other 126 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| T:05:54:00 | WinXP | 212.27.11.227 (-): MLIFENET, RU. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:06:10:00 | WinXP | 151.54.124.89 (38-151.NET24.IT): IUNET-BNET, VENICE, VENETO, IT. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 06:16:00 | WinXP | 84.3.182.32 (T-ONLINE.HU): HUNGARIAN TELECOM, BUDAPEST, BUDAPEST, HU. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 06:42:00 | WinXP | 122.53.171.136 (PLDT.NET): IPG, PH. |
115.126.2.121:65520 | :proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http irc 3 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:06:57:00 | WinXP | 83.132.166.33 (CPE.NETCABO.PT): TVCABO-PORTUGAL CABLE MODEM NETWORK, LISBON, LISBOA, PT. (DSL) |
n/a | :proxim.ircgalaxy.pl UA:citi-bank.ru 115.126.2.121:65520 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 07:03:00 | Win2K-f | 24.92.189.231 (RR.COM): ROAD RUNNER HOLDCO LLC, TAMPA, FLORIDA, US. |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 07:04:00 | WinXP | 24.59.12.84 (RR.COM): ROAD RUNNER HOLDCO LLC, ROME, NEW YORK, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:07:09:00 | WinXP | 89.204.233.152 (O2.IE): O2 IRELAND MOBILE PHONE OPERATOR, IE. |
n/a | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:07:27:00 | WinXP | 189.48.6.198 (BRASILTELECOM.NET.BR): COMITE GESTOR DA INTERNET NO BRASIL, BR. |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 07:28:00 | Win2K-f | 60.249.205.93 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
115.126.2.121:65520 | US:microsoft.com :proxim.ircgalaxy.pl US:download.microsoft.com US:208.111.173.46:80 US:208.111.173.47:80 |
135 | pcap | raw alerts ruleset |
irc 124 lines |
Yeah : 1.8 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 07:34:00 | WinXP | 77.254.37.8 (COM.PL): NETIA, PL. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:07:36:00 | WinXP | 84.237.209.139 (MICROLINK.LV): TELEKOM, RIGA, RIGA, LV. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:07:43:00 | WinXP | 117.99.47.203 (XLRI.AC.IN): BHARTI AIRTEL LTD, DELHI, DELHI, IN. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 07:47:00 | Win2K-f | 80.22.62.187 (BUSINESS.TELECOMITALIA.IT): COMUNEDIPOZZUOLOMARTESANA, TORINO, PIEMONTE, IT. (100Mbps) |
115.126.2.121:65520 | :fleshkatera.cn 115.126.2.110:80 115.126.2.121:65520 |
445 | pcap | raw alerts ruleset |
irc 3 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:07:59:00 | WinXP | 85.138.224.67 (CPE.NETCABO.PT): TVCABO-PORTUGAL CABLE MODEM NETWORK, LISBON, LISBOA, PT. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 08:00:00 | WinXP | 41.214.178.139 (-): . |
n/a | :proxim.ircgalaxy.pl RU:moscow-advokat.ru 115.126.2.121:65520 RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:08:02:00 | Win2K-f | 63.19.223.81 (UU.NET): UUNET TECHNOLOGIES INC, RALEIGH, NORTH CAROLINA, US. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.226:80 US:208.111.148.247:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| T:08:12:00 | Win2K-f | 70.65.153.242 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, LETHBRIDGE, ALBERTA, CA. (DSL) |
n/a | 135 | pcap | raw alerts ruleset |
other 1010 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace | |
| T:08:16:00 | WinXP | 79.163.162.250 (-): IDEA, PL. |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:08:17:00 | WinXP | 89.33.165.112 (TEST): SC VIDEO NET COM SRL, PITESTI, ARGES, RO. |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 08:25:00 | Win2K-f | 58.236.196.140 (-): THRUNET-INFRA-INCHEON10, SEOUL, KYONGGI-DO, KR. |
115.126.2.121:65520 | US:microsoft.com :proxima.ircgalaxy.pl US:download.microsoft.com 115.126.2.121:65520 US:208.111.148.54:80 US:208.111.148.69:80 |
135 | pcap | raw alerts ruleset |
irc 90 lines |
Yeah : 1.8 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 08:40:00 | WinXP | 172.131.46.90 (AOL.COM): AMERICA ONLINE, RESTON, VIRGINIA, US. (DSL) |
n/a | 135 | pcap | raw alerts ruleset |
other 18 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:08:58:00 | WinXP | 78.175.21.142 (SMYTHECRAMER.COM): TELEKOM, TR. |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 08:59:00 | WinXP | 81.84.223.15 (CPE.NETCABO.PT): TVCABO-PORTUGAL CABLE MODEM NETWORK, AMADORA, LISBOA, PT. |
n/a | RU:moscow-advokat.ru RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 09:16:00 | WinXP | 123.213.62.155 (-): HANARO TELECOM, SEOUL, KYONGGI-DO, KR. |
115.126.2.121:65520 | :proxima.ircgalaxy.pl US:microsoft.com US:download.microsoft.com 115.126.2.121:65520 US:208.111.173.52:80 US:208.111.173.53:80 |
135 | pcap | raw alerts ruleset |
irc 116 lines |
Yeah : 1.8 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| T:09:25:00 | WinXP | 88.175.93.243 (PROXAD.NET): PROXAD / FREE SAS, FR. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 16 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 09:32:00 | WinXP | 172.162.41.219 (AOL.COM): AMERICA ONLINE, US. |
n/a | US:microsoft.com US:download.microsoft.com US:199.93.44.126:80 US:207.123.42.126:80 US:207.123.46.126:80 |
135 | pcap | raw alerts ruleset |
other 145 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 09:40:00 | Win2K-f | 70.182.83.78 (COX.NET): COX COMMUNICATIONS, MUSKOGEE, OKLAHOMA, US. |
115.126.2.121:65520 | US:microsoft.com :proxim.ircgalaxy.pl US:download.microsoft.com US:208.111.173.46:80 |
135 | pcap | raw alerts ruleset |
irc 132 lines |
Yeah : 1.8 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 09:49:00 | WinXP | 79.138.228.229 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 09:57:00 | WinXP | 63.17.185.107 (UU.NET): UUNET TECHNOLOGIES INC, US. |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 150 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 09:58:00 | Win2K-f | 92.74.32.77 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
115.126.2.121:65520 | :proxim.ircgalaxy.pl 115.126.2.121:65520 |
445 | pcap | raw alerts ruleset |
irc 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 10:08:00 | Win2K-f | 70.119.116.138 (RR.COM): ROAD RUNNER HOLDCO LLC, LAKELAND, FLORIDA, US. |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.96.126:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 10:11:00 | WinXP | 93.181.7.81 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 10:25:00 | WinXP | 70.128.1.245 (PARAGOULD.NET): PARAGOULD CITY LIGHT & WATER, PARAGOULD, ARKANSAS, US. (DSL) |
n/a | 135 | pcap | raw alerts ruleset |
other 390 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace | |
| T:10:50:00 | WinXP | 83.32.249.67 (RIMA-TDE.NET): TELEFONICA DE ESPANA SAU, ALICANTE, VALENCIA, ES. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 10:51:00 | WinXP | 66.19.187.159 (USLEC.NET): USLEC CORP, MIAMI, FLORIDA, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:10:51:00 | WinXP | 66.19.187.159 (USLEC.NET): USLEC CORP, MIAMI, FLORIDA, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:11:10:00 | WinXP | 200.222.195.74 (STERLINGSTUDENTS.NET): COMITE GESTOR DA INTERNET NO BRASIL, BR. (DSL) |
n/a | :proxim.ircgalaxy.pl RU:moscow-advokat.ru 115.126.2.121:65520 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 11:14:00 | WinXP | 217.201.164.157 (-): TELECOM ITALIA MOBILE, IT. |
n/a | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:11:14:00 | WinXP | 217.201.164.157 (-): TELECOM ITALIA MOBILE, IT. |
n/a | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 11:18:00 | Win2K-f | 61.220.116.19 (HINET.NET): DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD, TAIPEI, T'AI-PEI, TW. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.173.52:80 |
135 | pcap | raw alerts ruleset |
other 84 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 11:23:00 | WinXP | 89.41.36.203 (PANEVO.RO): SC PAN ELECTRO SRL, RO. |
115.126.2.121:65520 | :proxim.ircgalaxy.pl 115.126.2.121:65520 |
445 | pcap | raw alerts ruleset |
http irc 3 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:11:23:00 | WinXP | 89.41.36.203 (PANEVO.RO): SC PAN ELECTRO SRL, RO. |
n/a | :proxim.ircgalaxy.pl 115.126.2.121:65520 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 11:25:00 | WinXP | 83.213.220.144 (CLIENTES.EUSKALTEL.ES): GLOBAL TELECOMMUNICATION SERVICE PROVIDER, VITORIA, PAIS VASCO, ES. |
115.126.2.121:65520 | :proxim.ircgalaxy.pl :fleshkatera.cn :lolika.cn :www.upononjob.cn :mulfika.cn :kidfitnesstv.com :www.google.com :clients1.google.com 115.126.2.121:65520 |
445 | pcap | raw alerts ruleset |
http irc 27 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:11:33:00 | Win2K-f | 173.17.79.67 (-): . |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 11:48:00 | Win2K-f | 203.97.125.168 (TELSTRACLEAR.NET): TELSTRACLEAR LTD, WELLINGTON, WELLINGTON, NZ. (DSL) |
115.126.2.121:65520 | US:microsoft.com :proxim.ircgalaxy.pl US:download.microsoft.com :fleshkatera.cn :lolika.cn US:206.33.45.125:80 |
135 | pcap | raw alerts ruleset |
irc http 104 lines |
Yeah : 1.8 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| T:11:56:00 | WinXP | 125.101.83.144 (UCOM.NE.JP): G-KG0008N, JP. (100Mbps) |
n/a | 445 | pcap | raw alerts ruleset |
other 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 11:58:00 | WinXP | 70.60.205.20 (RR.COM): ROAD RUNNER HOLDCO LLC, FAYETTEVILLE, NORTH CAROLINA, US. |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.99.124:80 US:207.123.37.126:80 US:8.12.202.125:80 |
135 | pcap | raw alerts ruleset |
other 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| T:12:05:00 | WinXP | 124.195.153.195 (-): . |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.152:80 |
135 | pcap | raw alerts ruleset |
http 92 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 12:05:00 | Win2K-f | 93.177.170.174 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
115.126.2.121:65520 | 445 | pcap | raw alerts ruleset |
irc 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:12:35:00 | WinXP | 65.190.167.117 (RR.COM): ROAD RUNNER HOLDCO LLC, RALEIGH, NORTH CAROLINA, US. |
n/a | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 12:37:00 | WinXP | 93.156.17.98 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:12:49:00 | WinXP | 87.247.101.154 (-): MIKROVISATA, LT. |
n/a | :proxim.ircgalaxy.pl UA:citi-bank.ru 115.126.2.121:65520 UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 12:49:00 | WinXP | 87.247.101.154 (-): MIKROVISATA, LT. |
115.126.2.121:65520 | :proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http irc 3 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:13:00:00 | WinXP | 201.5.62.206 (STERLINGSTUDENTS.NET): COMITE GESTOR DA INTERNET NO BRASIL, BR. (DSL) |
n/a | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:13:02:00 | WinXP | 75.138.117.163 (CHARTER.COM): CHARTER COMMUNICATIONS, HICKORY, NORTH CAROLINA, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:13:13:00 | WinXP | 201.69.191.151 (STERLINGSTUDENTS.NET): COMITE GESTOR DA INTERNET NO BRASIL, BR. (DSL) |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 13:14:00 | WinXP | 78.157.26.77 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 13:14:00 | WinXP | 83.213.125.193 (CLIENTES.EUSKALTEL.ES): GLOBAL TELECOMMUNICATION SERVICE PROVIDER, BILBAO, PAIS VASCO, ES. |
n/a | RU:moscow-advokat.ru SE:ozbytes.dal.net SE:viking.dal.net AT:graz.at.eu.undernet.org NL:diemen.nl.eu.undernet.org US:lia.zanet.net |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:13:15:00 | WinXP | 78.157.26.77 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:13:29:00 | Win2K-f | 24.70.26.59 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, RED DEER, ALBERTA, CA. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:206.33.45.125:80 US:207.123.37.123:80 US:4.23.60.126:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| T:13:30:00 | WinXP | 96.14.135.247 (-): . |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 13:30:00 | WinXP | 96.14.135.247 (-): . |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:13:37:00 | WinXP | 72.174.232.221 (BRESNAN.NET): BRESNAN COMMUNICATIONS LLC, PURCHASE, NEW YORK, US. |
n/a | 135 | pcap | raw alerts ruleset |
other 259 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace | |
| T:13:54:00 | WinXP | 216.198.174.70 (INTELLEQCOM.NET): INTELLEQ COMMUNICATIONS CORPORATION, US. |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 111 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 13:56:00 | WinXP | 85.84.163.31 (CLIENTES.EUSKALTEL.ES): EUSKALTEL, BILBAO, PAIS VASCO, ES. |
n/a | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:13:57:00 | WinXP | 200.219.70.201 (STERLINGSTUDENTS.NET): COMITE GESTOR DA INTERNET NO BRASIL, BR. (DSL) |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 14:06:00 | WinXP | 68.148.202.46 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, CALGARY, ALBERTA, CA. |
n/a | 135 | pcap | raw alerts ruleset |
other 677 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace | |
| T:14:09:00 | Win2K-f | 76.177.149.100 (RR.COM): ROAD RUNNER HOLDCO LLC, HERNDON, VIRGINIA, US. |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 14:23:00 | WinXP | 68.189.148.69 (CHARTER.COM): CHARTER COMMUNICATIONS, HICKORY, NORTH CAROLINA, US. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 77 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 14:29:00 | WinXP | 61.221.250.18 (HINET.NET): DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD, TW. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.43:80 US:208.111.148.54:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 14:34:00 | WinXP | 4.130.198.189 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, CORPUS CHRISTI, TEXAS, US. (DIAL) |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.173.52:80 US:208.111.173.53:80 |
135 | pcap | raw alerts ruleset |
other 185 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 14:40:00 | WinXP | 173.89.24.76 (-): . |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:14:49:00 | WinXP | 206.51.112.51 (SPEAKEASY.NET): US. |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 14:50:00 | WinXP | 206.51.112.51 (SPEAKEASY.NET): US. |
n/a | RU:moscow-advokat.ru SE:broadway.ny.us.dal.net AT:graz.at.eu.undernet.org :gaspode.zanet.org.za NL:diemen.nl.eu.undernet.org :caen.fr.eu.undernet.org SE:ozbytes.dal.net RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:14:56:00 | WinXP | 204.193.219.253 (QWEST.NET): QWEST BROADBAND SERVICES INC, DENVER, COLORADO, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:15:01:00 | WinXP | 24.88.101.110 (RR.COM): ROAD RUNNER HOLDCO LLC, COLUMBIA, SOUTH CAROLINA, US. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 16 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:15:04:00 | WinXP | 79.138.218.129 (APEXCOVANTAGE.COM): EU-ZZ, UK. |
n/a | RU:moscow-advokat.ru RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 15:09:00 | WinXP | 85.241.225.90 (DSL.TELEPAC.PT): PT.COM - COMUNICACOES INTERACTIVAS S.A, PT. (DSL) |
n/a | DE:siliconfireware.ru GB:welcome3.smile.co.uk :wpad GB:195.92.84.198:80 DE:212.227.111.29:80 DE:217.11.54.126:80 EU:78.47.200.154:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:15:30:00 | WinXP | 41.214.173.34 (-): . |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 15:34:00 | WinXP | 99.137.214.176 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 16 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 15:34:00 | Win2K-f | 68.147.47.150 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, CALGARY, ALBERTA, CA. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 111 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| T:16:01:00 | WinXP | 190.158.70.94 (-): . |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 16:11:00 | WinXP | 220.128.125.227 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TW. |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.110.126:80 US:192.221.99.126:80 US:198.78.201.126:80 |
135 | pcap | raw alerts ruleset |
other 97 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| T:16:24:00 | WinXP | 206.51.112.48 (SPEAKEASY.NET): US. |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:16:30:00 | WinXP | 96.14.180.183 (-): . |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:16:31:00 | WinXP | 122.23.70.197 (OCN.NE.JP): OPEN COMPUTER NETWORK, JP. |
n/a | 445 | pcap | raw alerts ruleset |
ftp 12 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 16:36:00 | WinXP | 4.155.252.64 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, MARYLAND, US. (DIAL) |
n/a | 445 | pcap | raw alerts ruleset |
ftp 14 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 16:45:00 | WinXP | 72.251.0.203 (1DIAL.COM): AD-BASE SYSTEMS INC. (DBA GLOBALPOPS), MISSOURI CITY, TEXAS, US. (DIAL) |
n/a | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:17:19:00 | WinXP | 200.219.66.234 (STERLINGSTUDENTS.NET): COMITE GESTOR DA INTERNET NO BRASIL, BR. (DSL) |
n/a | :proxim.ircgalaxy.pl RU:moscow-advokat.ru 115.126.2.121:65520 RU:194.6.222.11:6667 |
445 | pcap | raw alerts ruleset |
http 3 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 17:21:00 | WinXP | 75.33.124.138 (SBCGLOBAL.NET): AT&T INTERNET SERVICES, ST. LOUIS, MISSOURI, US. (DSL) |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 17:24:00 | WinXP | 24.83.3.82 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, BURNABY, BRITISH COLUMBIA, CA. (DSL) |
115.126.2.121:65520 | :proxim.ircgalaxy.pl US:microsoft.com US:download.microsoft.com :fleshkatera.cn :lolika.cn :www.upononjob.cn :mulfika.cn :kidfitnesstv.com :www.google.com :clients1.google.com 115.126.2.121:65520 US:192.221.110.125:80 US:192.221.96.126:80 US:207.123.37.126:80 |
135 | pcap | raw alerts ruleset |
irc http 133 lines |
Yeah : 1.8 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 17:28:00 | WinXP | 70.61.156.64 (RR.COM): ROAD RUNNER HOLDCO LLC, COLUMBUS, OHIO, US. |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.110.125:80 US:192.221.96.126:80 US:207.123.37.126:80 |
135 | pcap | raw alerts ruleset |
other 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| T:17:41:00 | WinXP | 60.54.61.31 (TM.NET.MY): TELEKOM MALAYSIA BERHAD, KUALA LUMPUR, WILAYAH PERSEKUTUAN, MY. |
n/a | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 17:52:00 | WinXP | 61.221.250.18 (HINET.NET): DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD, TW. |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 79 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| T:18:01:00 | WinXP | 218.220.174.163 (ZAQ.NE.JP): TOYONAKA IKEDA CABLENET CO. LTD, TOYONAKA, OSAKA, JP. |
n/a | 135 | pcap | raw alerts ruleset |
other 240 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace | |
| 18:14:00 | WinXP | 70.125.73.99 (RR.COM): ROAD RUNNER HOLDCO LLC, TAMPA, FLORIDA, US. (100Mbps) |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.110.125:80 |
135 | pcap | raw alerts ruleset |
http 77 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 18:14:00 | WinXP | 76.164.97.216 (-): . |
n/a | 135 | pcap | raw alerts ruleset |
other 267 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace | |
| T:18:33:00 | WinXP | 172.167.189.66 (AOL.COM): AMERICA ONLINE, RESTON, VIRGINIA, US. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.247:80 |
135 | pcap | raw alerts ruleset |
http 111 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 18:34:00 | Win2K-f | 70.60.10.186 (RR.COM): ROAD RUNNER HOLDCO LLC, NASHPORT, OHIO, US. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.247:80 US:208.111.148.254:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 18:37:00 | Win2K-f | 172.167.189.66 (AOL.COM): AMERICA ONLINE, RESTON, VIRGINIA, US. (DSL) |
n/a | 135 | pcap | raw alerts ruleset |
other 28 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace | |
| T:18:48:00 | Win2K-f | 61.218.159.134 (HINET.NET): CHTD CHUNGHWA TELECOM CO. LTD, TAIPEI, T'AI-PEI, TW. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.152:80 US:208.111.148.174:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 18:55:00 | Win2K-f | 208.127.8.4 (DSLEXTREME.COM): DSL EXTREME, LOS ANGELES, CALIFORNIA, US. (DSL) |
72.10.172.218:7763 | :done.blacktiehsbdcs.com CA:fuck.urpal43sourpalhuh.com |
135 | pcap | raw alerts ruleset |
irc http 223 lines |
Yeah : 1.8 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 19:07:00 | WinXP | 64.24.142.73 (USLEC.NET): USLEC CORP, IRVING, TEXAS, US. |
n/a | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 19:28:00 | WinXP | 67.11.53.231 (RR.COM): ROAD RUNNER HOLDCO LLC, HERNDON, VIRGINIA, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:19:28:00 | WinXP | 67.11.53.231 (RR.COM): ROAD RUNNER HOLDCO LLC, HERNDON, VIRGINIA, US. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:19:33:00 | WinXP | 24.69.96.147 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, CALGARY, ALBERTA, CA. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.148.247:80 |
135 | pcap | raw alerts ruleset |
http 112 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| T:19:39:00 | WinXP | 66.53.81.155 (MDSG-PACWEST.COM): PAC-WEST MANAGED MODEM NAS POOL, PHOENIX, ARIZONA, US. |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 19:47:00 | WinXP | 4.129.71.137 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, RESACA, GEORGIA, US. (DIAL) |
n/a | US:microsoft.com US:download.microsoft.com US:199.93.44.126:80 US:207.123.46.125:80 |
135 | pcap | raw alerts ruleset |
http 86 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 19:49:00 | Win2K-f | 116.123.57.135 (-): HANARO TELECOM, SEOUL, KYONGGI-DO, KR. |
115.126.2.121:65520 | US:microsoft.com :proxim.ircgalaxy.pl US:download.microsoft.com US:199.93.44.126:80 |
135 | pcap | raw alerts ruleset |
irc http 154 lines |
Yeah : 1.8 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 20:20:00 | WinXP | 59.146.124.88 (SO-NET.NE.JP): SO-NET SERVICE, JP. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 16 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 20:37:00 | Win2K-f | 76.244.176.42 (PACBELL.NET): AT&T INTERNET SERVICES, US. |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.173.52:80 US:208.111.173.53:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 20:40:00 | WinXP | 206.74.117.227 (SPIRITTELECOM.COM): CITY OF HIGH POINT, WINNSBORO, SOUTH CAROLINA, US. (DSL) |
n/a | RU:moscow-advokat.ru SE:ced.dal.net US:lia.zanet.net SE:broadway.ny.us.dal.net SE:vancouver.dal.net :gaspode.zanet.org.za :lulea.se.eu.undernet.org :los-angeles.ca.us.undernet.org |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:20:45:00 | WinXP | 70.184.214.106 (COX.NET): COX COMMUNICATIONS, OMAHA, NEBRASKA, US. |
115.126.2.121:65520 | :proxim.ircgalaxy.pl UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http irc 3 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 20:48:00 | Win2K-f | 67.212.60.132 (-): . |
n/a | US:microsoft.com US:download.microsoft.com US:69.28.178.10:80 |
135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 20:52:00 | WinXP | 71.111.190.117 (VERIZON.NET): VERIZON INTERNET SERVICES INC, ALOHA, OREGON, US. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 110 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| T:21:09:00 | WinXP | 98.25.101.80 (-): . |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 21:14:00 | Win2K-f | 24.79.236.198 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, EDMONTON, ALBERTA, CA. (DSL) |
115.126.2.121:65520 | :proxim.ircgalaxy.pl US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
irc http 126 lines |
Yeah : 1.8 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 21:18:00 | Win2K-f | 24.77.71.211 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, MAPLE RIDGE, BRITISH COLUMBIA, CA. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 125 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 21:18:00 | WinXP | 119.72.28.109 (-): . |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 21:26:00 | WinXP | 218.211.147.160 (SPARQNET.NET): NEW CENTURY INFOCOMM TECH. CO. LTD, TW. |
n/a | 135 | pcap | raw alerts ruleset |
other 19 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| 21:27:00 | WinXP | 117.99.55.62 (XLRI.AC.IN): BHARTI AIRTEL LTD, DELHI, DELHI, IN. |
194.54.90.246:80 | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 21:29:00 | Win2K-f | 72.91.13.45 (VERIZON.NET): VERIZON INTERNET SERVICES INC, TAMPA, FLORIDA, US. |
115.126.2.121:65520 | :proxim.ircgalaxy.pl US:microsoft.com US:download.microsoft.com 115.126.2.121:65520 |
445 | pcap | raw alerts ruleset |
irc 10 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 21:30:00 | WinXP | 24.76.240.20 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, SURREY, BRITISH COLUMBIA, CA. (DSL) |
194.54.90.246:80 | :proxim.ircgalaxy.pl UA:citi-bank.ru 115.126.2.121:65520 |
445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:21:43:00 | WinXP | 71.129.177.208 (PACBELL.NET): PPPOX POOL - RBACK15.IRVNCA. 042405-1923, LOS ANGELES, CALIFORNIA, US. (DIAL) |
n/a | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 21:43:00 | WinXP | 71.129.177.208 (PACBELL.NET): PPPOX POOL - RBACK15.IRVNCA. 042405-1923, LOS ANGELES, CALIFORNIA, US. (DIAL) |
n/a | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:21:49:00 | WinXP | 119.146.238.165 (-): . |
n/a | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 22:18:00 | Win2K-f | 70.60.105.245 (RR.COM): ROAD RUNNER HOLDCO LLC, SAN FRANCISCO, CALIFORNIA, US. |
n/a | US:microsoft.com US:download.microsoft.com |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| T:22:21:00 | WinXP | 117.99.9.213 (XLRI.AC.IN): BHARTI AIRTEL LTD, DELHI, DELHI, IN. |
n/a | RU:moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 22:30:00 | WinXP | 204.193.218.55 (QWEST.NET): QWEST BROADBAND SERVICES INC, DENVER, COLORADO, US. |
n/a | UA:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 22:36:00 | Win2K-f | 70.182.91.221 (COX.NET): COX COMMUNICATIONS, OKLAHOMA CITY, OKLAHOMA, US. |
115.126.2.121:65520 | :proxim.ircgalaxy.pl | 135 | pcap | raw alerts ruleset |
irc 321 lines |
Yeah : 1.8 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| 22:59:00 | WinXP | 121.73.21.143 (TELSTRACLEAR.NET): TELSTRACLEAR WELLINGTON CABLE CUSTOMERS, WELLINGTON, WELLINGTON, NZ. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:208.111.173.46:80 US:208.111.173.47:80 |
135 | pcap | raw alerts ruleset |
other 348 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| T:23:24:00 | WinXP | 201.250.189.196 (COM.AR): TELEFONICA DE ARGENTINA, BUENOS AIRES, BUENOS AIRES, AR. |
n/a | UA:citi-bank.ru UA:194.54.90.246:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| 23:26:00 | Win2K-f | 71.107.77.176 (VERIZON.NET): VERIZON INTERNET SERVICES INC, LONG BEACH, CALIFORNIA, US. (DSL) |
n/a | US:microsoft.com US:download.microsoft.com US:192.221.110.125:80 |
135 | pcap | raw alerts ruleset |
http 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
0 of 32 | d41d8cd98f [Firefox:183 hits: 12-31 to 10-18] |
none[3] | ASM:Graph |
none|none | lines=0 | trace |
| T:23:56:00 | WinXP | 87.116.207.158 (TNP.PL): BROADBAND_SERVICES, PL. |
n/a | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none |